403Webshell
Server IP : 66.29.132.124  /  Your IP : 13.58.105.80
Web Server : LiteSpeed
System : Linux business141.web-hosting.com 4.18.0-553.lve.el8.x86_64 #1 SMP Mon May 27 15:27:34 UTC 2024 x86_64
User : wavevlvu ( 1524)
PHP Version : 7.4.33
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /proc/self/root/usr/local/sbin/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ Back ]     

Current File : /proc/self/root/usr/local/sbin/wpfix
#!/bin/bash

replace_default_f() {
log "Replacing the WordPress default files..." 
wget -c https://wordpress.org/latest.tar.gz -O - | tar -xz 

# Create rollback for default files.
def_f_rollback=default_f_pre-restore.tar.gz
def_wp_f=$(find wordpress/ -type f | sed s/wordpress/\./)
# Back up the default files that are being replaced, and replace them.
tar -zcf $def_f_rollback $def_wp_f && rsync -r wordpress/* ./ && rm -rf wordpress
}

rollback_defaut_f() {
  tar -zxf $def_f_rollback
  rm -v $def_f_rollback
}

enable_plugins() {
  for p in $@; do
    mv ${p}_$rnd_str $p
  done
}

disable_plugins() {
  for p in $@; do
    mv $p ${p}_$rnd_str
  done
}

check_plugins() {
  # Create a list of plugins directories for enabling and disabling.

  local mv_plugins_list=()
  for (( pi=0, p=$1; $p < $2; (( ++p, ++pi )) )); do
    mv_plugins_list+=( ${inst_plugin_dirs[$p]} )
  done
  enable_plugins ${mv_plugins_list[@]}
  
  check_if_ok;

  disable_plugins ${mv_plugins_list[@]}
}

check_if_ok() {
  sleep 10s;
  w='';
  w=$(curl -sLD - -o /dev/null -w "%{url_effective}" $URL | grep -P "(?<=HTTP/1.1 )(\d+)" -o | tail -n 1);
  sleep 10s;
}

log() {
  echo $@ | tee -a $LOGFILE
}

exit_and_clean() {
  rm -f "${db_cfg}"
  exit $1
}

rnd_str=$(date +%d-%m-%Y_%H.%M.%S);

wp=/usr/local/sbin/wp
php=/opt/cpanel/ea-php72/root/usr/bin/php
PATH="/opt/cpanel/ea-php72/root/usr/bin:${PATH}"


DOCROOT=$1
DOMAIN=$2
ACTION=$3
DIR=$4
URL=$(echo $5 | sed -E "s/https?\:\/\///g")
TEST_PLUGINS=$6

[[ $DIR == "--nodir--" ]] && DIR=''
[[ $URL == "--nourl--" ]] && unset URL
CWD_TO="${DOCROOT}/${DIR}"

if [[ -d $CWD_TO ]]; then
  log "Change work dir to the ${CWD_TO}";
  cd ${CWD_TO}
else
  log "Error. Directory ${CWD_TO} does not exist. Abording."
  exit_and_clean
fi

LOGFILE="$CWD_TO/wpfix_${rnd_str}.log"

if [[ -f ${CWD_TO}/wp-config.php ]]; then
  db_cfg="myWpFix.cnf";
  db_name=$(grep "define( 'DB_NAME', '.*' );" wp-config.php | cut -d' ' -f 3 | tr -d "'");
  db_user=$(grep "define( 'DB_USER', '.*' );" wp-config.php | cut -d' ' -f 3 | tr -d "'");
  db_pas=$(grep "define( 'DB_PASSWORD', '.*' );" wp-config.php | cut -d' ' -f 3 | tr -d "'");
  tpref=$(grep "\$table_prefix = '.*'" wp-config.php | grep -oP "\'.+\'" | grep -oP "[\w\d_]*");
  wpoptions=$tpref"options";
  def_theme="twentytwenty";
else
  log "Error. File ${CWD_TO}/wp-config.php does not exist. Abording."
  exit_and_clean
fi


echo -e "[client]\nuser=$db_user\npassword=$db_pas" > $db_cfg;

