Version Description
- Added a link to purge the deleted Quarantine items from the database.
- Added firewall option to Block all XMLRPC calls.
- Fixed a few cosmetic bugs in the quarantine and firewall options.
Download this release
Release Info
Developer | scheeeli |
Plugin | Anti-Malware Security and Brute-Force Firewall |
Version | 4.15.30 |
Comparing to | |
See all releases |
Code changes from version 4.15.29 to 4.15.30
- images/index.php +3 -4
- index.php +97 -51
- languages/gotmls.pot +24 -7
- readme.txt +11 -3
images/index.php
CHANGED
@@ -68,7 +68,7 @@ if (isset($_GET["SESSION"]) && is_numeric($_GET["SESSION"]) && preg_match('|(.*?
|
|
68 |
if (is_file(GOTMLS_plugin_path."safe-load/session.php"))
|
69 |
require_once(GOTMLS_plugin_path."safe-load/session.php");
|
70 |
if (isset($_SESSION["GOTMLS_SESSION_TEST"]))
|
71 |
-
die("/* GOTMLS SESSION PASS */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\nshowhide('GOTMLS_patch_searching', true);\nif (autoUpdateDownloadGIF = document.getElementById('autoUpdateDownload'))\n\tdonationAmount = autoUpdateDownloadGIF.src.replace(/^.+\?/,'');\nif ((autoUpdateDownloadGIF.src == donationAmount) || donationAmount=='0') {\n\tif (patch_searching_div = document.getElementById('GOTMLS_patch_searching')) {\n\t\tif (autoUpdateDownloadGIF.src == donationAmount)\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".__("You must register and
|
72 |
else {
|
73 |
$_SESSION["GOTMLS_SESSION_TEST"] = $_GET["SESSION"] + 1;
|
74 |
if ($_GET["SESSION"] > 0)
|
@@ -578,9 +578,8 @@ function GOTMLS_write_quarantine($file, $className) {
|
|
578 |
}
|
579 |
|
580 |
function GOTMLS_get_current_user_id() {
|
581 |
-
global $current_user;
|
582 |
$return = 1;
|
583 |
-
if (($current_user = @
|
584 |
$return = $current_user->ID;
|
585 |
return $return;
|
586 |
}
|
@@ -698,7 +697,7 @@ if (!function_exists('ur1encode')) { function ur1encode($url) {
|
|
698 |
}}
|
699 |
|
700 |
function GOTMLS_strip4java($item) {
|
701 |
-
return preg_replace("/\\\\/", "\\\\\\\\",
|
702 |
}
|
703 |
|
704 |
function GOTMLS_error_link($errorTXT, $file = "", $class = "errors") {
|
68 |
if (is_file(GOTMLS_plugin_path."safe-load/session.php"))
|
69 |
require_once(GOTMLS_plugin_path."safe-load/session.php");
|
70 |
if (isset($_SESSION["GOTMLS_SESSION_TEST"]))
|
71 |
+
die("/* GOTMLS SESSION PASS */\nif('undefined' != typeof stopCheckingSession && stopCheckingSession)\n\tclearTimeout(stopCheckingSession);\nshowhide('GOTMLS_patch_searching', true);\nif (autoUpdateDownloadGIF = document.getElementById('autoUpdateDownload'))\n\tdonationAmount = autoUpdateDownloadGIF.src.replace(/^.+\?/,'');\nif ((autoUpdateDownloadGIF.src == donationAmount) || donationAmount=='0') {\n\tif (patch_searching_div = document.getElementById('GOTMLS_patch_searching')) {\n\t\tif (autoUpdateDownloadGIF.src == donationAmount)\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".__("You must register and donate to use this feature!",'gotmls')."</span>';\n\t\telse\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".__("This feature is available to those who have donated!",'gotmls')."</span>';\n\t}\n} else {\n\tshowhide('GOTMLS_patch_searching');\n\tshowhide('GOTMLS_patch_button', true);\n}\n");
|
72 |
else {
|
73 |
$_SESSION["GOTMLS_SESSION_TEST"] = $_GET["SESSION"] + 1;
|
74 |
if ($_GET["SESSION"] > 0)
|
578 |
}
|
579 |
|
580 |
function GOTMLS_get_current_user_id() {
|
|
|
581 |
$return = 1;
|
582 |
+
if (($current_user = @wp_get_current_user()) && (@$current_user->ID > 1))
|
583 |
$return = $current_user->ID;
|
584 |
return $return;
|
585 |
}
|
697 |
}}
|
698 |
|
699 |
function GOTMLS_strip4java($item) {
|
700 |
+
return preg_replace("/\\\\/", "\\\\\\\\", str_replace("'", "'+\"'\"+'", preg_replace('/\\+n|\\+r|\n|\r|\0/', "", $item)));
|
701 |
}
|
702 |
|
703 |
function GOTMLS_error_link($errorTXT, $file = "", $class = "errors") {
|
index.php
CHANGED
@@ -8,7 +8,7 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
|
|
8 |
Contributors: scheeeli, gotmls
|
9 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
|
10 |
Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
|
11 |
-
Version: 4.15.
