Version Description
- Added exception for the social.png files to the skip files by extension list.
- Fixed removal of Known Threats from files in the Quarantine directory.
Download this release
Release Info
| Developer | scheeeli |
| Plugin |  Anti-Malware Security and Brute-Force Firewall |
| Version | 4.14.52 |
| Comparing to | |
| See all releases | |
Code changes from version 4.14.51 to 4.14.52
- images/index.php +14 -18
- index.php +22 -17
- languages/gotmls.pot +6 -3
- readme.txt +11 -4
- safe-load/index.php +1 -1
images/index.php
CHANGED
|
@@ -16,7 +16,7 @@ if ((isset($_SERVER["SCRIPT_FILENAME"]) && substr(__FILE__, -1 * strlen($_SERVER
|
|
| 16 |
@error_reporting(0);
|
| 17 |
|
| 18 |
define("GOTMLS_plugin_dir", "gotmls");
|
| 19 |
-
define("GOTMLS_Version", "4.14.
|
| 20 |
define("GOTMLS_require_version", "3.0");
|
| 21 |
define("GOTMLS_Failed_to_list_LANGUAGE", __("Failed to list files in directory!",'gotmls'));
|
| 22 |
define("GOTMLS_Run_Complete_Scan_LANGUAGE", __("Run Complete Scan",'gotmls'));
|
|
@@ -40,7 +40,7 @@ define("GOTMLS_siteurl", get_option("siteurl"));
|
|
| 40 |
define("GOTMLS_images_path", plugins_url('/', __FILE__));
|
| 41 |
define("GOTMLS_installation_key", md5(GOTMLS_siteurl));
|
| 42 |
|
| 43 |
-
$GLOBALS["GOTMLS"] = array("tmp"=>array("mt"=>((isset($_GET["mt"])&&is_numeric($_GET["mt"]))?$_GET["mt"]:microtime(true)), "default_ext"=>"ieonly."));
|
| 44 |
define("GOTMLS_script_URI", preg_replace('/\&(last_)?mt=[0-9\.]+/','', str_replace('&', '&', htmlspecialchars($_SERVER["REQUEST_URI"], ENT_QUOTES))).'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"]);
|
| 45 |
$GLOBALS["GOTMLS"]["log"] = get_option('GOTMLS_scan_log/'.(isset($_SERVER["REMOTE_ADDR"])?$_SERVER["REMOTE_ADDR"]:"0.0.0.0").'/'.$GLOBALS["GOTMLS"]["tmp"]["mt"], array());
|
| 46 |
$GOTMLS_loop_execution_time = 60;
|
|
@@ -58,10 +58,9 @@ $GOTMLS_threats_found = array();
|
|
| 58 |
$GOTMLS_dir_at_depth = array();
|
| 59 |
$GOTMLS_dirs_at_depth = array();
|
| 60 |
$GOTMLS_scanfiles = array();
|
| 61 |
-
$GOTMLS_skip_ext = array("png", "jpg", "jpeg", "gif", "bmp", "tif", "tiff", "psd", "fla", "flv", "mov", "mp3", "exe", "zip", "pdf", "css", "pot", "po", "mo", "so", "doc", "docx", "svg", "ttf");
|
| 62 |
$GOTMLS_skip_dirs = array(".", "..");
|
| 63 |
$GOTMLS_settings_array = get_option('GOTMLS_settings_array', array());
|
| 64 |
-
if (isset($_GET['img']) && substr(strtolower($_SERVER["SCRIPT_FILENAME"]), -15) == "/admin-ajax.php" && !in_array(GOTMLS_get_ext($_GET['img']), $
|
| 65 |
include(dirname(__FILE__)."/../safe-load/index.php");
|
| 66 |
if (!(isset($GOTMLS_settings_array["msg_position"]) && is_array($GOTMLS_settings_array["msg_position"]) && count($GOTMLS_settings_array["msg_position"]) == 4))
|
| 67 |
$GOTMLS_settings_array["msg_position"] = array('80px', '40px', '400px', '600px');
|
|
@@ -72,7 +71,7 @@ if (!isset($GOTMLS_settings_array["scan_what"]))
|
|
| 72 |
if (!isset($GOTMLS_settings_array["scan_depth"]))
|
| 73 |
$GOTMLS_settings_array["scan_depth"] = -1;
|
| 74 |
if (!(isset($GOTMLS_settings_array["exclude_ext"]) && is_array($GOTMLS_settings_array["exclude_ext"])))
|
| 75 |
-
$GOTMLS_settings_array["exclude_ext"] = $
|
| 76 |
if (!isset($GOTMLS_settings_array["check_custom"]))
|
| 77 |
$GOTMLS_settings_array["check_custom"] = "";
|
| 78 |
if (!(isset($GOTMLS_settings_array['exclude_dir']) && is_array($GOTMLS_settings_array['exclude_dir'])))
|
|
@@ -233,6 +232,8 @@ function GOTMLS_scanfile($file) {
|
|
| 233 |
$threat_link = "";
|
| 234 |
$className = "scanned";
|
| 235 |
$clean_file = GOTMLS_encode($file);
|
|
|
|
|
|
|
| 236 |
if (is_file($file) && ($filesize = filesize($file)) && ($GOTMLS_file_contents = @file_get_contents($file))) {
|
| 237 |
foreach ($GOTMLS_definitions_array["whitelist"] as $whitelist_file=>$non_threats) {
|
| 238 |
if (isset($non_threats[0])) {
|
|
@@ -287,14 +288,13 @@ if (isset($_SESSION["GOTMLS_debug"])){ $file_time = round(microtime(true) - $_
|
|
| 287 |
if (count($GOTMLS_threats_found)) {
|
| 288 |
$threat_link = '<a target="GOTMLS_iFrame" href="'.GOTMLS_script_URI.'&GOTMLS_scan='.$clean_file.'" id="list_'.$clean_file.'" onclick="loadIframe(\''.str_replace("\"", """, '<div style="float: left;">Examine File ... </div><div style="overflow: hidden; position: relative; height: 20px;"><div style="position: absolute; right: 0px; text-align: right; width: 9000px;">'.GOTMLS_strip4java($file)).'</div></div>\');" class="GOTMLS_plugin">';
|
| 289 |
if (isset($_POST["GOTMLS_fix"]) && is_array($_POST["GOTMLS_fix"]) && in_array($clean_file, $_POST["GOTMLS_fix"])) {