[[ -z $URL ]] && URL="$(mysql --defaults-extra-file=$db_cfg $db_name -e "select option_value from ${tpref}options where option_name='siteurl';" | grep http || echo $DOMAIN)"


if [ ${ACTION} != "fix" ]; then
  unset ACTION
  log "Checking... ${URL} ${CWD_TO} log file location ${LOGFILE}";
else
  log "Working on ${ACTION}, ${URL} ${DOCROOT} log file location ${LOGFILE}";
fi

if [ "$URL" == '' ]; then
  log "Error, target link/URL is missing.";
  exit_and_clean 1;
fi

check_if_ok;
if [ "$w" == "200" ]; then
  log "The return code is 200 OK, aborting.";
  exit_and_clean 0;
fi

# Check permissions. 
log "Checking permissions...";
chmod 750 ./;
find ./ -type f -not -perm 644 -not -name ".ftpquota" -exec chmod 644 -c {} \; ; find ./ -type d -not -perm 755 -not -group nobody -exec chmod 755 -c {} \;
check_if_ok;

if [ "$w" != "200" ]; then
  log "The error is still here.";
else
  log "The error is gone, it was caused by incorrect files/folders permissions.";
  exit_and_clean 0;
fi

# Check .htaccess. 
log "Renaming .htaccess.";
mv .htaccess .htaccess_$rnd_str;
check_if_ok;

if [ "$w" != "200" ]; then
  log "The error is still here, renaming .htaccess back.";
  mv .htaccess_$rnd_str .htaccess;
else 
  log "The error is gone, it was caused by .htaccess.";

  if [ -z ${ACTION} ]; then
    log "The -f parameter has not been provided. Renaming .htaccess back."
    mv .htaccess_$rnd_str .htaccess;
  fi
  exit_and_clean 0;
fi


# Check default files.
replace_default_f

check_if_ok;
if [ "$w" == "200" ]; then
  log "The error is gone, it was caused by an error in one of the default files.";

  if [[ -z $ACTION ]]; then
    log "The -f parameter has not been provided, restoring the previous default files."
    rollback_defaut_f
  else 
    rm -v $def_f_rollback
  fi

  exit_and_clean 0;
else
  log "Replacing the default files did not help.";
  tar -zxf $def_f_rollback
  rm -v $def_f_rollback
fi

# Check plugins
if [[ $TEST_PLUGINS ]]; then
  for p in $(find wp-content/plugins/ -maxdepth 1 -type d | tail -n +2); do
    inst_plugin_dirs+=($p)
    inst_plugin_names+=( $(echo $p | rev | cut -d/ -f1 | rev) )
  done; 
  
  log "Currently installed plugins: ${inst_plugin_names[@]}"
  log "Disabling all plugins."
  disable_plugins ${inst_plugin_dirs[@]}
  check_if_ok;

  if [ "$w" == "200" ]; then
    log "The error is gone, it was caused by one of the installed plugins";
    plugins_err=1;
  else
    log "Disabling of the plugins did not help.";
    plugins_err=0;
  fi


  # If the error is caused by plugins, find which plugins specifically are causing the error
  if [[ $plugins_err -eq 1 ]]; then
    log "Looking for broken plugins. This may take a while..."
    
    # Array of index range of plugins with errors.
    min_max_indexes=( 0 ${#inst_plugin_dirs[@]} )
    # Keep looking for pluings with errors as long as there is a range of indexes of plugins with errors.
    while [[ -n "${min_max_indexes[@]}" ]]; do
      # Get the minimum, maximum and the middle point values of the last available index range.
      min=${min_max_indexes[ $(echo $(( ${#min_max_indexes[@]} - 2 )) ) ]}
      max=${min_max_indexes[ $(echo $(( ${#min_max_indexes[@]} - 1 )) ) ]}
      pivot=$(( $(( $min + $(( $max - $min )) / 2)) ))
      # Remove the latest index range. 
      unset min_max_indexes[$(echo $(( ${#min_max_indexes[@]} - 1 )) )]
      unset min_max_indexes[$(echo $(( ${#min_max_indexes[@]} - 1 )) )]
      # Enable the selected range of plugins, and theck for the error.
      # If the error is not present, then the current range of indexes can be discarded.

