HEX
Server: Apache
System: Linux msm5694.mjhst.com 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
User: camjab_ssh (1000)
PHP: 5.3.29
Disabled: NONE
$ pwd: /home/httpd/html/bloggers/spinningkings.com/public_html/
Upload Files
File: /home/httpd/html/bloggers/spinningkings.com/public_html/wp-reset.sh
#!/bin/bash

WPCONFIG="wp-config.php"


if [ ! -f "$WPCONFIG" ]
then

        echo "wp-config.php does not exist in working directory"
exit 1
fi



# Generate a random password to use later
NEWPASS=`cat /dev/urandom|tr -dc A-Za-z0-9|head -c16`

##################################
##Get the fields from wp-config.php
#################################
DBNAME=`grep DB_NAME $WPCONFIG|cut -f2 -d','|cut -f1 -d')'|tr -d "\'"|tr -d ' '|sed -e 's/[\t ]//g;/^$/d'`
DBUSER=`grep DB_USER $WPCONFIG|cut -f2 -d','|cut -f1 -d')'|tr -d "\'"|tr -d ' '|sed -e 's/[\t ]//g;/^$/d'`
DBPASS=`grep DB_PASSWORD $WPCONFIG|cut -f2 -d','|cut -f1 -d')'|tr -d "\'"|tr -d ' '|sed -e 's/[\t ]//g;/^$/d'`
DBHOST=`grep DB_HOST $WPCONFIG|cut -f2 -d','|cut -f1 -d')'|tr -d "\'"|tr -d ' '|sed -e 's/[\t ]//g;/^$/d'`
DBPREFIX=`grep table_prefix $WPCONFIG|cut -d\' -f2|sed -e 's/[\t ]//g;/^$/d'`

#And set the Mysql command line options
CRED="-u$DBUSER -p$DBPASS -h$DBHOST $DBNAME -bNr "

#######################################
##Count the number of admin users, if more than 1 user then let admin select appropriate 1 or ctrl+c to exit
checkadmins=$(mysql $CRED -e " select user_id from ${DBPREFIX}usermeta where meta_key='${DBPREFIX}capabilities' and meta_value like '%administrator%';"|egrep '[0-9]'|wc -l);
########################################

if [ $checkadmins -gt 1 ]; ##If there is more than 1 admin user
then
        declare -a adminids
        declare -a choices
        for i in `mysql $CRED -e " select user_id from ${DBPREFIX}usermeta where meta_key='${DBPPREFIX}capabilities' and meta_value like '%administrator%';"|egrep '[0-9]'`
        do
        adminids=("${adminids[@]}" $i ); ##append each id to the adminids array
        done
        for f in "${!adminids[@]}"
        do                                       ##Get username for each ID
        choices=( "${choices}" "`mysql $CRED -e "SELECT user_login from ${DBPREFIX}users where id='${adminids[$f]}'"`" ) ##apend each itteration to choices array
        done
#############################################
#
#Present Menu if multiple admin accounts are present
#############################################

echo "These are the valid administrator accounts and their ids, please enter an id number to reset that id or ctrl+c to exit"
for x in "${!adminids[@]}"
do
printf "%20s - %s\n" "${adminids[$x]}" "${choices[$x]}"
done

read ID

###############################################
#Else if only 1 admin ID is present just get its ID
###############################################

elif [ $checkadmins -eq 1 ];
then
                ID=$(mysql $CRED -e "select user_id from ${DBPREFIX}usermeta where meta_key='${DBPREFIX}capabilities' and meta_value like '%administrator%';"|head -n4|tail -n1|sed -e "s/\|//g"|sed 's/^[ \t]*//;s/[ \t]*$//')


##########################################################
#No admin accounts are present FAIL
##########################################################

else
echo "A Fatal error has occured, Unable to find valid administrator account"
fi

THEUSER=$(mysql $CRED -e "SELECT user_login from ${DBPREFIX}users where id='$ID'"|tail -n1);

OLDPASS=`mysql $CRED -e "SELECT user_pass from ${DBPREFIX}users where ID=${ID} and user_login='${THEUSER}'"`
echo "OLD Password for ID $ID = $OLDPASS Username='${THEUSER}'" >> /var/log/wpreset.log
echo -e "UPDATE ${DBPREFIX}users SET user_pass=MD5('${NEWPASS}') where ID=${ID} and user_login='${THEUSER}'" >>/var/log/wpreset.log
mysql $CRED -e "UPDATE ${DBPREFIX}users SET user_pass=MD5('${NEWPASS}') where ID='${ID}' and user_login='${THEUSER}'" >>/var/log/wpreset.log
if [ $? -eq 0 ]
then
        echo Updated admin password for user: $THEUSER in $DBNAME to $NEWPASS
fi
@ Telegram