|
| 290 |
-
$file_date = explode(".", array_pop(GOTMLS_explode_dir($file)));
|
| 291 |
if (GOTMLS_trailingslashit($GLOBALS["GOTMLS"]["tmp"]["quarantine_dir"]) == substr($file, 0, strlen(GOTMLS_trailingslashit($GLOBALS["GOTMLS"]["tmp"]["quarantine_dir"])))) {
|
| 292 |
if ($_POST["GOTMLS_fixing"] > 1 && @unlink($file))
|
| 293 |
$GOTMLS_file_contents = "";
|
| 294 |
-
elseif (count($
|
| 295 |
-
$file = GOTMLS_decode($
|
| 296 |
else
|
| 297 |
-
$
|
| 298 |
} elseif (isset($GOTMLS_threat_files[$className]) && GOTMLS_get_ext($GOTMLS_threat_files[$className]) == "php") {
|
| 299 |
$project = str_replace("_", "-", $className);
|
| 300 |
$source = wp_remote_get("http://$project.googlecode.com/svn/trunk/$project.php");
|
|
@@ -339,14 +339,13 @@ if (isset($_SESSION["GOTMLS_debug"])){ $file_time = round(microtime(true) - $_
|
|
| 339 |
$imageFile = "question";
|
| 340 |
return GOTMLS_return_threat($className, $imageFile, $file, str_replace("GOTMLS_plugin", "GOTMLS_plugin $className", $threat_link));
|
| 341 |
} elseif (isset($_POST["GOTMLS_fix"]) && is_array($_POST["GOTMLS_fix"]) && in_array($clean_file, $_POST["GOTMLS_fix"])) {
|
| 342 |
-
$file_date = explode(".", array_pop(GOTMLS_explode_dir($file)));
|
| 343 |
if (GOTMLS_trailingslashit($GLOBALS["GOTMLS"]["tmp"]["quarantine_dir"]) == substr($file, 0, strlen(GOTMLS_trailingslashit($GLOBALS["GOTMLS"]["tmp"]["quarantine_dir"])))) {
|
| 344 |
if ($_POST["GOTMLS_fixing"] > 1 && @unlink($file)) {
|
| 345 |
$GOTMLS_file_contents = "";
|
| 346 |
$msg = __("Deleted!",'gotmls');
|
| 347 |
echo " $msg";
|
| 348 |
return "/*-->*"."/\nfixedFile('$clean_file');\n/*<!--*"."/";
|
| 349 |
-
} elseif (count($
|
| 350 |
$msg = __("Restored!",'gotmls');
|
| 351 |
echo " $msg";
|
| 352 |
return "/*-->*"."/\nfixedFile('$clean_file');\n/*<!--*"."/";
|
|
@@ -504,7 +503,7 @@ function GOTMLS_flush($tag = "") {
|
|
| 504 |
}
|
| 505 |
|
| 506 |
function GOTMLS_readdir($dir, $current_depth = 1) {
|
| 507 |
-
global $GOTMLS_loop_execution_time, $GOTMLS_scanfiles, $GOTMLS_skip_dirs, $
|
| 508 |
if ($dir != $GLOBALS["GOTMLS"]["tmp"]["quarantine_dir"] || $current_depth == 1) {
|
| 509 |
@set_time_limit($GOTMLS_loop_execution_time);
|
| 510 |
$entries = GOTMLS_getfiles($dir);
|
|
@@ -601,14 +600,13 @@ function GOTMLS_error_link($errorTXT, $file = "", $class = "errors") {
|
|
| 601 |
}
|
| 602 |
|
| 603 |
function GOTMLS_check_file($file) {
|
| 604 |
-
global $GOTMLS_skip_ext;
|
| 605 |
$filesize = @filesize($file);
|
| 606 |
echo "/*-->*"."/\ndocument.getElementById('status_text').innerHTML='Checking ".GOTMLS_strip4java($file)." ($filesize bytes)';\n/*<!--*"."/";
|
| 607 |
if (GOTMLS_get_ext($file) == "bad")
|
| 608 |
echo GOTMLS_return_threat("bad", (@rename($file, GOTMLS_quarantine(substr($file, 0, -4)))?"checked":"blocked"), $file);
|
| 609 |
elseif (GOTMLS_get_ext($file) == "gotmls" && !(isset($_GET["eli"]) && $_GET["eli"] == "quarantine"))
|
| 610 |
echo GOTMLS_return_threat("bad", "checked", GOTMLS_decode(substr(array_pop(GOTMLS_explode_dir($file)), 0, -7)));
|
| 611 |
-
elseif (in_array(GOTMLS_get_ext($file), $
|
| 612 |
echo GOTMLS_return_threat("skipped", "blocked", $file, GOTMLS_error_link(__("Skipped because of file extention!",'gotmls'), $file, "potential"));
|
| 613 |
elseif ($filesize===false)
|
| 614 |
echo GOTMLS_return_threat("errors", "blocked", $file, GOTMLS_error_link(__("Failed to determine file size!",'gotmls'), $file));
|
|
@@ -625,7 +623,6 @@ function GOTMLS_check_file($file) {
|
|
| 625 |
}
|
| 626 |
|
| 627 |
function GOTMLS_scandir($dir) {
|
| 628 |
-
global $GOTMLS_skip_ext;
|
| 629 |
echo "/*<!--*"."/".GOTMLS_update_status(sprintf(__("Scanning %s",'gotmls'), str_replace(dirname($GLOBALS["GOTMLS"]["log"]["scan"]["dir"]), "...", $dir)));
|
| 630 |
GOTMLS_flush();
|
| 631 |
$li_js = "/*-->*"."/\nscanNextDir(-1);\n/*<!--*"."/";
|
|
@@ -650,7 +647,7 @@ function GOTMLS_scandir($dir) {
|
|
| 650 |
if (is_file($path)) {
|
| 651 |
$file_ext = GOTMLS_get_ext($file);
|
| 652 |
$filesize = @filesize($path);
|
| 653 |
-
if (in_array($file_ext, $
|
| 654 |
echo GOTMLS_return_threat("skipped", "blocked", $path, GOTMLS_error_link(sprintf(__('Skipped because of file size (%1$s bytes) or file extention (%2$s)!','gotmls'), $filesize, $file_ext), $file, "potential"));
|
| 655 |
else
|
| 656 |
echo "/*-->*"."/\nscanfilesArKeys.push('".GOTMLS_encode($dir)."&GOTMLS_only_file=".GOTMLS_encode($file)."');\nscanfilesArNames.push('Re-Checking ".GOTMLS_strip4java($path)."');\n/*<!--*"."/".GOTMLS_return_threat("dirs", "wait", $path);
|
