Anti-Malware Security and Brute-Force Firewall - Version 4.15.42

Version Description

  • Had to remove the encoding of the Default Definitions to meet the WordPress Plugin Guidelines.
Download this release

Release Info

Developer scheeeli
Plugin Icon 128x128 Anti-Malware Security and Brute-Force Firewall
Version 4.15.42
Comparing to
See all releases

Code changes from version 4.15.41 to 4.15.42

Files changed (3) hide show
  1. images/index.php +11 -4
  2. index.php +2 -2
  3. readme.txt +9 -3
images/index.php CHANGED
@@ -808,9 +808,16 @@ $GLOBALS["GOTMLS"]["tmp"]["default_ext"] .= "com";
808
  GOTMLS_define("GOTMLS_plugin_home", $GLOBALS["GOTMLS"]["tmp"]["protocol"].'//gotmls.net/');
809
  GOTMLS_define("GOTMLS_update_home", "http://updates.gotmls.net/".GOTMLS_installation_key.'/');
810
  GOTMLS_define("GOTMLS_blog_home", $GLOBALS["GOTMLS"]["tmp"]["protocol"].'//wordpress.'.$GLOBALS["GOTMLS"]["tmp"]["default_ext"]);
811
- $GLOBALS["GOTMLS"]["tmp"]["Definition"]["Default"] = "F277h";
812
- if (!$GLOBALS["GOTMLS"]["tmp"]["definitions_array"] && (!is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = maybe_unserialize(GOTMLS_decode('YToxOntzOjk6InBvdGVudGlhbCI7YToxNDp7czo0OiJldmFsIjthOjI6e2k6MDtzOjU6IkVBUExxIjtpOjE7czozNToiL1teYS16XC8nIl1ldmFsXChbXlwpXStbJyJcc1wpO10rL2kiO31zOjk6ImF1dGhfcGFzcyI7YToyOntpOjA7czo1OiJDQ0lHRyI7aToxO3M6MjQ6Ii9cJGF1dGhfcGFzc1sgPVx0XSsuKzsvaSI7fXM6MjE6ImRvY3VtZW50LndyaXRlIGlmcmFtZSI7YToyOntpOjA7czo1OiJDQ0lHRyI7aToxO3M6NTI6Ii9kb2N1bWVudFwud3JpdGVcKFsnIl08aWZyYW1lIC4rPFwvaWZyYW1lPlsnIl1cKTsqL2kiO31zOjE1OiJwcmVnX3JlcGxhY2UgL2UiO2E6Mjp7aTowO3M6NToiQ0NJR0ciO2k6MTtzOjUwOiIvcHJlZ19yZXBsYWNlWyBcdF0qXCguK1tcL1wjXHxdW2ldKmVbaV0qWyciXS4rXCkvaSI7fXM6MjA6ImV4ZWMgc3lzdGVtIHBhc3N0aHJ1IjthOjI6e2k6MDtzOjU6IkVBUExnIjtpOjE7czo1MToiLzxcPy4rP2V4ZWNcKC4rP3N5c3RlbVwoLis_cGFzc3RocnVcKC4rZndyaXRlXCguKy9zIjt9czoyOToiRXh0ZXJuYWwgUmVkaXJlY3QgUmV3cml0ZVJ1bGUiO2E6Mjp7aTowO3M6NToiRjFVSVoiO2k6MTtzOjQyOiIvUmV3cml0ZVJ1bGUgW14gXSsgaHR0cFw6XC9cLyg_ITEyN1wuKS4qL2kiO31zOjM1OiJubyBlcnJvcl9yZXBvcnRpbmcgbG9uZyBsaW5lcyBhbG9uZSI7YToyOntpOjA7czo1OiJEMzVCYSI7aToxO3M6Nzk6Ii88XD8ocGhwKSpbXHJcblx0IFxAXSplcnJvcl9yZXBvcnRpbmdcKDBcKTsuKz9bYS16MC05XC9cLVw9JyJcLlxdezIwMDB9Lio_XD8-L2kiO31zOjIyOiJwcm90ZWN0ZWQgYnkgY29weXJpZ2h0IjthOjI6e2k6MDtzOjU6IkQ4TUN3IjtpOjE7czoxMzY6Ii9cL1wqIFRoaXMgZmlsZSBpcyBwcm90ZWN0ZWQgYnkgY29weXJpZ2h0IGxhdyBhbmQgcHJvdmlkZWQgdW5kZXIgbGljZW5zZS4gUmV2ZXJzZSBlbmdpbmVlcmluZyBvZiB0aGlzIGZpbGUgaXMgc3RyaWN0bHkgcHJvaGliaXRlZC4gXCpcLy8iO31zOjE5OiJhIHNwYW4gY29sb3IgRjFFRkU0IjthOjI6e2k6MDtzOjU6IkQ4UkFQIjtpOjE7czoxMTg6Ii9cPGEgW15cPl0rXD5cPHNwYW4gc3R5bGU9ImNvbG9yXDpcI0YxRUZFNDsiXD4oLis_KVw8XC9zcGFuXD5cPFwvYVw-XDxzcGFuIHN0eWxlPSJjb2xvclw6XCNGMUVGRTQ7Ilw-KC4rPylcPFwvc3Bhblw-L2kiO31zOjE3OiJWYXJpYWJsZSBGdW5jdGlvbiI7YToyOntpOjA7czo1OiJFODU2TCI7aToxO3M6Njc6Ii8oPCFcZClcJFtcJFx7XSpbYS16XC1cXzAtOV0rW1x9IFx0XSooXFtbXlxdXStcXVsgXHRdKikqXCguKj9cKVw7L2kiO31zOjExOiJUYWdnZWQgQ29kZSI7YToyOntpOjA7czo1OiJFNExNRyI7aToxO3M6MjQ6Ii9cIyhcdyspXCMuKz9cI1wvXDFcIy9pcyI7fXM6MTU6ImNyZWF0ZV9mdW5jdGlvbiI7YToyOntpOjA7czo1OiJFQVBMbSI7aToxO3M6NzU6Ii8oXCRbYS16XzAtOV0rWz1cc1xAXSspP2NyZWF0ZV9mdW5jdGlvblwoW14sXStbLFxzXStcJFthLXpfMC05XStbXHNcKV0rOyovaSI7fXM6NDM6ImZ1bmN0aW9uIGFkZF9hY3Rpb24gd3BfZW5xdWV1ZV9zY3JpcHQganNvbjIiO2E6Mjp7aTowO3M6NToiRjExNHYiO2k6MTtzOjE3OiIvanNvbjJcLm1pblwuanMvaSI7fXM6NDc6IlJld3JpdGVDb25kIEhUVFBfVVNFUl9BR0VOVCBSZXdyaXRlUnVsZSBodHRwIElQIjthOjI6e2k6MDtzOjU6IkYyNzdoIjtpOjE7czo4NDoiLyhSZXdyaXRlQ29uZCBcJVx7SFRUUF9VU0VSX0FHRU5UXH0gLitccyspK1Jld3JpdGVSdWxlIFxeLipcJCBodHRwOlwvXC8oPyExMjdcLikuKi9pIjt9fX02')))))
813
- $GLOBALS["GOTMLS"]["tmp"]["HeadersError"] = '<div class="error">'.__('The <b>base64_decode</b> function is currently disabled by the disable_functions Directive in your server\'s php.ini file.<br />This function is required for this Anti-Malware plugin to work properly.<br />Check the disable_functions Directive in your php.ini and take out base64_decode to fix this problem.','gotmls').'</div>';
 
