HEX
Server: Apache/2.4.46 (Unix) PHP/7.4.24
System: Linux dc15-w.ht-systems.ru 2.6.32-042stab142.1 #1 SMP Tue Jan 28 23:44:17 MSK 2020 x86_64
User: srv52894 (52894)
PHP: 7.4.24
Disabled: passthru,shell_exec,system,proc_open,popen,show_source
$ pwd: /home/srv52894/test/
Upload Files
File: /home/srv52894/test/scan.php
<?php 
//srv52894.ht-test.ru/scan.php
//srv52894.ht-test.ru/t.php
define( 'ROOT', dirname(__FILE__));
ini_set('log_errors', 1);
ini_set('error_log', ROOT . '/logs/php-error.log');
set_time_limit(3600);

header('Content-Type: text/plain; charset=UTF-8');
$files = glob("/home/srv52894/htdocs/*/wp-config.php");

foreach ($files as $k => $file){
$txt = file_get_contents($file);
$pattern1 = "/define\('DB_USER', '(.*)'\)/";
$pattern2 = "/define\('DB_PASSWORD', '(.*)'\)/";
$pass = preg_match($pattern2, $txt, $m) ;
$u = preg_match($pattern1, $txt, $n);

if($n[1] === 'srv52894_user' && $m[1]==='Dsz@1w67954#'){
	echo $k ."\t". $file ."\t". $m[1] . "\n";
	$txt = str_replace('1faromir63', 'Dsz@1w67954#', $txt);
	//file_put_contents($file, $txt);
}
}
@ Telegram