|
@@ -775,5 +772,4 @@ function GOTMLS_get_URL($URL) {
|
|
| 775 |
if (strlen($ReadFile) == 0 && function_exists('file_get_contents'))
|
| 776 |
$ReadFile = @file_get_contents($URL).'';
|
| 777 |
return $ReadFile;
|
| 778 |
-
}
|
| 779 |
-
?>
|
| 16 |
@error_reporting(0);
|
| 17 |
|
| 18 |
define("GOTMLS_plugin_dir", "gotmls");
|
| 19 |
+
define("GOTMLS_Version", "4.14.52");
|
| 20 |
define("GOTMLS_require_version", "3.0");
|
| 21 |
define("GOTMLS_Failed_to_list_LANGUAGE", __("Failed to list files in directory!",'gotmls'));
|
| 22 |
define("GOTMLS_Run_Complete_Scan_LANGUAGE", __("Run Complete Scan",'gotmls'));
|
| 40 |
define("GOTMLS_images_path", plugins_url('/', __FILE__));
|
| 41 |
define("GOTMLS_installation_key", md5(GOTMLS_siteurl));
|
| 42 |
|
| 43 |
+
$GLOBALS["GOTMLS"] = array("tmp"=>array("mt"=>((isset($_GET["mt"])&&is_numeric($_GET["mt"]))?$_GET["mt"]:microtime(true)), "default_ext"=>"ieonly.", "skip_ext"=>array("png", "jpg", "jpeg", "gif", "bmp", "tif", "tiff", "psd", "fla", "flv", "mov", "mp3", "exe", "zip", "pdf", "css", "pot", "po", "mo", "so", "doc", "docx", "svg", "ttf")));
|
| 44 |
define("GOTMLS_script_URI", preg_replace('/\&(last_)?mt=[0-9\.]+/','', str_replace('&', '&', htmlspecialchars($_SERVER["REQUEST_URI"], ENT_QUOTES))).'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"]);
|
| 45 |
$GLOBALS["GOTMLS"]["log"] = get_option('GOTMLS_scan_log/'.(isset($_SERVER["REMOTE_ADDR"])?$_SERVER["REMOTE_ADDR"]:"0.0.0.0").'/'.$GLOBALS["GOTMLS"]["tmp"]["mt"], array());
|
| 46 |
$GOTMLS_loop_execution_time = 60;
|
| 58 |
$GOTMLS_dir_at_depth = array();
|
| 59 |
$GOTMLS_dirs_at_depth = array();
|
| 60 |
$GOTMLS_scanfiles = array();
|
|
|
|
| 61 |
$GOTMLS_skip_dirs = array(".", "..");
|
| 62 |
$GOTMLS_settings_array = get_option('GOTMLS_settings_array', array());
|
| 63 |
+
if (isset($_GET['img']) && substr(strtolower($_SERVER["SCRIPT_FILENAME"]), -15) == "/admin-ajax.php" && !in_array(GOTMLS_get_ext($_GET['img']), $GLOBALS["GOTMLS"]["tmp"]["skip_ext"]))
|
| 64 |
include(dirname(__FILE__)."/../safe-load/index.php");
|
| 65 |
if (!(isset($GOTMLS_settings_array["msg_position"]) && is_array($GOTMLS_settings_array["msg_position"]) && count($GOTMLS_settings_array["msg_position"]) == 4))
|
| 66 |
$GOTMLS_settings_array["msg_position"] = array('80px', '40px', '400px', '600px');
|
| 71 |
if (!isset($GOTMLS_settings_array["scan_depth"]))
|
| 72 |
$GOTMLS_settings_array["scan_depth"] = -1;
|
| 73 |
if (!(isset($GOTMLS_settings_array["exclude_ext"]) && is_array($GOTMLS_settings_array["exclude_ext"])))
|
| 74 |
+
$GOTMLS_settings_array["exclude_ext"] = $GLOBALS["GOTMLS"]["tmp"]["skip_ext"];
|
| 75 |
if (!isset($GOTMLS_settings_array["check_custom"]))
|
| 76 |
$GOTMLS_settings_array["check_custom"] = "";
|
| 77 |
if (!(isset($GOTMLS_settings_array['exclude_dir']) && is_array($GOTMLS_settings_array['exclude_dir'])))
|
| 232 |
$threat_link = "";
|
| 233 |
$className = "scanned";
|
| 234 |
$clean_file = GOTMLS_encode($file);
|
| 235 |
+
$file_name = GOTMLS_explode_dir($file);
|
| 236 |
+
$file_parts = explode(".", ".".array_pop($file_name));
|
| 237 |
if (is_file($file) && ($filesize = filesize($file)) && ($GOTMLS_file_contents = @file_get_contents($file))) {
|
| 238 |
foreach ($GOTMLS_definitions_array["whitelist"] as $whitelist_file=>$non_threats) {
|
| 239 |
if (isset($non_threats[0])) {
|
| 288 |
if (count($GOTMLS_threats_found)) {
|
| 289 |
$threat_link = '<a target="GOTMLS_iFrame" href="'.GOTMLS_script_URI.'&GOTMLS_scan='.$clean_file.'" id="list_'.$clean_file.'" onclick="loadIframe(\''.str_replace("\"", """, '<div style="float: left;">Examine File ... </div><div style="overflow: hidden; position: relative; height: 20px;"><div style="position: absolute; right: 0px; text-align: right; width: 9000px;">'.GOTMLS_strip4java($file)).'</div></div>\');" class="GOTMLS_plugin">';
|
| 290 |
if (isset($_POST["GOTMLS_fix"]) && is_array($_POST["GOTMLS_fix"]) && in_array($clean_file, $_POST["GOTMLS_fix"])) {
|
|
|
|
| 291 |
if (GOTMLS_trailingslashit($GLOBALS["GOTMLS"]["tmp"]["quarantine_dir"]) == substr($file, 0, strlen(GOTMLS_trailingslashit($GLOBALS["GOTMLS"]["tmp"]["quarantine_dir"])))) {
|
| 292 |
if ($_POST["GOTMLS_fixing"] > 1 && @unlink($file))
|
| 293 |
$GOTMLS_file_contents = "";
|
| 294 |
+
elseif (count($file_parts) > 1 && strtolower($file_parts[count($file_parts)-1]) == "gotmls" && $GOTMLS_new_contents = @file_get_contents($file))
|
| 295 |
+
$file = GOTMLS_decode($file_parts[count($file_parts)-2]);
|
| 296 |
else
|
| 297 |
+
$GOTMLS_new_contents = trim(preg_replace('/<\?(php)?\s*(\?>|$)/i', "", $GOTMLS_new_contents));