|
12 |
*/
|
13 |
if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)))
|
14 |
include(dirname(__FILE__)."/safe-load/index.php");
|
@@ -623,45 +623,53 @@ function GOTMLS_get_whitelists() {
|
|
623 |
}
|
624 |
|
625 |
function GOTMLS_get_quarantine($only = false) {
|
626 |
-
global $wpdb, $
|
627 |
-
if (!isset($GLOBALS["GOTMLS"]["tmp"]["quarantine_dir"])) {
|
628 |
-
if (
|
629 |
-
$
|
630 |
-
|
631 |
-
|
632 |
-
|
633 |
-
|
634 |
-
$
|
635 |
-
|
636 |
-
|
637 |
-
|
638 |
-
if (
|
639 |
-
|
640 |
-
|
641 |
-
$insert["comment_count"] =
|
642 |
-
|
643 |
-
|
644 |
-
|
645 |
-
|
646 |
-
|
647 |
-
|
648 |
-
$
|
649 |
-
|
650 |
-
$
|
651 |
-
|
652 |
-
|
653 |
-
|
654 |
-
$insert["
|
655 |
-
|
656 |
-
|
657 |
-
|
658 |
-
|
659 |
-
|
|
|
|
|
|
|
|
|
660 |
}
|
661 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
662 |
}
|
663 |
-
if (basename($GLOBALS["GOTMLS"]["tmp"]["quarantine_dir"]) == "quarantine")
|
664 |
-
rmdir($GLOBALS["GOTMLS"]["tmp"]["quarantine_dir"]);
|
665 |
}
|
666 |
if (is_numeric($only))
|
667 |
return get_post($only, ARRAY_A);
|
@@ -691,20 +699,22 @@ function GOTMLS_get_quarantine($only = false) {
|
|
691 |
} else
|
692 |
$Q_Page .= '<h3>'.__("No Items in Quarantine",'gotmls').'</h3>';
|
693 |
wp_reset_query();
|
694 |
-
return "$Q_Paged\n</form><br style=\"clear: left;\" />\n$Q_Page\n</form>\n$Q_Paged\n</form><br style=\"clear: left;\" />\n";
|
|
|
|
|
|
|
695 |
}
|
696 |
|
697 |
function GOTMLS_View_Quarantine() {
|
698 |
GOTMLS_update_definitions();
|
699 |
-
|
700 |
-
echo GOTMLS_box($Q_Page = __("White-lists",'gotmls'), GOTMLS_get_whitelists());
|
701 |
if (!isset($_GET['Whitelists']))
|
702 |
-
echo "\n<script>\nshowhide('inside_".md5($Q_Page)."');\n</script>\n";
|
703 |
-
echo GOTMLS_box($Q_Page = __("Quarantine",'gotmls'), GOTMLS_get_quarantine());
|
704 |
if (isset($_GET['Scanlog']))
|
705 |
-
echo "\n<script>\nshowhide('inside_".md5($Q_Page)."');\n</script>\n";
|
706 |
-
|
707 |
-
echo "\n</div></div></div>";
|
708 |
}
|
709 |
|
710 |
function GOTMLS_update_definitions() {
|
@@ -871,7 +881,7 @@ function GOTMLS_settings() {
|
|
871 |
'.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" placeholder="'.__("a comma separated list of file extentions to skip",'gotmls').'" name="exclude_ext" id="exclude_ext" value="'.implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]).'" style="width: 100%;" /'.$gt.$lt.'/div'.$gt.'
|
872 |
'.$lt.'p'.$gt.$lt.'b'.$gt.__("Skip directories with the following names:",'gotmls').$lt.'/b'.$gt.$lt.'/p'.$gt.'
|
873 |
'.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" placeholder="'.__("a folder name or comma separated list of folder names to skip",'gotmls').'" name="exclude_dir" value="'.implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"]).'" style="width: 100%;" /'.$gt.$lt.'/div'.$gt.'
|
874 |
-
'.$lt.'table style="width: 100%" cellspacing="10"'.$gt.$lt.'tr'.$gt.$lt.'td nowrap valign="top" style="white-space: nowrap; width: 1px;
|
875 |
@ob_start();
|
876 |
$OB_default_handlers = array("default output handler", "zlib output compression");
|
877 |
$OB_handlers = @ob_list_handlers();
|
@@ -1121,9 +1131,32 @@ showhide("pause_button", true);'."\n/*{$lt}!--*"."/";
|
|
1121 |
"icon" => "threat"
|
1122 |
)
|
1123 |
);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1124 |
$patch_status = 0;
|
1125 |
$patch_found = -1;
|
1126 |
-
$patch_action = "";
|
1127 |
$find = "#if\s*\(([^\&]+\&\&)?\s*file_exists\((.+?)(safe-load|wp-login)\.php'\)\)\s*require(_once)?\((.+?)(safe-load|wp-login)\.php'\);#";
|
1128 |
$head = str_replace(array('#', '\\(', '\\)', '(_once)?', ')\\.', '\\s*', '(.+?)(', '|', '([^\\&]+\\&\\&)?'), array(' ', '(', ')', '_once', '.', ' ', '\''.dirname(__FILE__).'/', '/', '!in_array($_SERVER["REMOTE_ADDR"], array("'.$_SERVER["REMOTE_ADDR"].'")) &&'), $find);
|
1129 |
if (is_file(ABSPATH.'wp-config.php')) {
|
@@ -1158,7 +1191,7 @@ showhide("pause_button", true);'."\n/*{$lt}!--*"."/";
|
|
1158 |
}
|
1159 |
$sec_opts = $lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt.'b'.$gt.'Revolution Slider Exploit Protection (Automatically Enabled)'.$lt.'/b'.$gt.$lt.'/p'.$gt.__("This protection is automatically activated with this plugin because of the widespread attack on WordPress that are affecting so many site right now. It is still recommended that you make sure to upgrade and older versions of the Revolution Slider plugin, especially those included in some themes that will not update automatically. Even if you do not have Revolution Slider on your site it still can't hurt to have this protection installed.",'gotmls').$lt.'/div'.$gt.$lt.'hr /'.$gt.'
|
1160 |
'.$patch_action.'
|
1161 |
-
'.$lt.'form method="POST" name="GOTMLS_Form_patch"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="submit" value="'.$patch_attr[$patch_status]["action"].'" style="'.($patch_status?'"'.$gt:' display: none;" id="GOTMLS_patch_button"'.$gt.$lt.'div id="GOTMLS_patch_searching" style="float: right;"'.$gt.__("Checking for session compatibility ...",'gotmls').' '.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /'.$gt.$lt.'/div'.$gt).$lt.'input type="hidden" name="GOTMLS_patching" value="1"'.$gt.$lt.'/div'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.$patch_attr[$patch_status]["icon"].'.gif"'.$gt.$lt.'b'.$gt.'Brute-force Protection '.$patch_attr[$patch_status]["status"].$lt.'/b'.$gt.$lt.'/p'.$gt
|
1162 |
$admin_notice = "";
|
1163 |
if ($current_user->user_login == "admin") {
|
1164 |
if (isset($_POST["GOTMLS_admin_username"]) && ("admin" != trim($_POST["GOTMLS_admin_username"])) && strlen(trim($_POST["GOTMLS_admin_username"])) && preg_match('/^\s*[a-z_0-9\@\.\-]{3,}\s*$/i', $_POST["GOTMLS_admin_username"])) {
|
@@ -1268,6 +1301,18 @@ if (curDiv = window.parent.document.getElementById("div_file")) {
|
|
1268 |
}
|
1269 |
add_action('wp_ajax_GOTMLS_position', 'GOTMLS_ajax_position');
|
1270 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1271 |
function GOTMLS_ajax_whitelist() {
|
1272 |
if (isset($_POST['GOTMLS_whitelist']) && isset($_POST['GOTMLS_chksum'])) {
|
1273 |
$file = GOTMLS_decode($_POST['GOTMLS_whitelist']);
|
@@ -1296,7 +1341,7 @@ function GOTMLS_ajax_fix() {
|
|
