Anti-Malware Security and Brute-Force Firewall

Version Description

Added link to view a simple scan history on the Quarantine page.
Updated firewall to better protect agains new variations of the RevSlider Exploit.
Improved check for session support before giving the option to Install Brute-Force patch.

Release Info

Developer	scheeeli
Plugin	Anti-Malware Security and Brute-Force Firewall
Version	4.14.55
Comparing to
See all releases

Code changes from version 4.14.54 to 4.14.55

Files changed (7) hide show

images/.htaccess +8 -0
images/index.php +26 -10
index.php +109 -14
readme.txt +12 -4
safe-load/.htaccess +8 -0
safe-load/index.php +1 -1
safe-load/session.php +0 -10

images/.htaccess ADDED Viewed

	@@ -0,0 +1,8 @@


1	+ # BEGIN WordPress
2	+ <IfModule mod_rewrite.c>
3	+ RewriteEngine On
4	+ RewriteCond %{REQUEST_FILENAME} !-f
5	+ RewriteCond %{REQUEST_FILENAME} !-d
6	+ RewriteRule . index.php [L]
7	+ </IfModule>
8	+ # END WordPress

images/index.php CHANGED Viewed

	@@ -10,11 +10,13 @@ function GOTMLS_define($DEF, $val) {
10	define($DEF, $val);
11	}}
12
13	- GOTMLS_define("GOTMLS_Version", "4.14.54");
14	GOTMLS_define("GOTMLS_require_version", "3.3");
15	GOTMLS_define("GOTMLS_plugin_dir", "gotmls");
16	GOTMLS_define("GOTMLS_local_images_path", dirname(__FILE__)."/");
17	GOTMLS_define("GOTMLS_plugin_path", dirname(GOTMLS_local_images_path).'/');


18
19	if (!function_exists("GOTMLS_encode")) {
20	function GOTMLS_encode($unencoded_string) {
	@@ -45,10 +47,24 @@ function GOTMLS_decode($encoded_string) {
45	}}
46
47	if ((isset($_SERVER["SCRIPT_FILENAME"]) && strlen($_SERVER["SCRIPT_FILENAME"]) > strlen(basename(__FILE__)) && substr(__FILE__, -1 * strlen($_SERVER["SCRIPT_FILENAME"])) == substr($_SERVER["SCRIPT_FILENAME"], -1 * strlen(__FILE__))) \|\| !defined("GOTMLS_plugin_path")) {
48	- ~~header~~("~~Content-type:~~ ~~image/gif~~");
49	- $~~img_src~~ = ~~GOTMLS_local_images_path.'GOTMLS-16x16.gif';~~
50	- ~~if (!(file_exists(~~$~~img_src)~~ ~~&& $img_bin~~ = ~~@file_get_contents~~($~~img_src~~)))
51	- $~~img_bin~~ = ~~GOTMLS_decode~~(~~'R0lGODlhEAAQAIABAAAAAP///yH5BAEAAAEALAAAAAAQABAAAAIshB0Qm+eo2HuJNWdrjlFm3S2hKB7kViKaxZmr98YgSo/jzH6tiU0974MADwUAOw=='~~);














52	die($img_bin);
53	} elseif (isset($_GET["no_error_reporting"]))
54	@error_reporting(0);
	@@ -68,7 +84,6 @@ GOTMLS_define("GOTMLS_Loading_LANGUAGE", __("Loading, Please Wait ...",'gotmls')
68	GOTMLS_define("GOTMLS_Automatically_Fix_LANGUAGE", __("Automatically Fix SELECTED Files Now",'gotmls'));
69	GOTMLS_define("GOTMLS_update_images_path", "/wp-content/plugins/update/images/");
70
71	- $GLOBALS["GOTMLS"] = array("tmp"=>array("mt"=>((isset($_GET["mt"])&&is_numeric($_GET["mt"]))?$_GET["mt"]:microtime(true)), "default_ext"=>"ieonly.", "skip_ext"=>array("png", "jpg", "jpeg", "gif", "bmp", "tif", "tiff", "psd", "fla", "flv", "mov", "mp3", "exe", "zip", "pdf", "css", "pot", "po", "mo", "so", "doc", "docx", "svg", "ttf")));
72	if (isset($_SERVER['HTTP_HOST']))
73	$SERVER_HTTP = 'HOST://'.$_SERVER['HTTP_HOST'];
74	elseif (isset($_SERVER['SERVER_NAME']))
	@@ -94,7 +109,6 @@ if (function_exists("get_option")) {
94	$GLOBALS["GOTMLS"]["tmp"]["settings_array"] = array();
95	}
96	GOTMLS_define("GOTMLS_installation_key", md5(GOTMLS_siteurl));
97	- GOTMLS_define("GOTMLS_script_URI", preg_replace('/\&(last_)?mt=[0-9\.]+/','', str_replace('&', '&', htmlspecialchars($_SERVER["REQUEST_URI"], ENT_QUOTES))).'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"]);
98	if (function_exists("plugins_url"))
99	GOTMLS_define("GOTMLS_images_path", plugins_url('/', __FILE__));
100	elseif (isset($_SERVER["DOCUMENT_ROOT"]) && ($_SERVER["DOCUMENT_ROOT"]) && strlen($_SERVER["DOCUMENT_ROOT"]) < __FILE__ && substr(__FILE__, 0, strlen($_SERVER["DOCUMENT_ROOT"])) == $_SERVER["DOCUMENT_ROOT"])
	@@ -121,7 +135,7 @@ $GOTMLS_dirs_at_depth = array();
121	$GOTMLS_scanfiles = array();
122	$GOTMLS_skip_dirs = array(".", "..");
123
124	- if (isset($~~_GET~~['img']) && substr(strtolower($_SERVER["SCRIPT_FILENAME"]), -15) == "/admin-ajax.php" && !in_array(GOTMLS_get_ext($~~_GET~~['img']), $GLOBALS["GOTMLS"]["tmp"]["skip_ext"]))
125	include(dirname(__FILE__)."/../safe-load/index.php");
126	if (!(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"]) && count($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"]) == 4))
127	$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"] = array('80px', '40px', '400px', '600px');
	@@ -578,7 +592,7 @@ function GOTMLS_readdir($dir, $current_depth = 1) {
578	if (isset($_GET["eli"]) && $_GET["eli"] == "trace" && count($files)) {
579	$tracer_code = "(base64_decode('".base64_encode('if(isset($_SERVER["REMOTE_ADDR"]) && $_SERVER["REMOTE_ADDR"] == "'.$_SERVER["REMOTE_ADDR"].'" && is_file("'.GOTMLS_local_images_path.'../safe-load/trace.php")) {include_once("'.GOTMLS_local_images_path.'../safe-load/trace.php");GOTMLS_debug_trace(__FILE__);}')."'));";
580	foreach ($files as $file)
581	- if (GOTMLS_get_ext($file) =="php" && $filecontents = @file_get_contents(GOTMLS_trailingslashit($dir).$file))
582	@GOTMLS_file_put_contents(GOTMLS_trailingslashit($dir).$file, preg_replace('/^<\?php(?! eval)/is', '<?php eval'.$tracer_code, $filecontents));
583	}
584	if ($_REQUEST["scan_type"] == "Quick Scan") {
	@@ -785,9 +799,11 @@ function GOTMLS_scan_log() {
785	$LastScan .= " and ran for $time $unit";
786	} else
787	$LastScan .= " and has not finish";