|
| 298 |
} elseif (isset($GOTMLS_threat_files[$className]) && GOTMLS_get_ext($GOTMLS_threat_files[$className]) == "php") {
|
| 299 |
$project = str_replace("_", "-", $className);
|
| 300 |
$source = wp_remote_get("http://$project.googlecode.com/svn/trunk/$project.php");
|
| 339 |
$imageFile = "question";
|
| 340 |
return GOTMLS_return_threat($className, $imageFile, $file, str_replace("GOTMLS_plugin", "GOTMLS_plugin $className", $threat_link));
|
| 341 |
} elseif (isset($_POST["GOTMLS_fix"]) && is_array($_POST["GOTMLS_fix"]) && in_array($clean_file, $_POST["GOTMLS_fix"])) {
|
|
|
|
| 342 |
if (GOTMLS_trailingslashit($GLOBALS["GOTMLS"]["tmp"]["quarantine_dir"]) == substr($file, 0, strlen(GOTMLS_trailingslashit($GLOBALS["GOTMLS"]["tmp"]["quarantine_dir"])))) {
|
| 343 |
if ($_POST["GOTMLS_fixing"] > 1 && @unlink($file)) {
|
| 344 |
$GOTMLS_file_contents = "";
|
| 345 |
$msg = __("Deleted!",'gotmls');
|
| 346 |
echo " $msg";
|
| 347 |
return "/*-->*"."/\nfixedFile('$clean_file');\n/*<!--*"."/";
|
| 348 |
+
} elseif (count($file_parts) > 1 && strtolower($file_parts[count($file_parts)-1]) == "gotmls" && @rename($file, GOTMLS_decode($file_parts[count($file_parts)-2]))) {
|
| 349 |
$msg = __("Restored!",'gotmls');
|
| 350 |
echo " $msg";
|
| 351 |
return "/*-->*"."/\nfixedFile('$clean_file');\n/*<!--*"."/";
|
| 503 |
}
|
| 504 |
|
| 505 |
function GOTMLS_readdir($dir, $current_depth = 1) {
|
| 506 |
+
global $GOTMLS_loop_execution_time, $GOTMLS_scanfiles, $GOTMLS_skip_dirs, $GOTMLS_dirs_at_depth, $GOTMLS_dir_at_depth, $GOTMLS_total_percent;
|
| 507 |
if ($dir != $GLOBALS["GOTMLS"]["tmp"]["quarantine_dir"] || $current_depth == 1) {
|
| 508 |
@set_time_limit($GOTMLS_loop_execution_time);
|
| 509 |
$entries = GOTMLS_getfiles($dir);
|
| 600 |
}
|
| 601 |
|
| 602 |
function GOTMLS_check_file($file) {
|
|
|
|
| 603 |
$filesize = @filesize($file);
|
| 604 |
echo "/*-->*"."/\ndocument.getElementById('status_text').innerHTML='Checking ".GOTMLS_strip4java($file)." ($filesize bytes)';\n/*<!--*"."/";
|
| 605 |
if (GOTMLS_get_ext($file) == "bad")
|
| 606 |
echo GOTMLS_return_threat("bad", (@rename($file, GOTMLS_quarantine(substr($file, 0, -4)))?"checked":"blocked"), $file);
|
| 607 |
elseif (GOTMLS_get_ext($file) == "gotmls" && !(isset($_GET["eli"]) && $_GET["eli"] == "quarantine"))
|
| 608 |
echo GOTMLS_return_threat("bad", "checked", GOTMLS_decode(substr(array_pop(GOTMLS_explode_dir($file)), 0, -7)));
|
| 609 |
+
elseif (in_array(GOTMLS_get_ext($file), $GLOBALS["GOTMLS"]["tmp"]["skip_ext"]) && !(preg_match('/social[0-9]*\.png$/i', $file)))
|
| 610 |
echo GOTMLS_return_threat("skipped", "blocked", $file, GOTMLS_error_link(__("Skipped because of file extention!",'gotmls'), $file, "potential"));
|
| 611 |
elseif ($filesize===false)
|
| 612 |
echo GOTMLS_return_threat("errors", "blocked", $file, GOTMLS_error_link(__("Failed to determine file size!",'gotmls'), $file));
|
| 623 |
}
|
| 624 |
|
| 625 |
function GOTMLS_scandir($dir) {
|
|
|
|
| 626 |
echo "/*<!--*"."/".GOTMLS_update_status(sprintf(__("Scanning %s",'gotmls'), str_replace(dirname($GLOBALS["GOTMLS"]["log"]["scan"]["dir"]), "...", $dir)));
|
| 627 |
GOTMLS_flush();
|
| 628 |
$li_js = "/*-->*"."/\nscanNextDir(-1);\n/*<!--*"."/";
|
| 647 |
if (is_file($path)) {
|
| 648 |
$file_ext = GOTMLS_get_ext($file);
|
| 649 |
$filesize = @filesize($path);
|
| 650 |
+
if ((in_array($file_ext, $GLOBALS["GOTMLS"]["tmp"]["skip_ext"]) && !(preg_match('/social[0-9]*\.png$/i', $file))) || ($filesize==0) || ($filesize>((isset($_GET["eli"])&&is_numeric($_GET["eli"]))?$_GET["eli"]:1234567)))
|
| 651 |
echo GOTMLS_return_threat("skipped", "blocked", $path, GOTMLS_error_link(sprintf(__('Skipped because of file size (%1$s bytes) or file extention (%2$s)!','gotmls'), $filesize, $file_ext), $file, "potential"));
|
| 652 |
else
|
| 653 |
echo "/*-->*"."/\nscanfilesArKeys.push('".GOTMLS_encode($dir)."&GOTMLS_only_file=".GOTMLS_encode($file)."');\nscanfilesArNames.push('Re-Checking ".GOTMLS_strip4java($path)."');\n/*<!--*"."/".GOTMLS_return_threat("dirs", "wait", $path);
|
| 772 |
if (strlen($ReadFile) == 0 && function_exists('file_get_contents'))
|
| 773 |
$ReadFile = @file_get_contents($URL).'';
|
| 774 |
return $ReadFile;
|
| 775 |
+
}
|
|
|
index.php
CHANGED
|
@@ -8,7 +8,7 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
|
|
| 8 |
Contributors: scheeeli, gotmls
|
| 9 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
|
| 10 |
Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
|
| 11 |
-
Version: 4.14.