1296 |
if (isset($_REQUEST["GOTMLS_fix"]) && is_array($_REQUEST["GOTMLS_fix"]) && isset($_REQUEST["GOTMLS_fixing"]) && $_REQUEST["GOTMLS_fixing"]) {
|
1297 |
GOTMLS_update_scan_log(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
|
1298 |
$callAlert = "clearTimeout(callAlert);\ncallAlert=setTimeout('alert_repaired(1)', 30000);";
|
1299 |
-
$li_js = "\n<script type=\"text/javascript\">\nvar callAlert;\nfunction alert_repaired(failed) {\nclearTimeout(callAlert);\nif (failed)\nfilesFailed='the rest, try again to change more.';\nwindow.parent.check_for_donation('Changed '+filesFixed+' files, failed to change '+filesFailed);\n}\n$callAlert\nwindow.parent.showhide('GOTMLS_iFrame', true);\nfilesFixed=0;\nfilesFailed=0;\nfunction fixedFile(file) {\n filesFixed++;\nif (li_file = window.parent.document.getElementById('check_'+file))\n\tli_file.checked=false;\nif (li_file = window.parent.document.getElementById('list_'+file))\n\tli_file.className='GOTMLS_plugin';\nif (li_file = window.parent.document.getElementById('GOTMLS_quarantine_'+file)) {\n\tli_file.style.display='none';\n\tli_file.innerHTML='';\n\t}\n}\nfunction DeletedFile(file) {\n filesFixed++;\
|
1300 |
@set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] * 2);
|
1301 |
$HTML = explode("split-here-for-content", GOTMLS_html_tags(array("html" => array("body" => "split-here-for-content"))));
|
1302 |
echo $HTML[0];
|
@@ -1411,7 +1456,7 @@ function GOTMLS_ajax_scan() {
|
|
1411 |
}
|
1412 |
}
|
1413 |
window.parent.showhide("GOTMLS_iFrame", true);
|
1414 |
-
</script><table style="top: 0px; left: 0px; width: 100%; height: 100%; position: absolute;"><tr><td style="width: 100%"><form style="margin: 0;" method="post" action="'.admin_url('admin-ajax.php').'" onsubmit="return confirm(\''.__("Are you sure you want to delete this file from the quarantine?",'gotmls').'\');"><input type="hidden" name="GOTMLS_fix[]" value="'.$Q_post["ID"].'"><input type="hidden" name="GOTMLS_fixing" value="2"><input type="hidden" name="action" value="GOTMLS_fix"><input type="submit" value="DELETE from Quarantine" style="background-color: #C00; float: right;"></form><div id="fileperms" class="shadowed-box rounded-corners" style="display: none; position: absolute; left: 8px; top: 29px; background-color: #ccc; border: medium solid #C00; box-shadow: -3px 3px 3px #666; border-radius: 10px; padding: 10px;"><b>File Details</b><br />encoding: '.mb_detect_encoding($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'<br />size: '.strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).' bytes<br />infected:'.$Q_post["post_modified_gmt"].'<br />quarantined:'.$Q_post["post_date_gmt"].'</div><div style="overflow: auto;"><span onmouseover="document.getElementById(\'fileperms\').style.display=\'block\';" onmouseout="document.getElementById(\'fileperms\').style.display=\'none\';">'.__("File Details:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"])).'</textarea></td></tr></table>');
|
1415 |
} else
|
1416 |
die(GOTMLS_html_tags(array("html" => array("body" => __("This file no longer exists in the quarantine.",'gotmls')."<br />\n<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\n</script>"))));
|
1417 |
} else {
|
@@ -1473,7 +1518,7 @@ function GOTMLS_ajax_scan() {
|
|
1473 |
}
|
1474 |
}
|
1475 |
window.parent.showhide("GOTMLS_iFrame", true);
|
1476 |
-
</script><table style="top: 0px; left: 0px; width: 100%; height: 100%; position: absolute;"><tr><td style="width: 100%"><form style="margin: 0;" method="post" action="'.admin_url('admin-ajax.php').'" onsubmit="return confirm(\''.__("Are you sure this file is not infected and you want to ignore it in future scans?",'gotmls').'\');"><input type="hidden" name="GOTMLS_whitelist" value="'.GOTMLS_encode($file).'"><input type="hidden" name="action" value="GOTMLS_whitelist"><input type="hidden" name="GOTMLS_chksum" value="'.md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'O'.GOTMLS_installation_key.'"><input type="submit" value="Whitelist this file" style="float: right;"></form><div id="fileperms" class="shadowed-box rounded-corners" style="display: none; position: absolute; left: 8px; top: 29px; background-color: #ccc; border: medium solid #C00; box-shadow: -3px 3px 3px #666; border-radius: 10px; padding: 10px;"><b>File Details</b><br />encoding: '.mb_detect_encoding($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'<br />size: '.strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).' ('.filesize($file).'bytes)<br />permissions: '.GOTMLS_fileperms($file).'<br />modified:'.date(" Y-m-d H:i:s ", filemtime($file)).'<br />changed:'.date(" Y-m-d H:i:s ", filectime($file)).'</div><div style="overflow: auto;"><span onmouseover="document.getElementById(\'fileperms\').style.display=\'block\';" onmouseout="document.getElementById(\'fileperms\').style.display=\'none\';">'.__("Potential threats in file:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"])).'</textarea></td></tr></table>');
|
1477 |
}
|
1478 |
}
|
1479 |
}
|
@@ -1489,6 +1534,7 @@ add_action('wp_ajax_nopriv_GOTMLS_scan', 'GOTMLS_ajax_nopriv');
|
|
1489 |
add_action('wp_ajax_nopriv_GOTMLS_position', 'GOTMLS_ajax_nopriv');
|
1490 |
add_action('wp_ajax_nopriv_GOTMLS_fix', 'GOTMLS_ajax_nopriv');
|
1491 |
add_action('wp_ajax_nopriv_GOTMLS_whitelist', 'GOTMLS_ajax_nopriv');
|
|
|
1492 |
|
1493 |
add_action("in_plugin_update_message-gotmls/index.php", "GOTMLS_in_plugin_update_message");
|
1494 |
add_filter("plugin_row_meta", "GOTMLS_set_plugin_row_meta", 1, 2);
|
8 |
Contributors: scheeeli, gotmls
|
9 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
|
10 |
Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
|
11 |
+
Version: 4.15.30
|
12 |
*/
|
13 |
if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)))
|
14 |
include(dirname(__FILE__)."/safe-load/index.php");
|
623 |
}
|
624 |
|
625 |
function GOTMLS_get_quarantine($only = false) {
|
626 |
+
global $wpdb, $post;
|
627 |
+
if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["quarantine_dir"]) || $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["quarantine_dir"]) {
|
628 |
+
if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["quarantine_dir"])) {
