Sh3ll
OdayForums


Server : Apache
System : Linux server1.cgrithy.com 3.10.0-1160.95.1.el7.x86_64 #1 SMP Mon Jul 24 13:59:37 UTC 2023 x86_64
User : nobody ( 99)
PHP Version : 8.1.23
Disable Function : NONE
Directory :  /var/softaculous/classicpress/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : //var/softaculous/classicpress/sign_on.php
<?php
@unlink(__FILE__);

// Validate if the request is from Softaculous
if($_REQUEST['pass'] != '[[autopass]]'){
	die("Unauthorized Access");
}

// Dummy plugin dir so that no plugins are loaded as they conflict with our login process
define('WP_PLUGIN_DIR', '[[softpath]]/[[autopass]]');

require('wp-blog-header.php');
require('wp-includes/pluggable.php');

$signon_user = '[[signon_username]]';

//Backword compatibility ($__setting['signon_username'] won't be there in previous versions <= 5.2.3)
if(!empty($signon_user) && !preg_match('/^\[\[(.*?)\]\]$/is', $signon_user)){
	$user = get_user_by('login', $signon_user);
}else{
	$user_info = get_userdata(1);
	// Automatic login //
	$username = $user_info->user_login;
	$user = get_user_by('login', $username);
}

// Redirect URL //
if ( !is_wp_error( $user ) )
{
    wp_clear_auth_cookie();
    wp_set_current_user ( $user->ID );
    wp_set_auth_cookie  ( $user->ID );

    $redirect_to = admin_url();
    wp_safe_redirect( $redirect_to );

    exit();
}

ZeroDay Forums Mini