|
| 12 |
*/
|
| 13 |
/* ___
|
| 14 |
* / /\ GOTMLS Main Plugin File
|
|
@@ -89,13 +89,16 @@ function GOTMLS_admin_add_help_tab() {
|
|
| 89 |
$screen->add_help_tab(array(
|
| 90 |
'id' => "GOTMLS_Getting_Started",
|
| 91 |
'title' => __("Getting Started", 'gotmls'),
|
| 92 |
-
'content' => '<p>'.__("Make sure the Definition Updates are current and Run a Complete Scan.").'</p><p>'.sprintf(__("If Known Threats are found and displayed in red then there will be a button to '%s'. If only Potentional Threats are found then there is no automatic fix because those are probably not malicious."), GOTMLS_Automatically_Fix_LANGUAGE).'</p>'
|
| 93 |
-
));
|
| 94 |
-
$screen->add_help_tab(array(
|
| 95 |
-
'id' => "GOTMLS_The_Quarantine",
|
| 96 |
-
'title' => __("The Quarantine", 'gotmls'),
|
| 97 |
-
'content' => '<p>'.__("A backup of the original infected files are placed in the Quarantine in case you need to restore them or just want to look at them later. You can delete these files if you don't want to save more.").'</p>'
|
| 98 |
));
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 99 |
$screen->add_help_tab(array(
|
| 100 |
'id' => 'GOTMLS_Menu_Placement',
|
| 101 |
'title' => __("Menu Placement", 'gotmls'),
|
|
@@ -526,7 +529,7 @@ function GOTMLS_View_Quarantine() {
|
|
| 526 |
foreach ($entries as $entry) {
|
| 527 |
$file = GOTMLS_trailingslashit($GLOBALS["GOTMLS"]["tmp"]["quarantine_dir"]).$entry;
|
| 528 |
$date = explode("-", date("y-m-d-H-i",filemtime($file)));
|
| 529 |
-
$Q_Page .= "\n<li style='margin
|
| 530 |
if (is_file($file) && GOTMLS_get_ext($entry) == "gotmls") {
|
| 531 |
$file_date = explode(".", $entry);
|
| 532 |
if (count($file_date) > 2 && strlen($file_date[0]) == 5)
|
|
@@ -544,7 +547,7 @@ function GOTMLS_View_Quarantine() {
|
|
| 544 |
}
|
| 545 |
|
| 546 |
function GOTMLS_settings() {
|
| 547 |
-
global $current_user, $wp_version, $GOTMLS_definitions_array, $GOTMLS_threat_levels, $GOTMLS_scanfiles, $GOTMLS_loop_execution_time, $
|
| 548 |
$GOTMLS_scan_groups = array();
|
| 549 |
$dirs = GOTMLS_explode_dir(__file__);
|
| 550 |
for ($SL=0;$SL<intval($GOTMLS_settings_array["scan_level"]);$SL++)
|
|
@@ -558,9 +561,9 @@ function GOTMLS_settings() {
|
|
| 558 |
$GOTMLS_settings_array["exclude_ext"] = array();
|
| 559 |
}
|
| 560 |
if (isset($_GET['eli']) && $_GET['eli']=='quarantine')
|
| 561 |
-
$
|
| 562 |
else
|
| 563 |
-
$
|
| 564 |
if (isset($_POST["exclude_dir"])) {
|
| 565 |
if (strlen(trim(str_replace(",","",$_POST["exclude_dir"]).' ')) > 0)
|
| 566 |
$GOTMLS_settings_array["exclude_dir"] = preg_split('/[\s]*([,]+[\s]*)+/', trim($_POST["exclude_dir"]), -1, PREG_SPLIT_NO_EMPTY);
|
|
@@ -900,11 +903,13 @@ showhide("pause_button", true);'."\n/*<!--*"."/";
|
|
| 900 |
else
|
| 901 |
$patch_status = 2;
|
| 902 |
}
|
| 903 |
-
$sec_opts =
|
|
|
|
|
|
|
| 904 |
<form method="POST" name="GOTMLS_Form_patch"><p><img src="'.GOTMLS_images_path.$patch_attr[$patch_status]["icon"].'.gif"><b>Brute-force Protection '.$patch_attr[$patch_status]["status"].'</b></p><p style="float: right;"><input type="submit" value="'.$patch_attr[$patch_status]["action"].'"><input type="hidden" name="GOTMLS_patching" value="1"></p><div style="padding: 0 30px;"> * '.$patch_attr[$patch_status]["language"].__(" For more information on Brute-Force attack prevention and the WordPress wp-login-php file ",'gotmls').' <a target="_blank" href="http://gotmls.net/tag/wp-login-php/">'.__("read my blog",'gotmls').'</a>.</div>';
|
| 905 |
$admin_notice = "";
|
| 906 |
if ($current_user->user_login == "admin") {
|
| 907 |
-
$admin_notice .= '</form
|
| 908 |
<form method="POST" name="GOTMLS_Form_admin"><p><img src="'.GOTMLS_images_path.'threat.gif"><b>Admin Notice</b></p><div style="padding: 0 30px;">Your username is "admin", this is the most commonly guessed username by hackers and brute-force scripts. It is highly recommended that you change your username immediately.</div>';
|
| 909 |
}
|
| 910 |
echo GOTMLS_box("Aditional Security Options", $sec_opts.$admin_notice);
|
|
@@ -925,7 +930,7 @@ function GOTMLS_set_plugin_row_meta($links_array, $plugin_file) {
|
|
| 925 |
}
|
| 926 |
|
| 927 |
function GOTMLS_init() {
|
| 928 |
-
global $GOTMLS_update_home, $GOTMLS_settings_array, $GOTMLS_onLoad, $GOTMLS_threat_levels, $wpdb, $GOTMLS_threats_found, $GOTMLS_settings_array, $GOTMLS_definitions_versions, $GOTMLS_definitions_array, $GOTMLS_file_contents
|
| 929 |
if (!isset($GOTMLS_settings_array["scan_what"]))
|
| 930 |
$GOTMLS_settings_array["scan_what"] = 2;
|
| 931 |
if (!isset($GOTMLS_settings_array["scan_depth"]))
|
|
@@ -1018,7 +1023,7 @@ function GOTMLS_init() {
|
|
| 1018 |
@error_reporting(0);
|
| 1019 |
@header("Content-type: text/javascript");
|
| 1020 |
if (isset($GOTMLS_settings_array["exclude_ext"]) && is_array($GOTMLS_settings_array["exclude_ext"]))
|
| 1021 |
-
$
|
| 1022 |
@ob_start();
|
| 1023 |
echo GOTMLS_scandir($file);
|
| 1024 |
if (@ob_get_level()) {
|
|
@@ -1119,6 +1124,7 @@ window.parent.showhide("GOTMLS_iFrame", true);
|
|
| 1119 |
die('<body style="margin: 0; padding: 0;">'.$_GET["GOTMLS_msg"].'</body>');
|
| 1120 |