|
629 |
+
if (($upload = wp_upload_dir()) && isset($upload['basedir']))
|
630 |
+
$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["quarantine_dir"] = str_replace("/", GOTMLS_slash(), GOTMLS_trailingslashit($upload['basedir'])).'quarantine';
|
631 |
+
else
|
632 |
+
$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["quarantine_dir"] = false;
|
633 |
+
}
|
634 |
+
if (isset($_GET["page"]) && substr($_GET["page"], 0, 6) == "GOTMLS" && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["quarantine_dir"] && is_dir($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["quarantine_dir"])) {
|
635 |
+
$entries = GOTMLS_getfiles($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["quarantine_dir"]);
|
636 |
+
if (is_array($entries) && count($entries)) {
|
637 |
+
foreach ($entries as $entry) {
|
638 |
+
if (is_file($file = GOTMLS_trailingslashit($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["quarantine_dir"]).$entry)) {
|
639 |
+
if (GOTMLS_get_ext($entry) == "gotmls" && ($GLOBALS["GOTMLS"]["tmp"]["file_contents"] = @file_get_contents($file))) {
|
640 |
+
$insert = array("post_author"=>GOTMLS_get_current_user_id(), "ping_status"=>"imported", "post_status"=>"private", "post_type"=>"GOTMLS_quarantine", "post_content"=>GOTMLS_encode($GLOBALS["GOTMLS"]["tmp"]["file_contents"]), "post_mime_type"=>md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"]), "guid"=>"Unknown");//! comment_status post_password post_name to_ping post_parent menu_order";
|
641 |
+
if (!($insert["comment_count"] = @filesize($file)))
|
642 |
+
$insert["comment_count"] = strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]);
|
643 |
+
$file_date = explode(".", $entry);
|
644 |
+
$insert["post_date"] = date("Y-m-d H:i:s", filemtime($file));
|
645 |
+
$insert["post_date_gmt"] = $insert["post_date"];
|
646 |
+
$insert["post_modified"] = $insert["post_date"];
|
647 |
+
$match = '/^(20)?([0-5][0-9])[\-: \/]*(0*[1-9]|1[0-2])[\-: \/]*(0*[1-9]|[12][0-9]|3[01])[\-: \/]*([0-5][0-9])[\-: \/]*([0-5][0-9])$/';
|
648 |
+
if (count($file_date) > 2 && strlen($file_date[0]) == 5 && preg_match($match, GOTMLS_sexagesimal($file_date[0])))
|
649 |
+
$insert["post_modified"] = GOTMLS_sexagesimal($file_date[0]).":00";
|
650 |
+
elseif (count($file_date) > 3 && strlen($file_date[1]) == 5 && preg_match($match, GOTMLS_sexagesimal($file_date[1])))
|
651 |
+
$insert["post_modified"] = GOTMLS_sexagesimal($file_date[1]).":00";
|
652 |
+
$insert["post_modified_gmt"] = $insert["post_modified"];
|
653 |
+
$insert["post_title"] = GOTMLS_decode($file_date[count($file_date)-2]);
|
654 |
+
if (is_file($insert["post_title"]) && ($GLOBALS["GOTMLS"]["tmp"]["new_contents"] = file_get_contents($insert["post_title"])))
|
655 |
+
$insert["post_content_filtered"] = GOTMLS_encode($GLOBALS["GOTMLS"]["tmp"]["new_contents"]);
|
656 |
+
//! pinged post_excerpt
|
657 |
+
if ($wpdb->insert($wpdb->posts, $insert))
|
658 |
+
unlink(trailingslashit($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["quarantine_dir"]).$entry);
|
659 |
+
else
|
660 |
+
print_r(array($entry=>$insert, "last_error"=>$wpdb->last_error));
|
661 |
+
} elseif (basename($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["quarantine_dir"]) == "quarantine")
|
662 |
+
unlink(trailingslashit($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["quarantine_dir"]).$entry);
|
663 |
+
}
|
664 |
}
|
665 |
}
|
666 |
+
if (basename($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["quarantine_dir"]) == "quarantine")
|
667 |
+
rmdir($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["quarantine_dir"]);
|
668 |
+
}
|
669 |
+
if (!($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["quarantine_dir"] && is_dir($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["quarantine_dir"]))) {
|
670 |
+
$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["quarantine_dir"] = false;
|
671 |
+
update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
|
672 |
}
|
|
|
|
|
673 |
}
|
674 |
if (is_numeric($only))
|
675 |
return get_post($only, ARRAY_A);
|
699 |
} else
|
700 |
$Q_Page .= '<h3>'.__("No Items in Quarantine",'gotmls').'</h3>';
|
701 |
wp_reset_query();
|
702 |
+
$return = "$Q_Paged\n</form><br style=\"clear: left;\" />\n$Q_Page\n</form>\n$Q_Paged\n</form><br style=\"clear: left;\" />\n";
|
703 |
+
if (($trashed = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->posts WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` != 'private'")) > 1)
|
704 |
+
$return = "<a href='".admin_url('admin-ajax.php?action=GOTMLS_empty_trash')."' id='empty_trash_link' style='float: right;' target='GOTMLS_statusFrame'>[Clear $trashed Deleted Files from the Trash]</a>".$return;
|
705 |
+
return $return;
|
706 |
}
|
707 |
|
708 |
function GOTMLS_View_Quarantine() {
|
709 |
GOTMLS_update_definitions();
|
710 |
+
$echo = GOTMLS_box($Q_Page = __("White-lists",'gotmls'), GOTMLS_get_whitelists());
|
|
|
711 |
if (!isset($_GET['Whitelists']))
|
712 |
+
$echo .= "\n<script>\nshowhide('inside_".md5($Q_Page)."');\n</script>\n";
|
713 |
+
$echo .= GOTMLS_box($Q_Page = __("Quarantine",'gotmls'), GOTMLS_get_quarantine());
|
714 |
if (isset($_GET['Scanlog']))
|
715 |
+
$echo .= "\n<script>\nshowhide('inside_".md5($Q_Page)."');\n</script>\n";
|
716 |
+
GOTMLS_display_header();
|
717 |
+
echo $echo.GOTMLS_box(__("Scan Logs",'gotmls'), GOTMLS_get_scanlog())."\n</div></div></div>";
|
718 |
}
|
719 |
|
720 |
function GOTMLS_update_definitions() {
|
881 |
'.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" placeholder="'.__("a comma separated list of file extentions to skip",'gotmls').'" name="exclude_ext" id="exclude_ext" value="'.implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]).'" style="width: 100%;" /'.$gt.$lt.'/div'.$gt.'
|
882 |
'.$lt.'p'.$gt.$lt.'b'.$gt.__("Skip directories with the following names:",'gotmls').$lt.'/b'.$gt.$lt.'/p'.$gt.'
|
883 |
'.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" placeholder="'.__("a folder name or comma separated list of folder names to skip",'gotmls').'" name="exclude_dir" value="'.implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"]).'" style="width: 100%;" /'.$gt.$lt.'/div'.$gt.'
