Thanks a lot for the tips i just used it few months ago for a client who was afraid to not getting paid ! Can you confirm that Itheme security or a wordfence scan can detect it ? i didn't test it but it seem logical that security plugin gone detect a change in the core wordpress file ? Thx a lot for all your work !!!!
Thanks you for your work..I'l be building my wordpress using your channel. I've been thinking of paying to do one but you've inspired me to try it on my own.
+eWriter Pros Your welcome. I am sure it will come in handy one day. Its like a computer backup, you don't need it until you need it, but when that day comes you are relieved you have it.
Hi, Thank for this video but when I am trying to apply the code in the url. the / is came between the website and ?pathway=go. In this way, the user is not creating. Please help me.
Thank you. I sell firearms and my payment processor was requesting this in order to confirm I had my stuff setup in compliance with their requirements.
Great guy. Quick one; what if someone delete the backdoor user account from the user interface on the dashboard, Will the link typed in the browser still work?
Nice. But what if you want the user "pathway" to be hidden on the admin users display? If the other admin is logged in, they would see the new admin account and just delete it.
Hello Adam. I came back to this video because I have had two clients not paying for the services and their site is live. My question, if the admin path is hidden by a plugin such as WPS Hide Login, would this still work?
+Eddy Bautista Great question. It's a little technical, but that is an MD5 Hash for the word go. Think of it as the word go encrypted. Technical I know. I think you can put any words MD5 Hash in there if you was to not use the word go.
After payment or whatever caused you to create a backdoor, would you then delete it either with or without letting them know, or keep it if you are kept on in some kind of care package for if something happens like they get locked out (have heard this happens with others security)
Thank you for the awesome video. But when copying the code into a functions.php file of the child theme, it gives error. The theme I use is BeTheme. Any way to send you the functions.php code?
sorry but this answer is not very clear. I understand the user can be recreated but if the site owner removes the Pathway user, how do I still get in the back door?
Thank you so much for helping with this. After I use the url ......=go, I got the message "The site is experiencing technical difficulties." Any insights, please? :)
I think the reason you're using it is to re-take possession of the website. The non-paying client won't be going in there to see your added user. I haven't tried it yet, but I believe the 'pathway' user is created when the secret URL is used and not before. Adam said above in an answering comment that the user would be replaced if removed, so I'm pretty sure the code creates it anew each time. I'd remove the user in the list upon receiving payment. *** I do have to say, I'm an honorable person and wouldn't misuse this, but I'd certainly be tempted to leave the code in place if the person is dishonorable enough to not pay as agreed. They may just pull a fast one to get their money back after you're paid and think you're safe!*** This could be a year later. Bullies tend to let their grievances simmer over time if they don't go off immediately. DEFINITELY use a child theme for long-term safety.
![Lp. Сердце Вселенной #60 РОЖДЕНИЕ ЛОЛОЛОШКИ [Финал] • Майнкрафт](http://i.ytimg.com/vi/YoR0pAV9FVQ/mqdefault.jpg)
Hey guys, what's your opinion on this video about creating backdoor admin access in WordPress?
can this be is use on sneaker websites ? like adidas footlocker and more
Thanks a lot for the tips i just used it few months ago for a client who was afraid to not getting paid ! Can you confirm that Itheme security or a wordfence scan can detect it ? i didn't test it but it seem logical that security plugin gone detect a change in the core wordpress file ? Thx a lot for all your work !!!!
Nice video
Can I get full url, where my WordPress Plugins, themes running or installed ?? Please help me sir
Can I get full url, where my WordPress Plugins, themes running or installed ?? Please help me sir
Thanks you for your work..I'l be building my wordpress using your channel. I've been thinking of paying to do one but you've inspired me to try it on my own.
You can totally do it yourself!
Thank you.
Great video! Thanks for explaining so clearly.
hey, Adam! would like to see an update to this concept -- in a non-child-theme 2020 method :)
wow great boss I have subscribed your channel and press the bell button
Very powerful and much appreciated.
+eWriter Pros Your welcome. I am sure it will come in handy one day. Its like a computer backup, you don't need it until you need it, but when that day comes you are relieved you have it.
Definitely put it in the child theme. If the main theme is updated, this code would disappear entirely.
Hi, Thank for this video but when I am trying to apply the code in the url. the / is came between the website and ?pathway=go. In this way, the user is not creating. Please help me.