add_contextual_help('GOTMLS-settings', __("<p>This is a help text for 'GOTMLS-settings' page.</p>", 'gotmls'));
|
| 1121 |
}
|
|
|
|
| 1122 |
if (function_exists("is_admin") && is_admin() && ((isset($_POST['GOTMLS_whitelist']) && isset($_POST['GOTMLS_chksum'])) || (isset($_GET["GOTMLS_scan"]) && is_dir(GOTMLS_decode($_GET["GOTMLS_scan"]))))) {
|
| 1123 |
@set_time_limit($GOTMLS_loop_execution_time-5);
|
| 1124 |
GOTMLS_loaded();
|
|
@@ -1132,5 +1138,4 @@ if (function_exists("is_admin") && is_admin() && ((isset($_POST['GOTMLS_whitelis
|
|
| 1132 |
add_action("admin_menu", "GOTMLS_menu");
|
| 1133 |
add_action("network_admin_menu", "GOTMLS_menu");
|
| 1134 |
$init = add_action("admin_init", "GOTMLS_init");
|
| 1135 |
-
}
|
| 1136 |
-
?>
|
| 8 |
Contributors: scheeeli, gotmls
|
| 9 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
|
| 10 |
Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
|
| 11 |
+
Version: 4.14.52
|
| 12 |
*/
|
| 13 |
/* ___
|
| 14 |
* / /\ GOTMLS Main Plugin File
|
| 89 |
$screen->add_help_tab(array(
|
| 90 |
'id' => "GOTMLS_Getting_Started",
|
| 91 |
'title' => __("Getting Started", 'gotmls'),
|
| 92 |
+
'content' => '<p>'.__("Make sure the Definition Updates are current and Run a Complete Scan.").'</p><p>'.sprintf(__("If Known Threats are found and displayed in red then there will be a button to '%s'. If only Potentional Threats are found then there is no automatic fix because those are probably not malicious."), GOTMLS_Automatically_Fix_LANGUAGE).'</p><p>'.__("A backup of the original infected files are placed in the Quarantine in case you need to restore them or just want to look at them later. You can delete these files if you don't want to save more.").'</p>'
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 93 |
));
|
| 94 |
+
$FAQMarker = '== Frequently Asked Questions ==';
|
| 95 |
+
if (is_file(dirname(__FILE__).'/readme.txt') && ($readme = explode($FAQMarker, @file_get_contents(dirname(__FILE__).'/readme.txt').$FAQMarker)) && strlen($readme[1]) && ($readme = explode("==", $readme[1]."==")) && strlen($readme[0])) {
|
| 96 |
+
$screen->add_help_tab(array(
|
| 97 |
+
'id' => "GOTMLS_FAQs",
|
| 98 |
+
'title' => __("FAQs", 'gotmls'),
|
| 99 |
+
'content' => '<p>'.preg_replace('/\[(.+?)\]\((.+?)\)/', "<a target=\"_blank\" href=\"\\2\">\\1</a>", preg_replace('/[\r\n]+= /', "</p><b>", preg_replace('/ =[\r\n]+/', "</b><p>", $readme[0]))).'</p>'
|
| 100 |
+
));
|
| 101 |
+
}
|
| 102 |
$screen->add_help_tab(array(
|
| 103 |
'id' => 'GOTMLS_Menu_Placement',
|
| 104 |
'title' => __("Menu Placement", 'gotmls'),
|
| 529 |
foreach ($entries as $entry) {
|
| 530 |
$file = GOTMLS_trailingslashit($GLOBALS["GOTMLS"]["tmp"]["quarantine_dir"]).$entry;
|
| 531 |
$date = explode("-", date("y-m-d-H-i",filemtime($file)));
|
| 532 |
+
$Q_Page .= "\n<li style='margin: 4px 12px;'><span style='float: right; white-space: nowrap;'>(20$date[0]-$date[1]-$date[2] at $date[3]:$date[4])</span>".'<input type="checkbox" name="GOTMLS_fix[]" value="'.GOTMLS_encode($file).'" id="check_'.GOTMLS_encode($file).'" onchange="document.getElementById(\'fix_button\').style.display = \'block\';" />';
|
| 533 |
if (is_file($file) && GOTMLS_get_ext($entry) == "gotmls") {
|
| 534 |
$file_date = explode(".", $entry);
|
| 535 |
if (count($file_date) > 2 && strlen($file_date[0]) == 5)
|
| 547 |
}
|
| 548 |
|
| 549 |
function GOTMLS_settings() {
|
| 550 |
+
global $current_user, $wp_version, $GOTMLS_definitions_array, $GOTMLS_threat_levels, $GOTMLS_scanfiles, $GOTMLS_loop_execution_time, $GOTMLS_skip_dirs, $GOTMLS_settings_array, $GOTMLS_dirs_at_depth, $GOTMLS_dir_at_depth;
|
| 551 |
$GOTMLS_scan_groups = array();
|
| 552 |
$dirs = GOTMLS_explode_dir(__file__);
|
| 553 |
for ($SL=0;$SL<intval($GOTMLS_settings_array["scan_level"]);$SL++)
|
| 561 |
$GOTMLS_settings_array["exclude_ext"] = array();
|
| 562 |
}
|
| 563 |
if (isset($_GET['eli']) && $_GET['eli']=='quarantine')
|
| 564 |
+
$GLOBALS["GOTMLS"]["tmp"]["skip_ext"] = $GOTMLS_settings_array["exclude_ext"];
|
| 565 |
else
|
| 566 |
+
$GLOBALS["GOTMLS"]["tmp"]["skip_ext"] = array_merge($GOTMLS_settings_array["exclude_ext"], array("gotmls"));
|
| 567 |
if (isset($_POST["exclude_dir"])) {
|
| 568 |
if (strlen(trim(str_replace(",","",$_POST["exclude_dir"]).' ')) > 0)
|
| 569 |
$GOTMLS_settings_array["exclude_dir"] = preg_split('/[\s]*([,]+[\s]*)+/', trim($_POST["exclude_dir"]), -1, PREG_SPLIT_NO_EMPTY);
|
| 903 |
else
|
| 904 |
$patch_status = 2;
|
| 905 |
}
|
| 906 |
+
$sec_opts = '
|
| 907 |
+
<p><img src="'.GOTMLS_images_path.'checked.gif"><b>Revolution Slider Exploit Protection (Automatically Enabled)</b></p><div style="padding: 0 30px;"> * '.__("NOTE: This Protection in automatically activated with this plugin because of the widespread attack on WordPress that are affecting so many site right now. It is still recommended that you make sure to upgrade and older versions of the Revolution Slider plugin, especially those included in some themes that will not update automatically. Even if you do not have Revolution Slider on your site it still can't hurt to have this protection installed.",'gotmls').'</div><hr />
|
| 908 |
+
'.$patch_action.'