|
884 |
+
'.$lt.'table style="width: 100%" cellspacing="10"'.$gt.$lt.'tr'.$gt.$lt.'td nowrap valign="top" style="white-space: nowrap; width: 1px;"'.$gt.$lt.'b'.$gt.__("Automatically Update Definitions:",'gotmls').$lt.'/b'.$gt.$lt.'/td'.$gt.$lt.'td colspan=2'.$gt.$lt.'div id="UPDATE_definitions_div"'.$gt.$lt.'span style="color: #C00;"'.$gt.__("This new BETA feature is only available to registered users who have donated at a certain level.",'gotmls')."$lt/span$gt$lt/div$gt$lt/td$gt$lt".'td align="right" valign="bottom"'.$gt.$lt.'input type="submit" id="complete_scan" value="'.__("Run Complete Scan",'gotmls').'" class="button-primary" /'."$gt$lt/td$gt$lt/tr$gt$lt/table$gt$lt/form$gt";
|
885 |
@ob_start();
|
886 |
$OB_default_handlers = array("default output handler", "zlib output compression");
|
887 |
$OB_handlers = @ob_list_handlers();
|
1131 |
"icon" => "threat"
|
1132 |
)
|
1133 |
);
|
1134 |
+
$patch_action = $lt.'form method="POST" name="GOTMLS_Form_XMLRPC_patch"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="hidden" name="GOTMLS_XMLRPC_patching" value="1"'.$gt.$lt.'input type="submit" style="display: none;" value="Block XMLRPC Access" id="GOTMLS_XMLRPC_patch_button"'.$gt.$lt.'div id="GOTMLS_XMLRPC_patch_searching"'.$gt.__("Checking .htaccess file ...",'gotmls').' '.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /'.$gt.$lt.'/div'.$gt.$lt.'/div'.$gt.$lt.'script'.$gt."\nfunction testComplete() {\nif (autoUpdateDownloadGIF = document.getElementById('autoUpdateDownload'))\n\tdonationAmount = autoUpdateDownloadGIF.src.replace(/^.+\?/,'');\nif ((autoUpdateDownloadGIF.src == donationAmount) || donationAmount=='0') {\n\tif (patch_searching_div = document.getElementById('GOTMLS_XMLRPC_patch_searching')) {\n\t\tif (autoUpdateDownloadGIF.src == donationAmount)\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".__("You must register and donate to use this feature!",'gotmls')."</span>';\n\t\telse\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".__("This feature is available to those who have donated!",'gotmls')."</span>';\n\t}\n} else {\n\tshowhide('GOTMLS_XMLRPC_patch_searching');\n\tshowhide('GOTMLS_XMLRPC_patch_button', true);\n}\n}\nwindow.onload=testComplete;\n$lt/script$gt$lt".'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.$lt.'img src="'.GOTMLS_images_path.'question.gif"'.$gt.'Allow/Block XMLRPC Access (';
|
1135 |
+
$patch_found = false;
|
1136 |
+
$find = '/<Files[^>]+xmlrpc.php>(.+?)<\/Files>\s*(# END GOTMLS Patch to Block XMLRPC Access\s*)*/is';
|
1137 |
+
$head = str_replace(array('/<Files[^>]+', '(.+?)<\\', '\\s*(', '\\s*)*/is'), array("<Files ", "\norder deny,allow\ndeny from all".(isset($_SERVER["REMOTE_ADDR"])?"\nallow from ".$_SERVER["REMOTE_ADDR"]:"").(isset($_SERVER["SERVER_ADDR"])?"\nallow from ".$_SERVER["SERVER_ADDR"]:"")."\n<", "\n", "\n"), $find);
|
1138 |
+
$htaccess = "";
|
1139 |
+
if (is_file(ABSPATH.'.htaccess'))
|
1140 |
+
if (($htaccess = @file_get_contents(ABSPATH.'.htaccess')) && strlen($htaccess))
|
1141 |
+
$patch_found = preg_match($find, $htaccess);
|
1142 |
+
if ($patch_found) {
|
1143 |
+
if (isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] < 0) && GOTMLS_file_put_contents(ABSPATH.'.htaccess', preg_replace($find, "", $htaccess)))
|
1144 |
+
$patch_action .= $lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.' Now Allowing';
|
1145 |
+
elseif (isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] < 0))
|
1146 |
+
$patch_action = str_replace('1"'.$gt.$lt.'input type="submit" value="Block', '-1"'.$gt.$lt.'input type="submit" value="Unblock', $patch_action).$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.' Still Blocked: '.sprintf(__("Failed to remove XMLRPC Protection (.htaccess %s)",'gotmls'),(is_readable(ABSPATH.'.htaccess')?'read-'.(is_writable(ABSPATH.'.htaccess')?'write':'only'):"unreadable").": ".strlen($htaccess).GOTMLS_fileperms(ABSPATH.'.htaccess'));
|
1147 |
+
else
|
1148 |
+
$patch_action = str_replace('1"'.$gt.$lt.'input type="submit" value="Block', '-1"'.$gt.$lt.'input type="submit" value="Unblock', $patch_action).'Currently Blocked';
|
1149 |
+
} else {
|
1150 |
+
if (isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] > 0) && GOTMLS_file_put_contents(ABSPATH.'.htaccess', "$head$htaccess"))
|
1151 |
+
$patch_action = str_replace('1"'.$gt.$lt.'input type="submit" value="Block', '-1"'.$gt.$lt.'input type="submit" value="Unblock', $patch_action).$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.' Now Blocking';
|
1152 |
+
elseif (isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] > 0))
|
1153 |
+
$patch_action .= $lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.' Still Allowed: '.sprintf(__("Failed to install XMLRPC Protection (.htaccess %s)",'gotmls'),(is_readable(ABSPATH.'.htaccess')?'read-'.(is_writable(ABSPATH.'.htaccess')?'write':'only'):"unreadable").": ".strlen($htaccess).GOTMLS_fileperms(ABSPATH.'.htaccess'));
|
1154 |
+
else
|
1155 |
+
$patch_action .= 'Currently Allowed';
|
1156 |
+
}
|
1157 |
+
$patch_action .= ")$lt/b$gt$lt/p$gt".__("Most WordPress site do not use the XMLRPC features and hack attempt on the xmlrpc.php file are more common then ever before. Even if there are no vulnerabilities for hackers to exploit these attempts can cause slowness or downtime similar to a DDoS attack. This patch automatically blocks all external access to the xmlrpc.php file.",'gotmls').$lt.'/div'.$gt.$lt.'/form'.$gt.$lt.'hr /'.$gt;
|
1158 |
$patch_status = 0;
|
1159 |
$patch_found = -1;
|
|
|
1160 |
$find = "#if\s*\(([^\&]+\&\&)?\s*file_exists\((.+?)(safe-load|wp-login)\.php'\)\)\s*require(_once)?\((.+?)(safe-load|wp-login)\.php'\);#";
|
1161 |
$head = str_replace(array('#', '\\(', '\\)', '(_once)?', ')\\.', '\\s*', '(.+?)(', '|', '([^\\&]+\\&\\&)?'), array(' ', '(', ')', '_once', '.', ' ', '\''.dirname(__FILE__).'/', '/', '!in_array($_SERVER["REMOTE_ADDR"], array("'.$_SERVER["REMOTE_ADDR"].'")) &&'), $find);
|
1162 |
if (is_file(ABSPATH.'wp-config.php')) {
|
1191 |
}
|
1192 |
$sec_opts = $lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt.'b'.$gt.'Revolution Slider Exploit Protection (Automatically Enabled)'.$lt.'/b'.$gt.$lt.'/p'.$gt.__("This protection is automatically activated with this plugin because of the widespread attack on WordPress that are affecting so many site right now. It is still recommended that you make sure to upgrade and older versions of the Revolution Slider plugin, especially those included in some themes that will not update automatically. Even if you do not have Revolution Slider on your site it still can't hurt to have this protection installed.",'gotmls').$lt.'/div'.$gt.$lt.'hr /'.$gt.'
