Changeset 3208294
- Timestamp:
- 12/16/2024 12:15:27 AM (15 months ago)
- Location:
- wpinfecscanlite/trunk
- Files:
-
- 4 edited
-
readme.txt (modified) (1 diff)
-
scannerdata/wpinfectlitesecurity.php (modified) (2 diffs)
-
tab_hackmonitor.php (modified) (4 diffs)
-
wpinfecscanlite.php (modified) (5 diffs)
Legend:
- Unmodified
- Added
- Removed
-
wpinfecscanlite/trunk/readme.txt
r3196032 r3208294 4 4 Requires at least: 4.6 5 5 Tested up to: 6.7 6 Stable tag: 1.2 6 Stable tag: 1.2.1 7 7 License: GPLv2 or later 8 8 License URI: http://www.gnu.org/licenses/gpl-2.0.html -
wpinfecscanlite/trunk/scannerdata/wpinfectlitesecurity.php
r3196032 r3208294 206 206 $url_string = parse_url(home_url(), PHP_URL_HOST); 207 207 $rules = "#WPINFECLITEBLOCKIP_START" . "\n"; 208 209 $apache24 = false; 210 if(function_exists('apache_get_version')){ 211 $version = apache_get_version(); 212 }else{ 213 $version = $_SERVER["SERVER_SOFTWARE"]; 214 } 215 if(strpos($version,'2.4') !== false || strpos($version,'2.5') !== false){ 216 $apache24 = true; 217 } 218 219 if(! $apache24){ 220 $rules .= '<Limit GET HEAD POST>' . "\n"; 221 $rules .= 'order allow,deny' . "\n"; 222 $rules .= 'allow from all' . "\n"; 223 }else{ 224 $rules .= '<RequireAll>' . "\n"; 225 $rules .= 'Require all granted' . "\n"; 226 } 208 209 $rules .= '<IfModule mod_rewrite.c>' . "\n"; 210 $rules .= 'RewriteEngine on' . "\n"; 211 227 212 $blockips = unserialize($blockips); 228 213 foreach( $blockips as $ip) { 229 214 $ip = $ip[1]; 230 215 if (filter_var($ip, FILTER_VALIDATE_IP)) { 231 if ($apache24){ 232 $iptxt = "Require not ip " .$ip; 233 } else { 234 $iptxt = "deny from " .$ip; 235 } 216 $iptxt = "RewriteCond %{REMOTE_ADDR} ^".str_replace(".","\.",$ip)."$ [OR]"; 236 217 $rules .= $iptxt . "\n"; 237 218 } 238 219 } 239 220 240 if(! $apache24){ 241 $rules .= '</Limit>' . "\n"; 242 } else { 243 $rules .= '</RequireAll>' . "\n"; 244 } 221 $rules .= 'RewriteCond %{QUERY_STRING} tehry64yeujwi7648i2kjdyrujt78k23p' . "\n"; 222 $rules .= 'RewriteRule ^(.*)$ - [F,L]' . "\n"; 223 $rules .= '</IfModule>' . "\n"; 245 224 246 225 $rules .= "#WPINFECLITEBLOCKIP_END" . "\n"; … … 261 240 return false; 262 241 } 242 } 243 244 public function wpinfectlitescan_check_hackmonitor_canenable(){ 245 246 $pass = array('123456','123456789','picture1','password','12345678','111111','123123','12345','1234567890','senha','1234567','qwerty','abc123','Million2','000000','1234','iloveyou','aaron431','password1','qqww1122','123','omgpop','123321','654321','qwertyuiop','qwer123456','123456a','a123456','666666','asdfghjkl','ashley','987654321','unknown','zxcvbnm','112233','chatbooks','20100728','123123123','princess','jacket025','evite','123abc','123qwe','sunshine','121212','dragon','1q2w3e4r','5201314','159753','123456789','pokemon','qwerty123','Bangbang123','jobandtalent','monkey','1qaz2wsx','abcd1234','default','aaaaaa','soccer','123654','ohmnamah23','12345678910','zing','shadow','102030','11111111','asdfgh','147258369','qazwsx','qwe123','michael','football','baseball','1q2w3e4r5t','party','daniel','asdasd','222222','myspace1','asd123','555555','a123456789','888888','7777777','fuckyou','1234qwer','superman','147258','999999','159357','love123','tigger','purple','samantha','charlie','babygirl','88888888','jordan23','789456123'); 247 248 global $wpdb; 249 $p = $wpdb->prefix; 250 $getTest = "SELECT * FROM ".$p."users left join ".$p."usermeta ON ".$p."users.ID = ".$p."usermeta.user_id where ".$p."usermeta.meta_key = '".$p."capabilities' and (meta_value like '%administrator%' or meta_value like '%editor%') order by ID ASC"; 251 252 $users = $wpdb->get_results($getTest); 253 foreach($users as $user){ 254 $user_pass = $user->user_pass; 255 foreach($pass as $pas){ 256 if(wp_check_password(trim($pas),$user_pass)){ 257 return false; 258 break; 259 } 260 } 261 } 262 263 return true; 263 264 } 264 265 -