788	} else
789	$LastScan = "never started ";
790	- return "Last ".(isset($GOTMLS_scan_log["scan"]["type"])?$GOTMLS_scan_log["scan"]["type"]:"Scan")." $LastScan.";
791	}
792
793	function GOTMLS_get_URL($URL) {


10	define($DEF, $val);
11	}}
12
13	+ GOTMLS_define("GOTMLS_Version", "4.14.55");
14	GOTMLS_define("GOTMLS_require_version", "3.3");
15	GOTMLS_define("GOTMLS_plugin_dir", "gotmls");
16	GOTMLS_define("GOTMLS_local_images_path", dirname(__FILE__)."/");
17	GOTMLS_define("GOTMLS_plugin_path", dirname(GOTMLS_local_images_path).'/');
18	+ $GLOBALS["GOTMLS"] = array("tmp"=>array("mt"=>((isset($_GET["mt"])&&is_numeric($_GET["mt"]))?$_GET["mt"]:microtime(true)), "default_ext"=>"ieonly.", "skip_ext"=>array("png", "jpg", "jpeg", "gif", "bmp", "tif", "tiff", "psd", "fla", "flv", "mov", "mp3", "exe", "zip", "pdf", "css", "pot", "po", "mo", "so", "doc", "docx", "svg", "ttf")));
19	+ GOTMLS_define("GOTMLS_script_URI", preg_replace('/\&(last_)?mt=[0-9\.]+/','', str_replace('&', '&', htmlspecialchars($_SERVER["REQUEST_URI"], ENT_QUOTES))).'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"]);
20
21	if (!function_exists("GOTMLS_encode")) {
22	function GOTMLS_encode($unencoded_string) {

47	}}
48
49	if ((isset($_SERVER["SCRIPT_FILENAME"]) && strlen($_SERVER["SCRIPT_FILENAME"]) > strlen(basename(__FILE__)) && substr(__FILE__, -1 * strlen($_SERVER["SCRIPT_FILENAME"])) == substr($_SERVER["SCRIPT_FILENAME"], -1 * strlen(__FILE__))) \|\| !defined("GOTMLS_plugin_path")) {
50	+ $file = explode("?", GOTMLS_script_URI."?");
51	+ if (isset($_GET["test"]) && GOTMLS_get_ext($file[0]) == "js") {
52	+ $file = explode("/", $file[0]);
53	+ $file = substr(array_pop($file), 0, -2)."php";
54	+ header("Content-type: text/javascript");
55	+ if (is_file(GOTMLS_plugin_path."safe-load/$file"))
56	+ require_once(GOTMLS_plugin_path."safe-load/$file");
57	+ if (isset($_SESSION["GOTMLS_TEST_SESSION_JS"]))
58	+ $img_bin = $_SESSION["GOTMLS_TEST_SESSION_JS"];
59	+ else
60	+ $img_bin = "/* GOTMLS SESSION NOT SET */";
61	+ $_SESSION["GOTMLS_TEST_SESSION_JS"] = GOTMLS_decode($_GET['test']);
62	+ } else {
63	+ header("Content-type: image/gif");
64	+ $img_src = GOTMLS_local_images_path.'GOTMLS-16x16.gif';
65	+ if (!(file_exists($img_src) && $img_bin = @file_get_contents($img_src)))
66	+ $img_bin = GOTMLS_decode('R0lGODlhEAAQAIABAAAAAP///yH5BAEAAAEALAAAAAAQABAAAAIshB0Qm+eo2HuJNWdrjlFm3S2hKB7kViKaxZmr98YgSo/jzH6tiU0974MADwUAOw==');
67	+ }
68	die($img_bin);
69	} elseif (isset($_GET["no_error_reporting"]))
70	@error_reporting(0);

84	GOTMLS_define("GOTMLS_Automatically_Fix_LANGUAGE", __("Automatically Fix SELECTED Files Now",'gotmls'));
85	GOTMLS_define("GOTMLS_update_images_path", "/wp-content/plugins/update/images/");
86

87	if (isset($_SERVER['HTTP_HOST']))
88	$SERVER_HTTP = 'HOST://'.$_SERVER['HTTP_HOST'];
89	elseif (isset($_SERVER['SERVER_NAME']))

109	$GLOBALS["GOTMLS"]["tmp"]["settings_array"] = array();
110	}
111	GOTMLS_define("GOTMLS_installation_key", md5(GOTMLS_siteurl));

112	if (function_exists("plugins_url"))
113	GOTMLS_define("GOTMLS_images_path", plugins_url('/', __FILE__));
114	elseif (isset($_SERVER["DOCUMENT_ROOT"]) && ($_SERVER["DOCUMENT_ROOT"]) && strlen($_SERVER["DOCUMENT_ROOT"]) < __FILE__ && substr(__FILE__, 0, strlen($_SERVER["DOCUMENT_ROOT"])) == $_SERVER["DOCUMENT_ROOT"])