|
1193 |
'.$patch_action.'
|
1194 |
+
'.$lt.'form method="POST" name="GOTMLS_Form_patch"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="submit" value="'.$patch_attr[$patch_status]["action"].'" style="'.($patch_status?'"'.$gt:' display: none;" id="GOTMLS_patch_button"'.$gt.$lt.'div id="GOTMLS_patch_searching" style="float: right;"'.$gt.__("Checking for session compatibility ...",'gotmls').' '.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /'.$gt.$lt.'/div'.$gt).$lt.'input type="hidden" name="GOTMLS_patching" value="1"'.$gt.$lt.'/div'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.$patch_attr[$patch_status]["icon"].'.gif"'.$gt.$lt.'b'.$gt.'Brute-force Protection '.$patch_attr[$patch_status]["status"].$lt.'/b'.$gt.$lt.'/p'.$gt.$patch_attr[$patch_status]["language"].__(" For more information on Brute-Force attack prevention and the WordPress wp-login-php file ",'gotmls').' '.$lt.'a target="_blank" href="http://gotmls.net/tag/wp-login-php/"'.$gt.__("read my blog",'gotmls')."$lt/a$gt.$lt/div$gt$lt/form$gt\n{$lt}script type='text/javascript'$gt\nfunction search_patch_onload() {\n\tstopCheckingSession = checkupdateserver('".GOTMLS_images_path."gotmls.js?SESSION=0', 'GOTMLS_patch_searching');\n}\nif (window.addEventListener)\n\twindow.addEventListener('load', search_patch_onload)\nelse\n\tdocument.attachEvent('onload', search_patch_onload);\n$lt/script$gt";
|
1195 |
$admin_notice = "";
|
1196 |
if ($current_user->user_login == "admin") {
|
1197 |
if (isset($_POST["GOTMLS_admin_username"]) && ("admin" != trim($_POST["GOTMLS_admin_username"])) && strlen(trim($_POST["GOTMLS_admin_username"])) && preg_match('/^\s*[a-z_0-9\@\.\-]{3,}\s*$/i', $_POST["GOTMLS_admin_username"])) {
|
1301 |
}
|
1302 |
add_action('wp_ajax_GOTMLS_position', 'GOTMLS_ajax_position');
|
1303 |
|
1304 |
+
function GOTMLS_ajax_empty_trash() {
|
1305 |
+
global $wpdb;
|
1306 |
+
$gl = '><';
|
1307 |
+
if ($trashed = $wpdb->query("DELETE FROM $wpdb->posts WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` != 'private'"))
|
1308 |
+
$trashmsg = __("Emptied $trashed item from the quarantine trash.",'gotmls');
|
1309 |
+
else
|
1310 |
+
$trashmsg = __("Failed to empty the trash.",'gotmls');
|
1311 |
+
$properties = array("html" => $gl.'head'.$gl."script type='text/javascript'>\nif (curDiv = window.parent.document.getElementById('empty_trash_link'))\n\tcurDiv.style.display = 'none';\nalert('$trashmsg');\n</script$gl/head", "body" => 'style="margin: 0; padding: 0;"');
|
1312 |
+
die(GOTMLS_html_tags(array("html" => array("body" => $trashmsg)), $properties));
|
1313 |
+
}
|
1314 |
+
add_action('wp_ajax_GOTMLS_empty_trash', 'GOTMLS_ajax_empty_trash');
|
1315 |
+
|
1316 |
function GOTMLS_ajax_whitelist() {
|
1317 |
if (isset($_POST['GOTMLS_whitelist']) && isset($_POST['GOTMLS_chksum'])) {
|
1318 |
$file = GOTMLS_decode($_POST['GOTMLS_whitelist']);
|
1341 |
if (isset($_REQUEST["GOTMLS_fix"]) && is_array($_REQUEST["GOTMLS_fix"]) && isset($_REQUEST["GOTMLS_fixing"]) && $_REQUEST["GOTMLS_fixing"]) {
|
1342 |
GOTMLS_update_scan_log(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
|
1343 |
$callAlert = "clearTimeout(callAlert);\ncallAlert=setTimeout('alert_repaired(1)', 30000);";
|
1344 |
+
$li_js = "\n<script type=\"text/javascript\">\nvar callAlert;\nfunction alert_repaired(failed) {\nclearTimeout(callAlert);\nif (failed)\nfilesFailed='the rest, try again to change more.';\nwindow.parent.check_for_donation('Changed '+filesFixed+' files, failed to change '+filesFailed);\n}\n$callAlert\nwindow.parent.showhide('GOTMLS_iFrame', true);\nfilesFixed=0;\nfilesFailed=0;\nfunction fixedFile(file) {\n filesFixed++;\nif (li_file = window.parent.document.getElementById('check_'+file))\n\tli_file.checked=false;\nif (li_file = window.parent.document.getElementById('list_'+file))\n\tli_file.className='GOTMLS_plugin';\nif (li_file = window.parent.document.getElementById('GOTMLS_quarantine_'+file)) {\n\tli_file.style.display='none';\n\tli_file.innerHTML='';\n\t}\n}\nfunction DeletedFile(file) {\n filesFixed++;\nif (li_file = window.parent.document.getElementById('check_'+file))\n\tli_file.checked=false;\nif (li_file = window.parent.document.getElementById('GOTMLS_quarantine_'+file)) {\n\tli_file.style.display='none';\n\tli_file.innerHTML='';\n\t}}\nfunction failedFile(file) {\n filesFailed++;\nwindow.parent.document.getElementById('check_'+file).checked=false; \n}\n</script>\n<script type=\"text/javascript\">\n/*<!--*"."/";
|
1345 |
@set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] * 2);
|
1346 |
$HTML = explode("split-here-for-content", GOTMLS_html_tags(array("html" => array("body" => "split-here-for-content"))));
|
1347 |
echo $HTML[0];
|
1456 |
}
|
1457 |
}
|
1458 |
window.parent.showhide("GOTMLS_iFrame", true);
|
1459 |
+
