403Webshell
Server IP : 103.119.228.120  /  Your IP : 3.128.31.227
Web Server : Apache
System : Linux v8.techscape8.com 3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 #1 SMP Mon Jul 15 12:09:18 UTC 2024 x86_64
User : nobody ( 99)
PHP Version : 5.6.40
Disable Function : shell_exec,symlink,system,exec,proc_get_status,proc_nice,proc_terminate,define_syslog_variables,syslog,openlog,closelog,escapeshellcmd,passthru,ocinum cols,ini_alter,leak,listen,chgrp,apache_note,apache_setenv,debugger_on,debugger_off,ftp_exec,dl,dll,myshellexec,proc_open,socket_bind,proc_close,escapeshellarg,parse_ini_filepopen,fpassthru,exec,passthru,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,popen,show_source,proc_nice,proc_terminate,proc_get_status,proc_close,pfsockopen,leak,apache_child_terminate,posix_kill,posix_mkfifo,posix_setpgid,posix_setsid,posix_setuid,dl,symlink,shell_exec,system,dl,passthru,escapeshellarg,escapeshellcmd,myshellexec,c99_buff_prepare,c99_sess_put,fpassthru,getdisfunc,fx29exec,fx29exec2,is_windows,disp_freespace,fx29sh_getupdate,fx29_buff_prepare,fx29_sess_put,fx29shexit,fx29fsearch,fx29ftpbrutecheck,fx29sh_tools,fx29sh_about,milw0rm,imagez,sh_name,myshellexec,checkproxyhost,dosyayicek,c99_buff_prepare,c99_sess_put,c99getsource,c99sh_getupdate,c99fsearch,c99shexit,view_perms,posix_getpwuid,posix_getgrgid,posix_kill,parse_perms,parsesort,view_perms_color,set_encoder_input,ls_setcheckboxall,ls_reverse_all,rsg_read,rsg_glob,selfURL,dispsecinfo,unix2DosTime,addFile,system,get_users,view_size,DirFiles,DirFilesWide,DirPrintHTMLHeaders,GetFilesTotal,GetTitles,GetTimeTotal,GetMatchesCount,GetFileMatchesCount,GetResultFiles,fs_copy_dir,fs_copy_obj,fs_move_dir,fs_move_obj,fs_rmdir,SearchText,getmicrotime
MySQL : ON |  cURL : ON |  WGET : ON |  Perl : ON |  Python : ON |  Sudo : ON |  Pkexec : ON
Directory :  /var/softaculous/wp56/

Upload File :
current_dir [ Writeable] document_root [ Writeable]

 

Command :


[ Back ]     

Current File : /var/softaculous/wp56/sign_on.php
<?php

if(!class_exists('Redis')){
	@unlink(__FILE__);
}

// Validate if the request is from Softaculous
if($_REQUEST['pass'] != '[[autopass]]'){
	die("Unauthorized Access");
}

if(isset($_REQUEST['FLUSH_CACHE'])){
	
	@unlink(__FILE__);

	define( 'WP_USE_THEMES', false );
	require __DIR__ . '/wp-blog-header.php';

	wp_cache_flush();

	// Redirect to admin page or requested page
	$redirect_to = admin_url();
	if(!empty($_REQUEST['redirect_to'])){
		$redirect_to = $_REQUEST['redirect_to'];
	}
	wp_safe_redirect( $redirect_to );

	exit();
}

// Dummy plugin dir so that no plugins are loaded as they conflict with our login process
define('WPMU_PLUGIN_DIR', '[[softpath]]/[[autopass]]');
define('WP_PLUGIN_DIR', '[[softpath]]/[[autopass]]');
define('WP_CONTENT_DIR', '[[softpath]]/[[autopass]]');
define('WP_USE_THEMES', false);

// Some themes check the current login script name
$_SERVER['SCRIPT_NAME'] = '/wp-login.php';

require('wp-blog-header.php');
require('wp-includes/pluggable.php');

// If the user is already logged in simply redirect to admin page
if(!is_user_logged_in()){
	
	$signon_user = '[[signon_username]]';

	//Backword compatibility ($__setting['signon_username'] won't be there in previous versions <= 5.2.3)
	if(!empty($signon_user) && !preg_match('/^\[\[(.*?)\]\]$/is', $signon_user)){
		$user = get_user_by('login', $signon_user);
	}else{
		$user_info = get_userdata(1);
		
		// Try to find an admin if we do not have any admin with ID => 1
		if(empty($user_info) || empty($user_info->user_login)){
			$admin_id = get_users(array('role__in' => array('administrator'), 'number' => 1, 'fields' => array('ID')));
			$user_info = get_userdata($admin_id[0]->ID);
		}
		
		$username = $user_info->user_login;
		$user = get_user_by('login', $username);
	}
	
	// Create the session
	if(!is_wp_error($user)){
		wp_clear_auth_cookie();
		wp_set_current_user($user->ID);
		wp_set_auth_cookie($user->ID);
		
		// Create a session for wp-simple-firewall plugin
		if(file_exists(dirname(__FILE__).'/wp-content/plugins/wp-simple-firewall')){
			
			try{
				
				global $wpdb;
				
				$wpsf_session_id = md5(uniqid('icwp-wpsf'));
				
				$wpdb->insert($wpdb->prefix."icwp_wpsf_sessions", array(
				   "session_id" => $wpsf_session_id,
				   "wp_username" => $user->user_login,
				   "ip" => $_SERVER['REMOTE_ADDR'],
				   "browser" => md5($_SERVER['HTTP_USER_AGENT']),
				   "last_activity_uri" => "/wp-login.php",
				   "logged_in_at" => time(),
				   "last_activity_at" => time(),
				   "login_intent_expires_at" => 0,
				   "secadmin_at" => 0,
				   "created_at" => time(),
				   "deleted_at" => 0,
				));
				
				setcookie("wp-icwp-wpsf", $wpsf_session_id, time()+ DAY_IN_SECONDS * 30);
				
			} catch(Exception $e){
				
			}
		}
	}
}

if(class_exists('Redis')){
	// Redirect to flush cache
	$redirect_to = $_SERVER['REQUEST_URI'].'&FLUSH_CACHE=1';
	wp_safe_redirect( $redirect_to );
	exit();
}
@unlink(__FILE__);

// Redirect to admin page or requested page
$redirect_to = admin_url();
if(!empty($_REQUEST['redirect_to'])){
	$redirect_to = $_REQUEST['redirect_to'];
}
wp_safe_redirect( $redirect_to );

exit();

Youez - 2016 - github.com/yon3zu
LinuXploit