135	$GOTMLS_scanfiles = array();
136	$GOTMLS_skip_dirs = array(".", "..");
137
138	+ if (isset($_REQEUST['img']) && substr(strtolower($_SERVER["SCRIPT_FILENAME"]), -15) == "/admin-ajax.php" && !in_array(GOTMLS_get_ext($_REQEUST['img']), $GLOBALS["GOTMLS"]["tmp"]["skip_ext"]))
139	include(dirname(__FILE__)."/../safe-load/index.php");
140	if (!(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"]) && count($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"]) == 4))
141	$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"] = array('80px', '40px', '400px', '600px');

592	if (isset($_GET["eli"]) && $_GET["eli"] == "trace" && count($files)) {
593	$tracer_code = "(base64_decode('".base64_encode('if(isset($_SERVER["REMOTE_ADDR"]) && $_SERVER["REMOTE_ADDR"] == "'.$_SERVER["REMOTE_ADDR"].'" && is_file("'.GOTMLS_local_images_path.'../safe-load/trace.php")) {include_once("'.GOTMLS_local_images_path.'../safe-load/trace.php");GOTMLS_debug_trace(__FILE__);}')."'));";
594	foreach ($files as $file)
595	+ if (GOTMLS_get_ext($file) == "php" && $filecontents = @file_get_contents(GOTMLS_trailingslashit($dir).$file))
596	@GOTMLS_file_put_contents(GOTMLS_trailingslashit($dir).$file, preg_replace('/^<\?php(?! eval)/is', '<?php eval'.$tracer_code, $filecontents));
597	}
598	if ($_REQUEST["scan_type"] == "Quick Scan") {

799	$LastScan .= " and ran for $time $unit";
800	} else
801	$LastScan .= " and has not finish";
802	+ if (!isset($_GET['Scanlog']))
803	+ $LastScan .= '<a style="float: right;" href="admin.php?page=GOTMLS-View-Quarantine&Scanlog">'.__("View Scan Log",'gotmls').'</a>';
804	} else
805	$LastScan = "never started ";
806	+ return "Last ".(isset($GOTMLS_scan_log["scan"]["type"])?$GOTMLS_scan_log["scan"]["type"]:"Scan")." $LastScan";
807	}
808
809	function GOTMLS_get_URL($URL) {