|
| 909 |
<form method="POST" name="GOTMLS_Form_patch"><p><img src="'.GOTMLS_images_path.$patch_attr[$patch_status]["icon"].'.gif"><b>Brute-force Protection '.$patch_attr[$patch_status]["status"].'</b></p><p style="float: right;"><input type="submit" value="'.$patch_attr[$patch_status]["action"].'"><input type="hidden" name="GOTMLS_patching" value="1"></p><div style="padding: 0 30px;"> * '.$patch_attr[$patch_status]["language"].__(" For more information on Brute-Force attack prevention and the WordPress wp-login-php file ",'gotmls').' <a target="_blank" href="http://gotmls.net/tag/wp-login-php/">'.__("read my blog",'gotmls').'</a>.</div>';
|
| 910 |
$admin_notice = "";
|
| 911 |
if ($current_user->user_login == "admin") {
|
| 912 |
+
$admin_notice .= '</form><hr />
|
| 913 |
<form method="POST" name="GOTMLS_Form_admin"><p><img src="'.GOTMLS_images_path.'threat.gif"><b>Admin Notice</b></p><div style="padding: 0 30px;">Your username is "admin", this is the most commonly guessed username by hackers and brute-force scripts. It is highly recommended that you change your username immediately.</div>';
|
| 914 |
}
|
| 915 |
echo GOTMLS_box("Aditional Security Options", $sec_opts.$admin_notice);
|
| 930 |
}
|
| 931 |
|
| 932 |
function GOTMLS_init() {
|
| 933 |
+
global $GOTMLS_update_home, $GOTMLS_settings_array, $GOTMLS_onLoad, $GOTMLS_threat_levels, $wpdb, $GOTMLS_threats_found, $GOTMLS_settings_array, $GOTMLS_definitions_versions, $GOTMLS_definitions_array, $GOTMLS_file_contents;
|
| 934 |
if (!isset($GOTMLS_settings_array["scan_what"]))
|
| 935 |
$GOTMLS_settings_array["scan_what"] = 2;
|
| 936 |
if (!isset($GOTMLS_settings_array["scan_depth"]))
|
| 1023 |
@error_reporting(0);
|
| 1024 |
@header("Content-type: text/javascript");
|
| 1025 |
if (isset($GOTMLS_settings_array["exclude_ext"]) && is_array($GOTMLS_settings_array["exclude_ext"]))
|
| 1026 |
+
$GLOBALS["GOTMLS"]["tmp"]["skip_ext"] = $GOTMLS_settings_array["exclude_ext"];
|
| 1027 |
@ob_start();
|
| 1028 |
echo GOTMLS_scandir($file);
|
| 1029 |
if (@ob_get_level()) {
|
| 1124 |
die('<body style="margin: 0; padding: 0;">'.$_GET["GOTMLS_msg"].'</body>');
|
| 1125 |
add_contextual_help('GOTMLS-settings', __("<p>This is a help text for 'GOTMLS-settings' page.</p>", 'gotmls'));
|
| 1126 |
}
|
| 1127 |
+
|
| 1128 |
if (function_exists("is_admin") && is_admin() && ((isset($_POST['GOTMLS_whitelist']) && isset($_POST['GOTMLS_chksum'])) || (isset($_GET["GOTMLS_scan"]) && is_dir(GOTMLS_decode($_GET["GOTMLS_scan"]))))) {
|
| 1129 |
@set_time_limit($GOTMLS_loop_execution_time-5);
|
| 1130 |
GOTMLS_loaded();
|
| 1138 |
add_action("admin_menu", "GOTMLS_menu");
|
| 1139 |
add_action("network_admin_menu", "GOTMLS_menu");
|
| 1140 |
$init = add_action("admin_init", "GOTMLS_init");
|
| 1141 |
+
}
|
|
|
languages/gotmls.pot
CHANGED
|
@@ -8,7 +8,7 @@ msgid ""
|
|
| 8 |
msgstr ""
|
| 9 |
"Project-Id-Version: GOTMLS\n"
|
| 10 |
"Report-Msgid-Bugs-To: eli@gotmls.net\n"
|
| 11 |
-
"POT-Creation-Date: 2014-12-
|
| 12 |
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
| 13 |
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
| 14 |
"Language-Team: LANGUAGE <LL@li.org>\n"
|
|
@@ -39,10 +39,10 @@ msgstr ""
|
|
| 39 |
msgid "If Known Threats are found and displayed in red then there will be a button to '%s'. If only Potentional Threats are found then there is no automatic fix because those are probably not malicious."
|
| 40 |
msgstr ""
|
| 41 |
|
| 42 |
-
msgid "
|
| 43 |
msgstr ""
|
| 44 |
|
| 45 |
-
msgid "
|
| 46 |
msgstr ""
|
| 47 |
|
| 48 |
msgid "Menu Placement"
|
|
@@ -244,6 +244,9 @@ msgstr ""
|
|
| 244 |
msgid "Removed Old Brute-Force Login Patch"
|
| 245 |
msgstr ""
|
| 246 |
|
|
|
|
|
|
|
|
|
|
| 247 |
msgid " For more information on Brute-Force attack prevention and the WordPress wp-login-php file "
|
| 248 |
msgstr ""
|
| 249 |
|
| 8 |
msgstr ""
|
| 9 |
"Project-Id-Version: GOTMLS\n"
|
| 10 |
"Report-Msgid-Bugs-To: eli@gotmls.net\n"
|
| 11 |
+
"POT-Creation-Date: 2014-12-20 15:57+0900\n"
|
| 12 |
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
| 13 |
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
| 14 |
"Language-Team: LANGUAGE <LL@li.org>\n"
|
| 39 |
msgid "If Known Threats are found and displayed in red then there will be a button to '%s'. If only Potentional Threats are found then there is no automatic fix because those are probably not malicious."
|
| 40 |
msgstr ""
|
| 41 |
|
| 42 |
+
msgid "A backup of the original infected files are placed in the Quarantine in case you need to restore them or just want to look at them later. You can delete these files if you don't want to save more."
