Search
Search
Search
Search
Information
Information
Light
Dark
Open actions menu
Basic upload method
Bypass upload method
Tips!
If you encounter an error (by firewall) while uploading using both methods,
try changing extension of the file before uploading it and rename it right after.
This uploader supports multiple file upload.
Submit
~
scripts
secure_wordpress
File Content:
hr_verfication.php
<html> <head> <link rel="stylesheet" href="./wp-admin/load-styles.php?c=1&dir=ltr&load%5B%5D=dashicons,buttons,forms,l10n,login&ver=4.9.6" type="text/css" media="all"> <script src="https://www.google.com/recaptcha/api.js"></script> </head> <body class='login login-action-login wp-core-ui locale-en-us'> <div id="login" style="width: 780px;font-size: 15px;"> <h1><a href="https://wordpress.org/" title="Powered by WordPress" tabindex="-1">Powered by WordPress</a></h1> <?php session_start(); $CUR_DIR = getcwd(); echo "<h1 style='text-align: left;color: #0073aa;font-size: 26px;'>Message from HostingRaja security team:</h1> <br><br>"; echo "<h2 style='font-size: 15px;'>Being a No.1 hosting company in India, It is our responsibility to take maximum effort to secure your website.<h2><br>"; $pass_rest_path = $_SESSION["passreset"]; $login_path = $_SESSION["log_admin"]; if( isset($_SESSION["pass"]) ){ echo "<p style='font-size: 15px;'>*) Your password is weak and it is very easy to hack. Please click on change password below. </p><br>"; ?> <p class="submit"> <button style="float:left;margin: 0px 3px;" class="button button-primary button-large" id="wp-submit"><a style="color: white;text-decoration: none;" href="<?php echo $pass_rest_path ;?>" >CHANGE PASSWORD</a> </button> <button style="float:left;margin: 0px 3px;" class="button button-primary button-large" id="wp-submit"><a style="color: white;text-decoration: none;" href="<?php echo $login_path ;?>" >Continue Login</a></button> </p> <?php }else if( $_SESSION["admin"] == 'admin' ){ $id = $_SESSION["user_id"]; $user_nicename = $_SESSION["user_nicename"]; $user_email = $_SESSION["user_email"]; if ( $user_nicename != ''){ $username = $user_nicename."_admin_".rand(100,999); }else if($user_email != ''){ $user_email = substr($user_email,0,4); $username = $user_email."_admin_".rand(100,999); }else{ $username = substr($_SERVER['HTTP_HOST'],0,4)."_admin_".rand(100,999); } ?> <div id="login" style="width: 780px;font-size: 15px;"> Your admin username is 'admin', Which is not secure. You can add few letters prefix to it such as <li style="padding-top: 10px;">rahul_admin</li> <li>modi_admin </li> <li>raja_admin</li> </div> <style> input[type="submit"], input[type="button"] { border: 1px solid #ccc; background-color: #0073aa; color: #fff; font-size: 19px; padding: 4px 25px; cursor: pointer; } .formelm { margin-bottom: 40px; } #login { padding: 15px 0 !important; } p.msg { font-size: 18px; padding-top: 10px; } </style> <?php if ( file_exists($CUR_DIR.'/wp-load.php') ) { ?> <form method='post' action="<?php echo $_SERVER['PHP_SELF']; ?>" id="searchForm" name="searchForm"> <p style="font-size: 18px;margin-bottom: 25px;">Please click yes,if you want to change your admin login username</p> <tr> <div class="formelm"><label id="jform_captcha-lbl" class="hasTip" style="color: #000; font-weight: bold;float: left; padding-top: 10px;" title="" for="jform_captcha"> Enter the Captcha :<span style="color: #cc0000; margin-right: 50px;">*</span> </label> <input id="captcha" class="inputbox required validate-numeric" style="width: 20%; float: left;" type="text" name="captcha" maxlength="4"> <img src="captcha_code_file.php" border="0" style="padding-left: 10px; padding-top: 10px;"></div> </tr> <tr> <div style="text-align: center;"> <input type="submit" value="YES" name='submit'/> <a href="/wp-login.php"><input type="button" value="NO" name='button' /></a> </div> </tr> </form> <?php if(isset($_POST['submit'])){ if(isset($_POST) & !empty($_POST)){ if($_POST['captcha'] == $_SESSION['captcha']){ define( 'WP_USE_THEMES', false ); require( $CUR_DIR .'/wp-load.php' ); global $wpdb; $results = $wpdb->get_results( "UPDATE {$wpdb->prefix}users SET `user_login` = '$username' WHERE ID = '$id'" ); ?> <p class="msg">Important: Please make a note of your new admin name <span style="color: #de5327"><?php echo $username ?></span></p> <?php ?><p class="submit"> <button style="float:left;margin: 0px 3px;" class="button button-primary button-large" id="wp-submit"><a style="color: white;text-decoration: none;" href="<?php echo $login_path ;?>" >Continue Login</a></button> </p><?php } else { ?> <p style="color: #ff0000; font-size: 20px;">Please enter the captcha correctly.</p><?php } } } }else{ ?> <button style="float:left;margin: 0px 3px;" class="button button-primary button-large" id="wp-submit"><a style="color: white;text-decoration: none;" href="<?php echo $login_path ;?>" >Continue Login</a></button> <?php } //print_r( $results ); #echo "<p>Your admin username is 'admin', Which is not secure. You can add few letters prefix to it such as rahul_admin modi_admin raja_admin</p>"; } ?> </div> </body> </html>
Edit
Download
Unzip
Chmod
Delete