index.php CHANGED Viewed

@@ -8,7 +8,7 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
             Contributors: scheeeli, gotmls
             Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
             Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
-            -
            Version: 4.14.54
             */
             if (isset($_SERVER["SCRIPT_FILENAME"]) && strlen($_SERVER["SCRIPT_FILENAME"]) > strlen(basename(__FILE__)) && substr(__FILE__, -1 * strlen($_SERVER["SCRIPT_FILENAME"])) == substr($_SERVER["SCRIPT_FILENAME"], -1 * strlen(__FILE__)))
             	include(dirname(__FILE__)."/safe-load/index.php");
@@ -18,7 +18,7 @@ else
              *           /  /\     GOTMLS Main Plugin File
              *          /  /:/     @package GOTMLS
              *         /__/::\
-            -
             Copyright \__\/\:\__  © 2012-2014 Eli Scheetz (email: eli@gotmls.net)
              *            \  \:\/\
              *             \__\::/ This program is free software; you can redistribute it
              *     ___     /__/:/ and/or modify it under the terms of the GNU General Public
@@ -109,7 +109,7 @@ function GOTMLS_display_header($optional_box = "") {
             	get_currentuserinfo();
             	$GOTMLS_url_parts = explode('/', GOTMLS_siteurl);
             	if (isset($_GET["check_site"]) && $_GET["check_site"] == 1)
-            -
            		echo '<div id="check_site" style="z-index: 1234567;"><img src="'.GOTMLS_images_path.'checked.gif" height=16 width=16 alt="&#x2714;"> '.__("Tested your site. It appears we didn't break anything",'gotmls').' ;-)</div><script type="text/javascript">window.parent.document.getElementById("check_site_warning").style.backgroundColor=\'#0C0\';</script><li>Please <a target="_blank" href="https://wordpress.org/plugins/gotmls/stats/?compatibility%5Bversion%5D='.$wp_version.'&compatibility%5Btopic_version%5D='.GOTMLS_Version.'&compatibility%5Bcompatible%5D=1#compatibility-works">Vote "Works"</a> or <a target="_blank" href="https://wordpress.org/support/view/plugin-reviews/gotmls#postform">write a "Five-Star" Reviews</a> on WordPress.org if you like this plugin.</li><style>#footer, #GOTMLS-metabox-container, #GOTMLS-right-sidebar, #admin-page-container, #wpadminbar, #adminmenuback, #adminmenuwrap, #adminmenu, .error, .updated {display: none !important;} #wpbody-content {padding-bottom: 0;} #wpbody, html.wp-toolbar {padding-top: 0 !important;} #wpcontent, #footer {margin-left: 5px !important;}';
             	else
             		echo '<style>#GOTMLS-right-sidebar {float: right; margin-right: 0px;}';
             	$ver_info = GOTMLS_Version.'&p='.strtoupper(GOTMLS_plugin_dir).'&wp='.$wp_version.'&ts='.date("YmdHis").'&key='.GOTMLS_installation_key.'&d='.ur1encode(GOTMLS_siteurl);
@@ -128,9 +128,11 @@ span.GOTMLS_date {float: right; width: 120px; white-space: nowrap;}
             .rounded-corners {margin: 10px; border-radius: 10px; -moz-border-radius: 10px; -webkit-border-radius: 10px; border: 1px solid #000;}
             .shadowed-box {box-shadow: -3px 3px 3px #666; -moz-box-shadow: -3px 3px 3px #666; -webkit-box-shadow: -3px 3px 3px #666;}
             .sidebar-box {background-color: #CCC;}
             .GOTMLS-sidebar-links {list-style: none;}
             .GOTMLS-sidebar-links li img {margin: 3px; height: 16px; vertical-align: middle;}
-            -
            .GOTMLS-sidebar-links li {margin-bottom: 0 !important}
             .popup-box {background-color: #FFC; display: none; position: absolute; left: 0px; z-index: 10;}
             .shadowed-text {text-shadow: #00F -1px 1px 1px;}
             .sub-option {float: left; margin: 3px 5px;}
@@ -148,8 +150,8 @@ span.GOTMLS_date {float: right; width: 120px; white-space: nowrap;}
             	height: 64px;
             	line-height: 58px;
             	margin: 10px 0 0 0;
-            -
            	max-width: 500px;
-            -
            	padding: 0 10px 0 84px;
+            }
             #main-page-title h1 {
             	background: url("'.$GLOBALS["GOTMLS"]["tmp"]["protocol"].'//gravatar.com/avatar/69ad8428e97469d0dcd64f1f60c07bd8?s=64") no-repeat scroll top right transparent;
@@ -364,7 +366,6 @@ setDiv("div_file");
             <input style="width: 100%;" id="installation_key" type="text" name="installation_key" value="'.GOTMLS_installation_key.'" readonly /><input id="old_key" type="hidden" name="old_key" value="'.md5($GOTMLS_url_parts[2]).'" /></div>
             <input style="width: 100%;" id="wp-submit" type="submit" name="wp-submit" value="Register Now!" /></form></div>', "stuffbox").'
             	<script type="text/javascript">
-            -
            //		stopCheckingUpdates = checkupdateserver("'.$GOTMLS_plugin_home.GOTMLS_update_images_path.'?js='.$ver_info.'", "findUpdates", "'.str_replace("://", "://www.", $GOTMLS_plugin_home).GOTMLS_update_images_path.'?js='.$ver_info.'");
             		function check_for_updates(update_type) {
             			showhide(update_type, true);
             			stopCheckingDefinitions = checkupdateserver("'.$GOTMLS_update_home.$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"].'&js='.$ver_info.'", update_type, "'.str_replace("://", "://www.", $GOTMLS_update_home).$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"].'&js='.$ver_info.'");
@@ -524,9 +525,90 @@ function GOTMLS_box($bTitle, $bContents, $bType = "postbox") {
             	</div>';
+            }
-            -
            function GOTMLS_View_Quarantine() {
             	$entries = GOTMLS_getfiles($GLOBALS["GOTMLS"]["tmp"]["quarantine_dir"]);
-            -
            	GOTMLS_display_header();
             	$Q_Page = '
             	<form method="POST" target="GOTMLS_iFrame" name="GOTMLS_Form_clean"><input type="hidden" id="GOTMLS_fixing" name="GOTMLS_fixing" value="1">';
             	if (is_array($entries) && ($key = array_search(".htaccess", $entries)))
@@ -555,11 +637,24 @@ function GOTMLS_View_Quarantine() {
             				$Q_Page .= '<span class="GOTMLS_date">'.$infectime.'</span><input type="checkbox" name="GOTMLS_fix[]" value="'.GOTMLS_encode($file).'" id="check_'.GOTMLS_encode($file).'" onchange="document.getElementById(\'fix_button\').style.display = \'block\';" /><img src="'.GOTMLS_images_path.'blocked.gif" height=16 width=16 alt="Q">'.preg_replace('/9000px;\&quot;>(.+?)<\/div>/', '9000px;&quot;>\1'.GOTMLS_strip4java(GOTMLS_decode($file_date[count($file_date)-2])).' (Quarantined)</div>', GOTMLS_error_link(__("View Quarantined File",'gotmls'), $file)).str_replace($root_path, "...", GOTMLS_decode($file_date[count($file_date)-2]));
             			} else
             				$Q_Page .= '<img src="'.GOTMLS_images_path.'threat.gif" height=16 width=16 alt="?">'.GOTMLS_error_link(__("Foreign File in Quarantine",'gotmls'), $file).$entry;
-            -
            			$Q_Page .= "</a></li>";
+            		}
             	} else
             		$Q_Page .= '<h3>'.__("No Items in Quarantine",'gotmls').'</h3>';
-            -
            	echo GOTMLS_box(__("Quarantine",'gotmls'), "$Q_Page</ul>\n</form>\n")."\n</div></div></div>";
+            }
             function GOTMLS_settings() {
@@ -952,14 +1047,14 @@ showhide("pause_button", true);'."\n/*<!--*"."/";
             			else
             				$patch_status = 2;
+            		}
-            -
            		$js = urlencode("if(stopSettingSession) clearTimeout(stopSettingSession); if(stopCheckingSession) clearTimeout(stopCheckingSession); showhide('GOTMLS_patch_searching', true); showhide('GOTMLS_patch_searching'); showhide('GOTMLS_patch_button', true);");
             		$sec_opts = '
             		<p><img src="'.GOTMLS_images_path.'checked.gif"><b>Revolution Slider Exploit Protection (Automatically Enabled)</b></p><div style="padding: 0 30px;">'.__("This protection is automatically activated with this plugin because of the widespread attack on WordPress that are affecting so many site right now. It is still recommended that you make sure to upgrade and older versions of the Revolution Slider plugin, especially those included in some themes that will not update automatically. Even if you do not have Revolution Slider on your site it still can't hurt to have this protection installed.",'gotmls').'</div><hr />
             		'.$patch_action.'
             		<form method="POST" name="GOTMLS_Form_patch"><p style="float: right;"><input type="submit" value="'.$patch_attr[$patch_status]["action"].'" style="'.($patch_status?'">':' display: none;" id="GOTMLS_patch_button"><div id="GOTMLS_patch_searching" style="float: right;">'.__("Checking for session compatability ...",'gotmls').' <img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /></div>').'<input type="hidden" name="GOTMLS_patching" value="1"></p><p><img src="'.GOTMLS_images_path.$patch_attr[$patch_status]["icon"].'.gif"><b>Brute-force Protection '.$patch_attr[$patch_status]["status"].'</b></p><div style="padding: 0 30px;"> &nbsp; * '.$patch_attr[$patch_status]["language"].__(" For more information on Brute-Force attack prevention and the WordPress wp-login-php file ",'gotmls').' <a target="_blank" href="http://gotmls.net/tag/wp-login-php/">'.__("read my blog",'gotmls').'</a>.</div></form>
             		<script type="text/javascript">
-            -
            		stopSettingSession = checkupdateserver("'.GOTMLS_images_path.'../safe-load/session.php?js='.$js.'", "GOTMLS_patch_button");
-            -
            		stopCheckingSession = checkupdateserver("'.GOTMLS_images_path.'../safe-load/session.php?js='.$js.'", "GOTMLS_patch_button");
             		</script>';
             		$admin_notice = "";
             		if ($current_user->user_login == "admin") {