</script><table style="top: 0px; left: 0px; width: 100%; height: 100%; position: absolute;"><tr><td style="width: 100%"><form style="margin: 0;" method="post" action="'.admin_url('admin-ajax.php').'" onsubmit="return confirm(\''.__("Are you sure you want to delete this file from the quarantine?",'gotmls').'\');"><input type="hidden" name="GOTMLS_fix[]" value="'.$Q_post["ID"].'"><input type="hidden" name="GOTMLS_fixing" value="2"><input type="hidden" name="action" value="GOTMLS_fix"><input type="submit" value="DELETE from Quarantine" style="background-color: #C00; float: right;"></form><div id="fileperms" class="shadowed-box rounded-corners" style="display: none; position: absolute; left: 8px; top: 29px; background-color: #ccc; border: medium solid #C00; box-shadow: -3px 3px 3px #666; border-radius: 10px; padding: 10px;"><b>File Details</b><br />encoding: '.(function_exists("mb_detect_encoding")?mb_detect_encoding($GLOBALS["GOTMLS"]["tmp"]["file_contents"]):"Unknown").'<br />size: '.strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).' bytes<br />infected:'.$Q_post["post_modified_gmt"].'<br />quarantined:'.$Q_post["post_date_gmt"].'</div><div style="overflow: auto;"><span onmouseover="document.getElementById(\'fileperms\').style.display=\'block\';" onmouseout="document.getElementById(\'fileperms\').style.display=\'none\';">'.__("File Details:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"])).'</textarea></td></tr></table>');
|
1460 |
} else
|
1461 |
die(GOTMLS_html_tags(array("html" => array("body" => __("This file no longer exists in the quarantine.",'gotmls')."<br />\n<script type=\"text/javascript\">\nwindow.parent.showhide('GOTMLS_iFrame', true);\n</script>"))));
|
1462 |
} else {
|
1518 |
}
|
1519 |
}
|
1520 |
window.parent.showhide("GOTMLS_iFrame", true);
|
1521 |
+
</script><table style="top: 0px; left: 0px; width: 100%; height: 100%; position: absolute;"><tr><td style="width: 100%"><form style="margin: 0;" method="post" action="'.admin_url('admin-ajax.php').'" onsubmit="return confirm(\''.__("Are you sure this file is not infected and you want to ignore it in future scans?",'gotmls').'\');"><input type="hidden" name="GOTMLS_whitelist" value="'.GOTMLS_encode($file).'"><input type="hidden" name="action" value="GOTMLS_whitelist"><input type="hidden" name="GOTMLS_chksum" value="'.md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'O'.GOTMLS_installation_key.'"><input type="submit" value="Whitelist this file" style="float: right;"></form><div id="fileperms" class="shadowed-box rounded-corners" style="display: none; position: absolute; left: 8px; top: 29px; background-color: #ccc; border: medium solid #C00; box-shadow: -3px 3px 3px #666; border-radius: 10px; padding: 10px;"><b>File Details</b><br />encoding: '.(function_exists("mb_detect_encoding")?mb_detect_encoding($GLOBALS["GOTMLS"]["tmp"]["file_contents"]):"Unknown").'<br />size: '.strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).' ('.filesize($file).'bytes)<br />permissions: '.GOTMLS_fileperms($file).'<br />modified:'.date(" Y-m-d H:i:s ", filemtime($file)).'<br />changed:'.date(" Y-m-d H:i:s ", filectime($file)).'</div><div style="overflow: auto;"><span onmouseover="document.getElementById(\'fileperms\').style.display=\'block\';" onmouseout="document.getElementById(\'fileperms\').style.display=\'none\';">'.__("Potential threats in file:",'gotmls').'</span> ('.$fa.' )</div></td></tr><tr><td style="height: 100%"><textarea id="ta_file" style="width: 100%; height: 100%">'.htmlentities(str_replace("\r", "", $GLOBALS["GOTMLS"]["tmp"]["file_contents"])).'</textarea></td></tr></table>');
|
1522 |
}
|
1523 |
}
|
1524 |
}
|
1534 |
add_action('wp_ajax_nopriv_GOTMLS_position', 'GOTMLS_ajax_nopriv');
|
1535 |
add_action('wp_ajax_nopriv_GOTMLS_fix', 'GOTMLS_ajax_nopriv');
|
1536 |
add_action('wp_ajax_nopriv_GOTMLS_whitelist', 'GOTMLS_ajax_nopriv');
|
1537 |
+
add_action('wp_ajax_nopriv_GOTMLS_empty_trash', 'GOTMLS_ajax_nopriv');
|
1538 |
|
1539 |
add_action("in_plugin_update_message-gotmls/index.php", "GOTMLS_in_plugin_update_message");
|
1540 |
add_filter("plugin_row_meta", "GOTMLS_set_plugin_row_meta", 1, 2);
|
languages/gotmls.pot
CHANGED
@@ -8,7 +8,7 @@ msgid ""
|
|
8 |
msgstr ""
|
9 |
"Project-Id-Version: GOTMLS\n"
|
10 |
"Report-Msgid-Bugs-To: eli@gotmls.net\n"
|
11 |
-
"POT-Creation-Date: 2015-07-
|
12 |
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
13 |
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
14 |
"Language-Team: LANGUAGE <LL@li.org>\n"
|
@@ -306,6 +306,26 @@ msgstr ""
|
|
306 |
msgid "Your WordPress Login page has the old version of my brute-force protection installed. Upgrade this patch to improve the protection on the WordPress Login page and preserve the integrity of your WordPress core files."
|
307 |
msgstr ""
|
308 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
309 |
msgid "Removed Brute-Force Protection"
|
310 |
msgstr ""
|
311 |
|
@@ -361,6 +381,9 @@ msgstr ""
|
|
361 |
msgid "saved."
|
362 |
msgstr ""
|
363 |
|
|
|
|
|
|
|
364 |
msgid "Done!"
|
365 |
msgstr ""
|
366 |
|
@@ -420,12 +443,6 @@ msgstr ""
|
|
420 |
msgid "Core File Changes"
|
421 |
msgstr ""
|
422 |
|
423 |
-
msgid "You must register and made a donation to use this feature!"
|
424 |
-
msgstr ""
|
425 |
-
|
426 |
-
msgid "This feature is currently only available to those who have made a donation!"