Thank you. I sell firearms and my payment processor was requesting this in order to confirm I had my stuff setup in compliance with their requirements.
great way to help customer out when they forget there passwords aswell
Yes Jacob this can be used for good purposes like that.
it does create the admin user but i cant login with that username and password dont know why ? it says username or password is incorrect
Maybe trying a different web browser?
no i think it requires email also to work
thanks for the tip, I love your channel!
+Anderson Torres Thanks, appreciate it!!!
Great guy. Quick one; what if someone delete the backdoor user account from the user interface on the dashboard, Will the link typed in the browser still work?
Thanks. Nicely explained and I find it useful.
Awesome.. I test it and it work lovely 💓
Thank you
You're welcome
Nice. But what if you want the user "pathway" to be hidden on the admin users display? If the other admin is logged in, they would see the new admin account and just delete it.
But he can call the hosting provider to get a backup or can use database to change password or can talk to other web developer to fix that
Hello Adam. I came back to this video because I have had two clients not paying for the services and their site is live. My question, if the admin path is hidden by a plugin such as WPS Hide Login, would this still work?
What does the set of numbers next what you named "pathway" exactly mean?
+Eddy Bautista Great question. It's a little technical, but that is an MD5 Hash for the word go. Think of it as the word go encrypted. Technical I know. I think you can put any words MD5 Hash in there if you was to not use the word go.
This is great thank you very much, Only one thing I need to know is how do I remove the x in the circle so they cant close the page that way.
wow..really helpful
After payment or whatever caused you to create a backdoor, would you then delete it either with or without letting them know, or keep it if you are kept on in some kind of care package for if something happens like they get locked out (have heard this happens with others security)
I commented below that a non-payer now may be a get his money back a year later kinda person. I'd do the child theme as well, just in case.
Thank you for the awesome video. But when copying the code into a functions.php file of the child theme, it gives error. The theme I use is BeTheme. Any way to send you the functions.php code?
There is a link to it in the video description.
Thank you for the awesome video. Would you mind telling me if this works with a wordpress site that is hosted with Godaddy???
Yes it does! It will work with any host in fact.
I have another problem I can't do any thing in my dashboard forbidden 403
You don't have permission to access this resource
hI, awesome tutorial, in my theme function.php there is no
add_action function that will pass the backdoor.
You simply need to copy and paste the code that I provided.
yes it works now, thank you
What if the login url changed?
How can i login with the new user
What would keep them from deleting the Pathway user? Or would it just recreate itself if deleted?
As long as the function is still there, the user can be recreated.
sorry but this answer is not very clear. I understand the user can be recreated but if the site owner removes the Pathway user, how do I still get in the back door?
it does not work anymore, maybe for the latest version of PHP
Shows an error: Warning: Undefined array key "backdoor"
Hi Adam, this code no longer works...any chance something new is available?
I have also had those thoughts
it does create the admin user but i cant login with that username and password dont know why ?
it says username or password is incorrect
I would suggest trying in a different web browser.
Good backdoor.
I think would be better if when user already exists you simply update the password.
Do you mean to leave their website up while they don't pay? Just not let them edit the site?
Thank you so much for helping with this.
After I use the url ......=go, I got the message "The site is experiencing technical difficulties."
Any insights, please? :)
what if i don't have theme ?
Every WordPress website has a theme.
bailout malware error by cpanel
please help
HAHAHA I HAD A WORDPRESS AD
The AD before the video? Yea I recently turned on ADS, but am fine if people use an ad blocker.
WPCrafter.com WordPress For Non-Techies it's just kinda ironic cause it's a word press back door aka hack
Lol. Haha.
But the client or buyer will find me while checking the users list !
I think the reason you're using it is to re-take possession of the website. The non-paying client won't be going in there to see your added user. I haven't tried it yet, but I believe the 'pathway' user is created when the secret URL is used and not before. Adam said above in an answering comment that the user would be replaced if removed, so I'm pretty sure the code creates it anew each time. I'd remove the user in the list upon receiving payment. *** I do have to say, I'm an honorable person and wouldn't misuse this, but I'd certainly be tempted to leave the code in place if the person is dishonorable enough to not pay as agreed. They may just pull a fast one to get their money back after you're paid and think you're safe!*** This could be a year later. Bullies tend to let their grievances simmer over time if they don't go off immediately. DEFINITELY use a child theme for long-term safety.
doesn`t work no more...
Great video. but sadly it doesn't work anymore. Tried it with almost all browsers, it does not create the user
Think you're wrong, this works perfectly today I just tested it.
It does work! Most probably you might have pasted the code in the wrong *.php file.
doesn't work anymore
This is not working ..........
Not woking now