8	Contributors: scheeeli, gotmls
9	Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
10	Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
11	+ Version: 4.14.55
12	*/
13	if (isset($_SERVER["SCRIPT_FILENAME"]) && strlen($_SERVER["SCRIPT_FILENAME"]) > strlen(basename(__FILE__)) && substr(__FILE__, -1 * strlen($_SERVER["SCRIPT_FILENAME"])) == substr($_SERVER["SCRIPT_FILENAME"], -1 * strlen(__FILE__)))
14	include(dirname(__FILE__)."/safe-load/index.php");

18	* / /\ GOTMLS Main Plugin File
19	* / /:/ @package GOTMLS
20	* /__/::\
21	+ Copyright \__\/\:\__ © 2012-2015 Eli Scheetz (email: eli@gotmls.net)
22	* \ \:\/\
23	* \__\::/ This program is free software; you can redistribute it
24	* ___ /__/:/ and/or modify it under the terms of the GNU General Public

109	get_currentuserinfo();
110	$GOTMLS_url_parts = explode('/', GOTMLS_siteurl);
111	if (isset($_GET["check_site"]) && $_GET["check_site"] == 1)
112	+ echo '<div id="check_site" style="z-index: 1234567;"><img src="'.GOTMLS_images_path.'checked.gif" height=16 width=16 alt="✔"> '.__("Tested your site. It appears we didn't break anything",'gotmls').' ;-)</div><script type="text/javascript">window.parent.document.getElementById("check_site_warning").style.backgroundColor=\'#0C0\';</script><li>Please <a target="_blank" href="https://wordpress.org/plugins/gotmls/stats/?compatibility%5Bversion%5D='.$wp_version.'&compatibility%5Btopic_version%5D='.GOTMLS_Version.'&compatibility%5Bcompatible%5D=1#compatibility-works">Vote "Works"</a> or <a target="_blank" href="https://wordpress.org/support/view/plugin-reviews/gotmls#postform">write a "Five-Star" Reviews</a> on WordPress.org if you like this plugin.</li><style>#footer, #GOTMLS-metabox-container, #GOTMLS-right-sidebar, #admin-page-container, #wpadminbar, #adminmenuback, #adminmenuwrap, #adminmenu, .error, .updated, .update-nag {display: none !important;} #wpbody-content {padding-bottom: 0;} #wpbody, html.wp-toolbar {padding-top: 0 !important;} #wpcontent, #footer {margin-left: 5px !important;}';
113	else
114	echo '<style>#GOTMLS-right-sidebar {float: right; margin-right: 0px;}';
115	$ver_info = GOTMLS_Version.'&p='.strtoupper(GOTMLS_plugin_dir).'&wp='.$wp_version.'&ts='.date("YmdHis").'&key='.GOTMLS_installation_key.'&d='.ur1encode(GOTMLS_siteurl);

128	.rounded-corners {margin: 10px; border-radius: 10px; -moz-border-radius: 10px; -webkit-border-radius: 10px; border: 1px solid #000;}
129	.shadowed-box {box-shadow: -3px 3px 3px #666; -moz-box-shadow: -3px 3px 3px #666; -webkit-box-shadow: -3px 3px 3px #666;}
130	.sidebar-box {background-color: #CCC;}
131	+ .GOTMLS-scanlog li a {display: none;}
132	+ .GOTMLS-scanlog li:hover a {display: block;}
133	.GOTMLS-sidebar-links {list-style: none;}
134	.GOTMLS-sidebar-links li img {margin: 3px; height: 16px; vertical-align: middle;}
135	+ .GOTMLS-sidebar-links li {margin-bottom: 0 !important;}
136	.popup-box {background-color: #FFC; display: none; position: absolute; left: 0px; z-index: 10;}
137	.shadowed-text {text-shadow: #00F -1px 1px 1px;}
138	.sub-option {float: left; margin: 3px 5px;}

150	height: 64px;
151	line-height: 58px;
152	margin: 10px 0 0 0;
153	+ max-width: 600px;
154	+ padding: 0 110px 0 84px;
155	}
156	#main-page-title h1 {
157	background: url("'.$GLOBALS["GOTMLS"]["tmp"]["protocol"].'//gravatar.com/avatar/69ad8428e97469d0dcd64f1f60c07bd8?s=64") no-repeat scroll top right transparent;

366	<input style="width: 100%;" id="installation_key" type="text" name="installation_key" value="'.GOTMLS_installation_key.'" readonly /><input id="old_key" type="hidden" name="old_key" value="'.md5($GOTMLS_url_parts[2]).'" /></div>
367	<input style="width: 100%;" id="wp-submit" type="submit" name="wp-submit" value="Register Now!" /></form></div>', "stuffbox").'
368	<script type="text/javascript">

369	function check_for_updates(update_type) {
370	showhide(update_type, true);
371	stopCheckingDefinitions = checkupdateserver("'.$GOTMLS_update_home.$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"].'&js='.$ver_info.'", update_type, "'.str_replace("://", "://www.", $GOTMLS_update_home).$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"].'&js='.$ver_info.'");