|
427 |
-
msgstr ""
|
428 |
-
|
429 |
msgid "Your Server could not start a Session!"
|
430 |
msgstr ""
|
431 |
|
8 |
msgstr ""
|
9 |
"Project-Id-Version: GOTMLS\n"
|
10 |
"Report-Msgid-Bugs-To: eli@gotmls.net\n"
|
11 |
+
"POT-Creation-Date: 2015-07-17 22:47-1000\n"
|
12 |
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
13 |
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
14 |
"Language-Team: LANGUAGE <LL@li.org>\n"
|
306 |
msgid "Your WordPress Login page has the old version of my brute-force protection installed. Upgrade this patch to improve the protection on the WordPress Login page and preserve the integrity of your WordPress core files."
|
307 |
msgstr ""
|
308 |
|
309 |
+
msgid "Checking .htaccess file ..."
|
310 |
+
msgstr ""
|
311 |
+
|
312 |
+
msgid "You must register and donate to use this feature!"
|
313 |
+
msgstr ""
|
314 |
+
|
315 |
+
msgid "This feature is available to those who have donated!"
|
316 |
+
msgstr ""
|
317 |
+
|
318 |
+
#, php-format
|
319 |
+
msgid "Failed to remove XMLRPC Protection (.htaccess %s)"
|
320 |
+
msgstr ""
|
321 |
+
|
322 |
+
#, php-format
|
323 |
+
msgid "Failed to install XMLRPC Protection (.htaccess %s)"
|
324 |
+
msgstr ""
|
325 |
+
|
326 |
+
msgid "Most WordPress site do not use the XMLRPC features and hack attempt on the xmlrpc.php file are more common then ever before. Even if there are no vulnerabilities for hackers to exploit these attempts can cause slowness or downtime similar to a DDoS attack. This patch automatically blocks all external access to the xmlrpc.php file."
|
327 |
+
msgstr ""
|
328 |
+
|
329 |
msgid "Removed Brute-Force Protection"
|
330 |
msgstr ""
|
331 |
|
381 |
msgid "saved."
|
382 |
msgstr ""
|
383 |
|
384 |
+
msgid "Failed to empty the trash."
|
385 |
+
msgstr ""
|
386 |
+
|
387 |
msgid "Done!"
|
388 |
msgstr ""
|
389 |
|
443 |
msgid "Core File Changes"
|
444 |
msgstr ""
|
445 |
|
|
|
|
|
|
|
|
|
|
|
|
|
446 |
msgid "Your Server could not start a Session!"
|
447 |
msgstr ""
|
448 |
|
readme.txt
CHANGED
@@ -5,8 +5,8 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
|
|
5 |
Contributors: scheeeli, gotmls
|
6 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
|
7 |
Tags: anti-malware, security, scanner, automatic, repair, remove, malware, virus, threat, hacked, malicious, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
|
8 |
-
Version: 4.15.
|
9 |
-
Stable tag: 4.15.
|
10 |
Requires at least: 3.3
|
11 |
Tested up to: 4.2.2
|
12 |
|
@@ -29,7 +29,7 @@ This Anti-Malware scanner searches for Malware, Viruses, and other security thre
|
|
29 |
* Check the integrity of your WordPress Core files.
|
30 |
* Automatically Download Definition Updates When running a Complete Scan.
|
31 |
|
32 |
-
Updated July
|
33 |
|
34 |
Register this plugin at [GOTMLS.NET](http://gotmls.net/) and get access to new definitions of "Known Threats" and added features like Automatic Removal, plus patches for specific security vulnerabilities like old versions of timthumb. Updated definition files can be downloaded automatically within the admin once your Key is registered. Otherwise, this plugin just scans for "Potential Threats" and leaves it up to you to identify and remove the malicious ones.
|
35 |
|
@@ -94,6 +94,11 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
|
|
94 |
|
95 |
== Changelog ==
|
96 |
|
|
|
|
|
|
|
|
|
|
|
97 |
= 4.15.29 =
|
98 |
* Fixed a bugs in the Quarantine that was memory_limit errors if there number of files in the was too high.
|
99 |
* Added the highlight malicious code feature back to the Quarantine file viewer.
|
@@ -345,6 +350,9 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
|
|
345 |
|
346 |
== Upgrade Notice ==
|
347 |
|
|
|
|
|
|
|
348 |
= 4.15.29 =
|
349 |
Fixed a bugs in the Quarantine, added the highlight malicious code feature back to the Quarantine file viewer, added the ability to change the admin username, and improved the Brute-Force Protection.
|
350 |
|
5 |
Contributors: scheeeli, gotmls
|
6 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
|
7 |
Tags: anti-malware, security, scanner, automatic, repair, remove, malware, virus, threat, hacked, malicious, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
|
8 |
+
Version: 4.15.30
|
9 |
+
Stable tag: 4.15.30
|
10 |
Requires at least: 3.3
|
11 |
Tested up to: 4.2.2
|
12 |
|
29 |
* Check the integrity of your WordPress Core files.
|
30 |
* Automatically Download Definition Updates When running a Complete Scan.
|
31 |
|
32 |
+
Updated July 17th
|
33 |
|
34 |
Register this plugin at [GOTMLS.NET](http://gotmls.net/) and get access to new definitions of "Known Threats" and added features like Automatic Removal, plus patches for specific security vulnerabilities like old versions of timthumb. Updated definition files can be downloaded automatically within the admin once your Key is registered. Otherwise, this plugin just scans for "Potential Threats" and leaves it up to you to identify and remove the malicious ones.
|
35 |
|
94 |
|
95 |
== Changelog ==
|
96 |
|
97 |
+
= 4.15.30 =
|
98 |
+
* Added a link to purge the deleted Quarantine items from the database.
|
99 |
+
* Added firewall option to Block all XMLRPC calls.
|
100 |
+
* Fixed a few cosmetic bugs in the quarantine and firewall options.
|
101 |
+
|
102 |
= 4.15.29 =
|
103 |
* Fixed a bugs in the Quarantine that was memory_limit errors if there number of files in the was too high.
|
104 |
* Added the highlight malicious code feature back to the Quarantine file viewer.
|
350 |
|
351 |
== Upgrade Notice ==
|
352 |
|
353 |
+
= 4.15.30 =
|
354 |
+
Added a new firewall option to Block all XMLRPC calls and a link to purge the deleted Quarantine items from the database, and fixed a few cosmetic bugs in the quarantine and firewall options.
|
355 |
+
|
356 |
= 4.15.29 =
|
357 |
Fixed a bugs in the Quarantine, added the highlight malicious code feature back to the Quarantine file viewer, added the ability to change the admin username, and improved the Brute-Force Protection.
|
358 |
|