      check_plugins $min $max
      if [[ "$w" != "200" ]]; then
        # If the error is present, and minimal index is equal to the middle point, then the range of indexes was narrowed down to a single plugin. 
        # Add the plugin index to the array of plugin indexes with errors.
        if [[ $min -eq $pivot ]]; then
          err_plug_i+=($pivot)
        # If the minimal index is less than the middle point, then there are more than one plugins in the index range.
        # Add the current range of indexes as two ranges.
        else
          min_max_indexes+=($min $pivot $pivot $max)
        fi

      fi
    done

    for (( i=0; $i < ${#err_plug_i[@]}; (( ++i )) )); do
      broken_plugin_dirs+=( $(echo ${inst_plugin_dirs[ ${err_plug_i[$i]} ]}) )
      broken_plugins+=( $(echo "${inst_plugin_dirs[ ${err_plug_i[$i]} ]}" | rev | cut -d/ -f1 | rev) )
    done
    log "Broken plugins: ${broken_plugins[@]}"

    if [[ -n "${ACTION}" ]]; then
      log "Disabling broken plugins."
      enable_plugins ${inst_plugin_dirs[@]}

      disable_plugins ${broken_plugin_dirs[@]}
      exit_and_clean 0;
    fi
  fi
  
  if [ -z ${ACTION} ] || [ $plugins_err -eq 0 ]; then
      log "Restoring plugins to ${inst_plugin_names[@]}"

      enable_plugins ${inst_plugin_dirs[@]}
      if  [[ $plugins_err -eq 1 ]]; then
        exit_and_clean;
      fi
  fi
fi

# Check the current theme
cur_theme=$(mysql --defaults-extra-file=$db_cfg $db_name -e "select option_value from $wpoptions where option_name='stylesheet';" | tail -n +2);

log "Changing the current $cur_theme theme to $def_theme.";

mysql --defaults-extra-file=$db_cfg $db_name -e "update $wpoptions set option_value='$def_theme' where option_name='template' or option_name='stylesheet';"

check_if_ok;
if [ "$w" == "200" ]; then
  log "The error is gone, it was caused by the $cur_theme theme.";
  if [ -z ${ACTION} ]; then
    log "The -f paramenter has not been provided. Changing the theme back to $cur_theme.";
    mysql --defaults-extra-file=$db_cfg $db_name -e "update $wpoptions set option_value='$cur_theme' where option_name='template' or option_name='stylesheet';"
  fi
else
  log "Let's disable everything.";
  log "Disabling theme..."
  log "Disabling .htaccess..."

  mv .htaccess .htaccess_$rnd_str;
  replace_default_f

  if [[ $TEST_PLUGINS ]]; then
    log "Disabling all plugins..."
    disable_plugins ${inst_plugin_dirs[@]}
  fi

  check_if_ok;

  if [ "$w" == "200" ]; then
    log "The error is gone."
    log "Multiple points of failure are present."

  if [ -z ${ACTION} ]; then
    log "The -f paramenter has not been provided. Reversing the changes.";
    mv .htaccess_$rnd_str .htaccess
    rollback_defaut_f
    if [[ $TEST_PLUGINS ]]; then
      enable_plugins ${inst_plugin_dirs[@]}
    fi

    log "Changing the $def_theme theme back to $cur_theme.";
    mysql --defaults-extra-file=$db_cfg $db_name -e "update $wpoptions set option_value='$cur_theme' where option_name='template' or option_name='stylesheet';"

  fi

  else
    log "Nope, it didn't work. Reversing the changes.";

    mv .htaccess_$rnd_str .htaccess
    rollback_defaut_f
    if [[ $TEST_PLUGINS ]]; then
      enable_plugins ${inst_plugin_dirs[@]}
    fi

    log "Changing the $def_theme theme back to $cur_theme.";
    mysql --defaults-extra-file=$db_cfg $db_name -e "update $wpoptions set option_value='$cur_theme' where option_name='template' or option_name='stylesheet';"

    log "Try resetting CageFS, disabling ModSecurity.";
    log "If none of that works, send to web developer; or check with SME first and then send to web developer.";
  fi

fi
rm $db_cfg

Youez - 2016 - github.com/yon3zu
LinuXploit