525	</div>';
526	}
527
528	+ function GOTMLS_get_scanlog() {
529	+ global $wpdb;
530	+ $LastScan = '
531	+ <form method="POST" target="GOTMLS_iFrame" name="GOTMLS_Form_clean"><input type="hidden" id="GOTMLS_fixing" name="GOTMLS_fixing" value="1">';
532	+ if (isset($_GET["GOTMLS_cl"])) {
533	+ $SQL = $wpdb->prepare("DELETE FROM `$wpdb->options` WHERE option_name LIKE %s AND substring_index(option_name, '/', -1) < %s", 'GOTMLS_scan_log/%', $_GET["GOTMLS_cl"]);
534	+ if ($cleared = $wpdb->query($SQL))
535	+ $LastScan .= sprintf(__("Cleared %s records from this log.",'gotmls'), $cleared);
536	+ // else $LastScan .= $wpdb->last_error."<li>$SQL</li>";
537	+ }
538	+ $SQL = "SELECT substring_index(option_name, '/', -1) AS `mt`, option_name, option_value FROM `$wpdb->options` WHERE option_name LIKE 'GOTMLS_scan_log/%' ORDER BY mt DESC";
539	+ if ($rs = $wpdb->get_results($SQL, ARRAY_A)) {
540	+ $units = array("seconds"=>60,"minutes"=>60,"hours"=>24,"days"=>365,"years"=>10);
541	+ $LastScan .= '<ul class="GOTMLS-scanlog GOTMLS-sidebar-links">';
542	+ foreach ($rs as $row) {
543	+ $LastScan .= "\n<li>";
544	+ $GOTMLS_scan_log = (isset($row["option_name"])?get_option($row["option_name"], array()):array());
545	+ if (isset($GOTMLS_scan_log["scan"]["type"]) && strlen($GOTMLS_scan_log["scan"]["type"]))
546	+ $LastScan .= $GOTMLS_scan_log["scan"]["type"];
547	+ else
548	+ $LastScan .= "Unknown scan type";
549	+ if (isset($GOTMLS_scan_log["scan"]["dir"]) && is_dir($GOTMLS_scan_log["scan"]["dir"]))
550	+ $LastScan .= " of ".basename($GOTMLS_scan_log["scan"]["dir"]);
551	+ if (isset($GOTMLS_scan_log["scan"]["start"]) && is_numeric($GOTMLS_scan_log["scan"]["start"])) {
552	+ $time = (time() - $GOTMLS_scan_log["scan"]["start"]);
553	+ $ukeys = array_keys($units);
554	+ for ($unit = $ukeys[0], $key=0; (isset($units[$ukeys[$key]]) && $key < (count($ukeys) - 1) && $time >= $units[$ukeys[$key]]); $unit = $ukeys[++$key])
555	+ $time = floor($time/$units[$ukeys[$key]]);
556	+ if (1 == $time)
557	+ $unit = substr($unit, 0, -1);
558	+ $LastScan .= " started $time $unit ago";
559	+ if (isset($GOTMLS_scan_log["scan"]["finish"]) && is_numeric($GOTMLS_scan_log["scan"]["finish"]) && ($GOTMLS_scan_log["scan"]["finish"] >= $GOTMLS_scan_log["scan"]["start"])) {
560	+ $time = ($GOTMLS_scan_log["scan"]["finish"] - $GOTMLS_scan_log["scan"]["start"]);
561	+ for ($unit = $ukeys[0], $key=0; (isset($units[$ukeys[$key]]) && $key < (count($ukeys) - 1) && $time >= $units[$ukeys[$key]]); $unit = $ukeys[++$key])
562	+ $time = floor($time/$units[$ukeys[$key]]);
563	+ if (1 == $time)
564	+ $unit = substr($unit, 0, -1);
565	+ $LastScan .= " and ran for $time $unit";
566	+ } else
567	+ $LastScan .= " and has not finish";
568	+ } else
569	+ $LastScan .= " failed to started";
570	+ $LastScan .= '<a href="'.GOTMLS_script_URI.'&GOTMLS_cl='.$row["mt"].'">[clear log below this entry]</a></li>';
571	+ }
572	+ $LastScan .= '</ul>';
573	+ } else
574	+ $LastScan = '<h3>'.__("No Scans have been logged",'gotmls').'</h3>';
575	+ return "$LastScan\n</form>\n";
576	+ }
577	+
578	+ function GOTMLS_get_whitelists() {
579	+ $Q_Page = '
580	+ <form method="POST" target="GOTMLS_iFrame" name="GOTMLS_Form_clean"><input type="hidden" id="GOTMLS_fixing" name="GOTMLS_fixing" value="1">';
581	+ if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"])) {
582	+ $Q_Page .= '<ul name="found_Quarantine" id="found_Quarantine" class="GOTMLS_plugin known" style="background-color: #ccc; padding: 0;"><h3>'.__("Globally White-listed files",'gotmls').'<span class="GOTMLS_date">'.__("# of patterns",'gotmls').'</span><span class="GOTMLS_date">'.__("Date Updated",'gotmls').'</span></h3>';
583	+ foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["whitelist"] as $file => $non_threats) {
584	+ if (isset($non_threats[0])) {
585	+ $updated = GOTMLS_sexagesimal($non_threats[0]);
586	+ unset($non_threats[0]);
587	+ } else
588	+ $updated = "Unknown";
589	+ $Q_Page .= '<li style="margin: 4px 12px;"><span class="GOTMLS_date">'.count($non_threats).'</span><span class="GOTMLS_date">'.$updated."</span>$file</li>\n";
590	+ //if (is_array($non_threats) && count($non_threats)) $Q_Page .= print_r($non_threats, 1);
591	+ }
592	+ $Q_Page .= "</ul>";
593	+ }
594	+ if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"])) {
595	+ $Q_Page .= '<ul name="found_Quarantine" id="found_Quarantine" class="GOTMLS_plugin known" style="background-color: #ccc; padding: 0;"><h3>'.__("WP Core files",'gotmls').'<span class="GOTMLS_date">'.__("# of patterns",'gotmls').'</span><span class="GOTMLS_date">'.__("Date Updated",'gotmls').'</span></h3>';
596	+ foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"] as $file => $non_threats) {
597	+ if (isset($non_threats[0])) {
598	+ $updated = GOTMLS_sexagesimal($non_threats[0]);
599	+ unset($non_threats[0]);
600	+ } else
601	+ $updated = "Unknown";
602	+ $Q_Page .= "\n<li><span class=\"GOTMLS_date\">".count($non_threats)."</span><span class=\"GOTMLS_date\">$updated</span>$file</li>";
603	+ if (is_array($non_threats) && count($non_threats)) $Q_Page .= print_r($non_threats, 1);
604	+ }
605	+ $Q_Page .= "</ul>";
606	+ }
607	+ return "$Q_Page\n</form>\n";
608	+ }
609	+
610	+ function GOTMLS_get_quarantine() {
611	$entries = GOTMLS_getfiles($GLOBALS["GOTMLS"]["tmp"]["quarantine_dir"]);

