{"id":28746824,"url":"https://github.com/ngang18/cybersercurity-maintainaccess","last_synced_at":"2026-05-18T04:10:35.065Z","repository":{"id":299060318,"uuid":"1001947405","full_name":"ngang18/Cybersercurity-MaintainAccess","owner":"ngang18","description":"Creating and hiding a new Administrator access - Maintain Access - Ethical Hacking","archived":false,"fork":false,"pushed_at":"2025-06-14T12:04:54.000Z","size":8,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-06-24T20:15:11.247Z","etag":null,"topics":["cybersecurity","php","wordpress","wordpress-theme"],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ngang18.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-06-14T11:36:39.000Z","updated_at":"2025-06-14T12:04:58.000Z","dependencies_parsed_at":null,"dependency_job_id":"12d0229f-0620-4ec7-b560-5352b8bf3ab9","html_url":"https://github.com/ngang18/Cybersercurity-MaintainAccess","commit_stats":null,"previous_names":["ngang18/cybersercurity-maintainaccess"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/ngang18/Cybersercurity-MaintainAccess","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ngang18%2FCybersercurity-MaintainAccess","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ngang18%2FCybersercurity-MaintainAccess/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ngang18%2FCybersercurity-MaintainAccess/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ngang18%2FCybersercurity-MaintainAccess/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ngang18","download_url":"https://codeload.github.com/ngang18/Cybersercurity-MaintainAccess/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ngang18%2FCybersercurity-MaintainAccess/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279002799,"owners_count":26083468,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-10T02:00:06.843Z","response_time":62,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cybersecurity","php","wordpress","wordpress-theme"],"created_at":"2025-06-16T15:48:42.738Z","updated_at":"2025-10-10T05:14:54.024Z","avatar_url":"https://github.com/ngang18.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Cybersercurity-MaintainAccess\n\n# Cybersecurity-MaintainAccess\n\nThis repository demonstrates the **Maintaining Access** phase of the Ethical Hacking process, specifically targeting WordPress-based e-commerce systems. This project was created as part of a university research paper on cybersecurity, with the goal of educating students and developers about the risks and behaviors of unauthorized persistent access through backdoor techniques.\n\n\u003e ⚠️ **Disclaimer:** This repository is for **educational and ethical research purposes only**. Do not use this code on any system you do not own or have explicit permission to test.\n\n---\n\n## 📂 Project Structure\n\nThis repository contains 3 PHP files, each representing a specific component of the backdoor process used to **maintain unauthorized access** in a compromised WordPress site.\n\n### 1. `adduser.php` – Create Hidden Admin User\n\nThis script simulates a **backdoor injection** into the `functions.php` file of a WordPress theme. When accessed via a URL parameter `?backdoor=go`, it silently creates a new admin account.\n\n**Key functionalities:**\n- Checks if the username `new_admin` exists.\n- Creates the user with password `new_pass`.\n- Assigns the role `administrator`.\n\n📎 **Used for:** Gaining persistent admin access without visible login credentials.\n\n---\n\n### 2. `hiddenuser.php` – Hide Admin from User List\n\nThis script hides the `new_admin` account from the WordPress user listing in the admin dashboard by altering the user query.\n\n**Key functionalities:**\n- Hooks into the `pre_user_query` action.\n- Excludes `new_admin` from the SQL query that fetches users.\n\n📎 **Used for:** Evading detection in the dashboard user list.\n\n---\n\n### 3. `notcountuser.php` – Exclude Hidden User from Count\n\nThis script modifies the WordPress admin interface to **not include the hidden user in total or admin user counts**.\n\n**Key functionalities:**\n- Hooks into the `views_users` filter.\n- Adjusts the displayed count of total users and administrators.\n\n📎 **Used for:** Creating the illusion that the user does not exist at all.\n\n---\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fngang18%2Fcybersercurity-maintainaccess","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fngang18%2Fcybersercurity-maintainaccess","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fngang18%2Fcybersercurity-maintainaccess/lists"}