|
| 43 |
msgstr ""
|
| 44 |
|
| 45 |
+
msgid "FAQs"
|
| 46 |
msgstr ""
|
| 47 |
|
| 48 |
msgid "Menu Placement"
|
| 244 |
msgid "Removed Old Brute-Force Login Patch"
|
| 245 |
msgstr ""
|
| 246 |
|
| 247 |
+
msgid "NOTE: This Protection in automatically activated with this plugin because of the widespread attack on WordPress that are affecting so many site right now. It is still recommended that you make sure to upgrade and older versions of the Revolution Slider plugin, especially those included in some themes that will not update automatically. Even if you do not have Revolution Slider on your site it still can't hurt to have this protection installed."
|
| 248 |
+
msgstr ""
|
| 249 |
+
|
| 250 |
msgid " For more information on Brute-Force attack prevention and the WordPress wp-login-php file "
|
| 251 |
msgstr ""
|
| 252 |
|
readme.txt
CHANGED
|
@@ -5,10 +5,10 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
|
|
| 5 |
Contributors: scheeeli, gotmls
|
| 6 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
|
| 7 |
Tags: anti-malware, security, plugin, scan, automatic, repair, remove, malware, virus, threat, hacked, malicious, scripts, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
|
| 8 |
-
Version: 4.14.
|
| 9 |
-
Stable tag: 4.14.
|
| 10 |
Requires at least: 3.3
|
| 11 |
-
Tested up to: 4.
|
| 12 |
|
| 13 |
This Anti-Malware plugin searches for Malware and other Virus like threats and security vulnerabilities on your server and it helps you remove them.
|
| 14 |
|
|
@@ -24,7 +24,7 @@ This Anti-Malware plugin searches for Malware and other Virus like threats and s
|
|
| 24 |
* Run a Complete Scan from the Settings Page.
|
| 25 |
* Download Definition Updates to protect against new threats.
|
| 26 |
|
| 27 |
-
Updated December
|
| 28 |
|
| 29 |
Register this plugin at [GOTMLS.NET](http://gotmls.net/) and get access to new definitions of "Known Threats" and added features like Automatic Removal, plus patches for specific security vulnerabilities like old versions of timthumb. Updated definition files can be downloaded automatically within the admin once your Key is registered. Otherwise, this plugin just scans for "Potential Threats" and leaves it up to you to identify and remove the malicious ones.
|
| 30 |
|
|
@@ -89,6 +89,10 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
|
|
| 89 |
|
| 90 |
== Changelog ==
|
| 91 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| 92 |
= 4.14.51 =
|
| 93 |
* Block SoakSoak and other malware from exploiting the Slider Revolution Vulnerability (THIS IS A WIDESPREAD THREAT RIGHT NOW).
|
| 94 |
|
|
@@ -273,6 +277,9 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
|
|
| 273 |
|
| 274 |
== Upgrade Notice ==
|
| 275 |
|
|
|
|
|
|
|
|
|
|
| 276 |
= 4.14.51 =
|
| 277 |
Block SoakSoak and other malware from exploiting the Slider Revolution Vulnerability (THIS IS A WIDESPREAD THREAT RIGHT NOW).
|
| 278 |
|
| 5 |
Contributors: scheeeli, gotmls
|
| 6 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
|
| 7 |
Tags: anti-malware, security, plugin, scan, automatic, repair, remove, malware, virus, threat, hacked, malicious, scripts, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
|
| 8 |
+
Version: 4.14.52
|
| 9 |
+
Stable tag: 4.14.52
|
| 10 |
Requires at least: 3.3
|
| 11 |
+
Tested up to: 4.1
|
| 12 |
|
| 13 |
This Anti-Malware plugin searches for Malware and other Virus like threats and security vulnerabilities on your server and it helps you remove them.
|
| 14 |
|
| 24 |
* Run a Complete Scan from the Settings Page.
|
| 25 |
* Download Definition Updates to protect against new threats.
|
| 26 |
|
| 27 |
+
Updated December 20th
|
| 28 |
|
| 29 |
Register this plugin at [GOTMLS.NET](http://gotmls.net/) and get access to new definitions of "Known Threats" and added features like Automatic Removal, plus patches for specific security vulnerabilities like old versions of timthumb. Updated definition files can be downloaded automatically within the admin once your Key is registered. Otherwise, this plugin just scans for "Potential Threats" and leaves it up to you to identify and remove the malicious ones.
|
| 30 |
|
| 89 |
|
| 90 |
== Changelog ==
|
| 91 |
|
| 92 |
+
= 4.14.52 =
|
| 93 |
+
* Added exception for the social.png files to the skip files by extension list.
|
| 94 |
+
* Fixed removal of Known Threats from files in the Quarantine directory.
|
| 95 |
+
|
| 96 |
= 4.14.51 =
|
| 97 |
* Block SoakSoak and other malware from exploiting the Slider Revolution Vulnerability (THIS IS A WIDESPREAD THREAT RIGHT NOW).
|
| 98 |
|
| 277 |
|
| 278 |
== Upgrade Notice ==
|
| 279 |
|
| 280 |
+
= 4.14.52 =
|
| 281 |
+
Added exception for the social.png files to the skip files by extension list, and fixed removal of Known Threats from files in the Quarantine directory.
|
| 282 |
+
|
| 283 |
= 4.14.51 =
|
| 284 |
Block SoakSoak and other malware from exploiting the Slider Revolution Vulnerability (THIS IS A WIDESPREAD THREAT RIGHT NOW).
|
| 285 |
|
safe-load/index.php
CHANGED
|
@@ -10,5 +10,5 @@ foreach (array("REMOTE_ADDR", "HTTP_HOST", "REQUEST_URI", "HTTP_REFERER", "HTTP_
|
|
| 10 |
$_SESSION["GOTMLS_detected_attacks"] .= (isset($_SERVER[$var])?"&SERVER_$var=".urlencode($_SERVER[$var]):"");
|
| 11 |
foreach (array("log") as $var)
|
| 12 |
$_SESSION["GOTMLS_detected_attacks"] .= (isset($_POST[$var])?"&POST_$var=".urlencode($_POST[$var]):"");
|
| 13 |
-
header("location: http://safe-load.gotmls.net/report.php?ver=4.14.
|
| 14 |
die();
|
| 10 |
$_SESSION["GOTMLS_detected_attacks"] .= (isset($_SERVER[$var])?"&SERVER_$var=".urlencode($_SERVER[$var]):"");
|
| 11 |
foreach (array("log") as $var)
|
| 12 |
$_SESSION["GOTMLS_detected_attacks"] .= (isset($_POST[$var])?"&POST_$var=".urlencode($_POST[$var]):"");
|
| 13 |
+
header("location: http://safe-load.gotmls.net/report.php?ver=4.14.52".$_SESSION["GOTMLS_detected_attacks"]);
|
| 14 |
die();
|