612	$Q_Page = '
613	<form method="POST" target="GOTMLS_iFrame" name="GOTMLS_Form_clean"><input type="hidden" id="GOTMLS_fixing" name="GOTMLS_fixing" value="1">';
614	if (is_array($entries) && ($key = array_search(".htaccess", $entries)))

637	$Q_Page .= '<span class="GOTMLS_date">'.$infectime.'</span><input type="checkbox" name="GOTMLS_fix[]" value="'.GOTMLS_encode($file).'" id="check_'.GOTMLS_encode($file).'" onchange="document.getElementById(\'fix_button\').style.display = \'block\';" /><img src="'.GOTMLS_images_path.'blocked.gif" height=16 width=16 alt="Q">'.preg_replace('/9000px;\">(.+?)<\/div>/', '9000px;">\1'.GOTMLS_strip4java(GOTMLS_decode($file_date[count($file_date)-2])).' (Quarantined)</div>', GOTMLS_error_link(__("View Quarantined File",'gotmls'), $file)).str_replace($root_path, "...", GOTMLS_decode($file_date[count($file_date)-2]));
638	} else
639	$Q_Page .= '<img src="'.GOTMLS_images_path.'threat.gif" height=16 width=16 alt="?">'.GOTMLS_error_link(__("Foreign File in Quarantine",'gotmls'), $file).$entry;
640	+ $Q_Page .= "</a></li>\n";
641	}
642	+ $Q_Page .= "\n</ul>";
643	} else
644	$Q_Page .= '<h3>'.__("No Items in Quarantine",'gotmls').'</h3>';
645	+ return "$Q_Page\n</form>\n";
646	+ }
647	+
648	+ function GOTMLS_View_Quarantine() {
649	+ GOTMLS_display_header();
650	+ echo GOTMLS_box($Q_Page = __("White-lists",'gotmls'), GOTMLS_get_whitelists());
651	+ if (!isset($_GET['Whitelists']))
652	+ echo "\n<script>\nshowhide('inside_".md5($Q_Page)."');\n</script>\n";
653	+ echo GOTMLS_box($Q_Page = __("Quarantine",'gotmls'), GOTMLS_get_quarantine());
654	+ if (isset($_GET['Scanlog']))
655	+ echo "\n<script>\nshowhide('inside_".md5($Q_Page)."');\n</script>\n";
656	+ echo GOTMLS_box(__("Scan Logs",'gotmls'), GOTMLS_get_scanlog());
657	+ echo "\n</div></div></div>";
658	}
659
660	function GOTMLS_settings() {

1047	else
1048	$patch_status = 2;
1049	}
1050	+ $js = GOTMLS_encode("\nif(stopSettingSession)\n\tclearTimeout(stopSettingSession);\nif(stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\nshowhide('GOTMLS_patch_searching', true);\nshowhide('GOTMLS_patch_searching');\nshowhide('GOTMLS_patch_button', true);\n");
1051	$sec_opts = '
1052	<p><img src="'.GOTMLS_images_path.'checked.gif"><b>Revolution Slider Exploit Protection (Automatically Enabled)</b></p><div style="padding: 0 30px;">'.__("This protection is automatically activated with this plugin because of the widespread attack on WordPress that are affecting so many site right now. It is still recommended that you make sure to upgrade and older versions of the Revolution Slider plugin, especially those included in some themes that will not update automatically. Even if you do not have Revolution Slider on your site it still can't hurt to have this protection installed.",'gotmls').'</div><hr />
1053	'.$patch_action.'
1054	<form method="POST" name="GOTMLS_Form_patch"><p style="float: right;"><input type="submit" value="'.$patch_attr[$patch_status]["action"].'" style="'.($patch_status?'">':' display: none;" id="GOTMLS_patch_button"><div id="GOTMLS_patch_searching" style="float: right;">'.__("Checking for session compatability ...",'gotmls').' <img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /></div>').'<input type="hidden" name="GOTMLS_patching" value="1"></p><p><img src="'.GOTMLS_images_path.$patch_attr[$patch_status]["icon"].'.gif"><b>Brute-force Protection '.$patch_attr[$patch_status]["status"].'</b></p><div style="padding: 0 30px;">   * '.$patch_attr[$patch_status]["language"].__(" For more information on Brute-Force attack prevention and the WordPress wp-login-php file ",'gotmls').' <a target="_blank" href="http://gotmls.net/tag/wp-login-php/">'.__("read my blog",'gotmls').'</a>.</div></form>
1055	<script type="text/javascript">
1056	+ stopSettingSession = checkupdateserver("'.GOTMLS_images_path.'session.js?test='.$js.'", "GOTMLS_patch_button");
1057	+ stopCheckingSession = checkupdateserver("'.GOTMLS_images_path.'session.js?test='.$js.'", "GOTMLS_patch_button");
1058	</script>';
1059	$admin_notice = "";
1060	if ($current_user->user_login == "admin") {

readme.txt CHANGED Viewed

	@@ -5,8 +5,8 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
5	Contributors: scheeeli, gotmls
6	Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
7	Tags: anti-malware, security, plugin, scan, automatic, repair, remove, malware, virus, threat, hacked, malicious, scripts, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
8	- Version: 4.14.54
9	- Stable tag: 4.14.54
10	Requires at least: 3.3
11	Tested up to: 4.1
12
	@@ -24,7 +24,7 @@ This Anti-Malware plugin searches for Malware and other Virus like threats and s
24	* Run a Complete Scan from the Settings Page.
25	* Download Definition Updates to protect against new threats.
26
27	- Updated ~~December~~ ~~30th~~
28
29	Register this plugin at [GOTMLS.NET](http://gotmls.net/) and get access to new definitions of "Known Threats" and added features like Automatic Removal, plus patches for specific security vulnerabilities like old versions of timthumb. Updated definition files can be downloaded automatically within the admin once your Key is registered. Otherwise, this plugin just scans for "Potential Threats" and leaves it up to you to identify and remove the malicious ones.
30
	@@ -89,11 +89,16 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
89
90	== Changelog ==
91





