aplneto/WordPress-trojan-scripts

Simple python script to add malicious payloads to php themes

WordPress trojan scripts

Repository to host simple list of scripts to trojanize WordPress themes.

In some cases Apache allows you to directy access PHP files in themes, in these cases you can just directy access the script through the /wp-content/themes/theme-directory/script.php URL.

To disable the execution of php files accessed directly, put a .htaccess file with the following instructions on the wp-content directory:

<Files ~ ".ph(?:p[345]?|t|tml)$">
	deny from all
</Files>

The above code will stop your Apache server for accessing PHP, PHP3, PHP4, PHP5, PHT and PHTML files directly.

• For nginx servers you can use the htaccess to nginx converter.
• For IIS servers, see Microsoft guide's on converting .htaccess files into web.conf

How to use this scripts

1. Download a theme from wordpress.org
2. Extract the zip file and put the script inside the theme's main directory
3. Add the following code to the index.php script file:

include 'script.php';

4. Make sure to include the script before the following code:

if ( ! defined( 'ABSPATH' ) ) {
	exit;
}

Payload list

• webshell

Sources

• How to Protect the wp-content Folder of Your WordPress Website