wpinfecscanlite/trunk/tab_hackmonitor.php
r3196032 r3208294 38 38 </form> 39 39 <hr> 40 <?php 41 if(!empty($wpinfecscanlite_hackmonitorchanged_error)){ 42 echo "<p style='color:red'>".esc_html($wpinfecscanlite_hackmonitorchanged_error)."</p>"; 43 } 44 ?> 40 45 <h3><?php esc_html_e("Blocking IPs","wpinfecscanlite"); ?></h3> 41 46 <p><?php esc_html_e("If you have inadvertently blocked your IP, please FTP to your server's HTACCESS file and delete #WPINFECLITEBLOCKIP_START to #WPINFECLITEBLOCKIP_END","wpinfecscanlite"); ?></p> … … 75 80 <h3><?php esc_html_e("Hack log","wpinfecscanlite"); ?></h3> 76 81 <script> 82 83 function b64DecodeUnicode(str) { 84 // Going backwards: from bytestream, to percent-encoding, to original string. 85 return decodeURIComponent(atob(str).split('').map(function(c) { 86 return '%' + ('00' + c.charCodeAt(0).toString(16)).slice(-2); 87 }).join('')); 88 } 77 89 function changepage(page){ 78 90 jQuery.ajax({ … … 84 96 if(msg!="error"){ 85 97 jQuery("#hacktable tr:gt(0)").remove(); 86 jQuery('#hacktable tr:last').after( atob(msg));98 jQuery('#hacktable tr:last').after(b64DecodeUnicode(msg)); 87 99 jQuery('.activepage').removeClass('activepage'); 88 100 var pname = page-1; … … 169 181 } 170 182 ?> 183 <style> #hacktable{word-break:break-all !important;}#hacktable td{min-width:90px;max-width:270px;}</style> 171 184 <div class="table-responsive"> 172 185 <table style='width:100%' class='datashow table' id="hacktable"> -
wpinfecscanlite/trunk/wpinfecscanlite.php
r3196032 r3208294 3 3 Plugin Name: WPDoctor Malware Scanner & Vulnerability Checker Lite 4 4 description: Based on the most frequently detected malware detection patterns, this plug-in can exhaustively scan program files on the site to detect malware and vulnerability. Also record hacking attempts against your site and block IPs. 5 Version: 1.2 5 Version: 1.2.1 6 6 Text Domain: wpinfecscanlite 7 7 Author: wordpressdr … … 724 724 $settingname = sanitize_text_field($_POST["settingname"]); 725 725 } 726 726 727 $wpinfecscanlite_hackmonitorchanged_error = ""; 727 728 if(isset($settingname)){ 728 729 … … 780 781 781 782 if($settingname=="hackmonitor"){ 783 782 784 $hackmonitor=0; 783 785 if(isset($_POST["wpinfectlitescanner_hackmonitor"])){ … … 785 787 if($hackmonitor != 1){ 786 788 $hackmonitor = 0; 789 } 790 } 791 792 require_once('scannerdata/wpinfectlitesecurity.php'); 793 $secfunc=new wpinfectlitescanner_WPInfectSecurity(); 794 795 if($hackmonitor==1){ 796 $checkifhackmonitorcanactive = $secfunc->wpinfectlitescan_check_hackmonitor_canenable(); 797 if(! $checkifhackmonitorcanactive){ 798 $hackmonitor = 0; 799 $wpinfecscanlite_hackmonitorchanged_error = __("The Hack Monitor also logs brute force attacks with weak passwords. Therefore, it cannot be enabled if there is an administrator user who is already using a weak password.",'wpinfecscanlite'); 787 800 } 788 801 } … … 796 809 } 797 810 } 798 799 require_once('scannerdata/wpinfectlitesecurity.php');800 $secfunc=new wpinfectlitescanner_WPInfectSecurity();801 811 802 812 if($hackmonitor == 1){
Note: See TracChangeset
for help on using the changeset viewer.