92	= 4.14.54 =
93	* Added option to skip scanning the Quarantined files.
94	* Updated Brute-Force patch to fix the problem of being included more that once.
95	* Fixed a few minor bugs (better window positioning and css, cleaner results page, updated new help tab, etc.).
96	- Made sure that the plugin does not check my servers for updates unless you have registered (this opt-in requirement is part of the WordPress Repository Guidelines).
97
98	= 4.14.52 =
99	* Added exception for the social.png files to the skip files by extension list.
	@@ -283,6 +288,9 @@ Made sure that the plugin does not check my servers for updates unless you have
283
284	== Upgrade Notice ==
285



286	= 4.14.54 =
287	Added option to skip scanning the Quarantine, updated Brute-Force patch, and fixed a few minor bugs.
288


5	Contributors: scheeeli, gotmls
6	Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
7	Tags: anti-malware, security, plugin, scan, automatic, repair, remove, malware, virus, threat, hacked, malicious, scripts, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
8	+ Version: 4.14.55
9	+ Stable tag: 4.14.55
10	Requires at least: 3.3
11	Tested up to: 4.1
12

24	* Run a Complete Scan from the Settings Page.
25	* Download Definition Updates to protect against new threats.
26
27	+ Updated January 17th
28
29	Register this plugin at [GOTMLS.NET](http://gotmls.net/) and get access to new definitions of "Known Threats" and added features like Automatic Removal, plus patches for specific security vulnerabilities like old versions of timthumb. Updated definition files can be downloaded automatically within the admin once your Key is registered. Otherwise, this plugin just scans for "Potential Threats" and leaves it up to you to identify and remove the malicious ones.
30

89
90	== Changelog ==
91
92	+ = 4.14.55 =
93	+ * Added link to view a simple scan history on the Quarantine page.
94	+ * Updated firewall to better protect agains new variations of the RevSlider Exploit.
95	+ * Improved check for session support before giving the option to Install Brute-Force patch.
96	+
97	= 4.14.54 =
98	* Added option to skip scanning the Quarantined files.
99	* Updated Brute-Force patch to fix the problem of being included more that once.
100	* Fixed a few minor bugs (better window positioning and css, cleaner results page, updated new help tab, etc.).
101	+ * Made sure that the plugin does not check my servers for updates unless you have registered (this opt-in requirement is part of the WordPress Repository Guidelines).
102
103	= 4.14.52 =
104	* Added exception for the social.png files to the skip files by extension list.

288
289	== Upgrade Notice ==
290
291	+ = 4.14.55 =
292	+ Added link to scan history, improved check for session support before giving installing Brute-Force patch, and updated firewall to better protect agains the RevSlider Exploit.
293	+
294	= 4.14.54 =
295	Added option to skip scanning the Quarantine, updated Brute-Force patch, and fixed a few minor bugs.
296

safe-load/.htaccess ADDED Viewed

	@@ -0,0 +1,8 @@


1	+ # BEGIN WordPress
2	+ <IfModule mod_rewrite.c>
3	+ RewriteEngine On
4	+ RewriteCond %{REQUEST_FILENAME} !-f
5	+ RewriteCond %{REQUEST_FILENAME} !-d
6	+ RewriteRule . index.php [L]
7	+ </IfModule>
8	+ # END WordPress

safe-load/index.php CHANGED Viewed

	@@ -12,5 +12,5 @@ foreach (array("REMOTE_ADDR", "HTTP_HOST", "REQUEST_URI", "HTTP_REFERER", "HTTP_
12	$_SESSION["GOTMLS_detected_attacks"] .= (isset($_SERVER[$var])?"&SERVER_$var=".urlencode($_SERVER[$var]):"");
13	foreach (array("log") as $var)
14	$_SESSION["GOTMLS_detected_attacks"] .= (isset($_POST[$var])?"&POST_$var=".urlencode($_POST[$var]):"");
15	- header("location: http://safe-load.gotmls.net/report.php?ver=4.14.54".$_SESSION["GOTMLS_detected_attacks"]);
16	die();


12	$_SESSION["GOTMLS_detected_attacks"] .= (isset($_SERVER[$var])?"&SERVER_$var=".urlencode($_SERVER[$var]):"");
13	foreach (array("log") as $var)
14	$_SESSION["GOTMLS_detected_attacks"] .= (isset($_POST[$var])?"&POST_$var=".urlencode($_POST[$var]):"");
15	+ header("location: http://safe-load.gotmls.net/report.php?ver=4.14.55".$_SESSION["GOTMLS_detected_attacks"]);
16	die();

safe-load/session.php CHANGED Viewed

@@ -13,13 +13,3 @@ if (isset($_SESSION["GOTMLS_SESSION_TIME"]))
             else
             	$_SESSION["GOTMLS_SESSION_LAST"] = 0;
             $_SESSION["GOTMLS_SESSION_TIME"] = GOTMLS_SESSION_TIME;
-            -
            if (isset($_SERVER["SCRIPT_FILENAME"]) && strlen($_SERVER["SCRIPT_FILENAME"]) > strlen(basename(__FILE__)) && substr(__FILE__, -1 * strlen($_SERVER["SCRIPT_FILENAME"])) == substr($_SERVER["SCRIPT_FILENAME"], -1 * strlen(__FILE__)) && isset($_GET) && is_array($_GET) && count($_GET) == 1) {
-            -
            	foreach ($_GET as $key => $val) {
-            -
            		if (isset($_SESSION["$key"]))
-            -
            			echo $_SESSION["$key"];
-            -
            		if (get_magic_quotes_gpc())
-            -
            			$_SESSION["$key"] = stripslashes($val);
-            -
            		else
-            -
            			$_SESSION["$key"] = $val;
-            -
            	}
-            -
            }

             else
             	$_SESSION["GOTMLS_SESSION_LAST"] = 0;
             $_SESSION["GOTMLS_SESSION_TIME"] = GOTMLS_SESSION_TIME;

Anti-Malware Security and Brute-Force Firewall - Version 4.14.55

Version Description

Release Info

Code changes from version 4.14.54 to 4.14.55