 
 
 
 
 
 
814
  function GOTMLS_file_put_contents($file, $content) {
815
  global $GOTMLS_chmod_file, $GOTMLS_chmod_dir;
816
  if ((is_dir(dirname($file)) || @mkdir(dirname($file), $GOTMLS_chmod_dir, true)) && !is_writable(dirname($file)) && ($GOTMLS_chmod_dir = @fileperms(dirname($file))))
@@ -870,4 +877,4 @@ function GOTMLS_get_URL($URL) {
870
  if (200 == wp_remote_retrieve_response_code($request))
871
  $response = wp_remote_retrieve_body($request);
872
  return $response;
873
- }
808
  GOTMLS_define("GOTMLS_plugin_home", $GLOBALS["GOTMLS"]["tmp"]["protocol"].'//gotmls.net/');
809
  GOTMLS_define("GOTMLS_update_home", "http://updates.gotmls.net/".GOTMLS_installation_key.'/');
810
  GOTMLS_define("GOTMLS_blog_home", $GLOBALS["GOTMLS"]["tmp"]["protocol"].'//wordpress.'.$GLOBALS["GOTMLS"]["tmp"]["default_ext"]);
811
+ $GLOBALS["GOTMLS"]["tmp"]["Definition"]["Default"] = "CCIGG";
812
+ if (!(isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]) && count($GLOBALS["GOTMLS"]["tmp"]["definitions_array"])))
813
+ $GLOBALS["GOTMLS"]["tmp"]["definitions_array"] = array("potential"=>array(
814
+ "eval"=>array("CCIGG", "/[^a-z_\\/'\"]eval\\(.+\\)+\\s*;/i"),
815
+ "preg_replace /e"=>array("CCIGG", "/preg_replace[\\s*\\(]+(['\"])([\\!\\/\\#\\|\\@\\%\\^\\*\\~]).+?\\2[imsx]*e[imsx]*\\1\\s*,[^,]+,[^\\)]+[\\);\\s]+(\\?>|\$)/i"),
816
+ "auth_pass"=>array("CCIGG", "/\\\$auth_pass\\s*=.+;/i"),
817
+ "function add_action wp_enqueue_script json2"=>array("CCIGG", "/json2\\.min\\.js/i"),
818
+ "Tagged Code"=>array("CCIGG", "/\\#(\\w+)\\#.+?\\#\\/\\1\\#/is"),
819
+ "protected by copyright"=>array("CCIGG", "/\\/\\* This file is protected by copyright law and provided under license. Reverse engineering of this file is strictly prohibited. \\*\\//i")));
820
+
821
  function GOTMLS_file_put_contents($file, $content) {
822
  global $GOTMLS_chmod_file, $GOTMLS_chmod_dir;
823
  if ((is_dir(dirname($file)) || @mkdir(dirname($file), $GOTMLS_chmod_dir, true)) && !is_writable(dirname($file)) && ($GOTMLS_chmod_dir = @fileperms(dirname($file))))
877
  if (200 == wp_remote_retrieve_response_code($request))
878
  $response = wp_remote_retrieve_body($request);
879
  return $response;
880
+ }
index.php CHANGED
@@ -8,7 +8,7 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
8
  Contributors: scheeeli, gotmls
9
  Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
10
  Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
11
- Version: 4.15.41
12
  */
13
  if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)))
14
  include(dirname(__FILE__)."/safe-load/index.php");
@@ -1562,4 +1562,4 @@ add_action('wp_ajax_nopriv_GOTMLS_empty_trash', 'GOTMLS_ajax_nopriv');
1562
  add_action("plugins_loaded", "GOTMLS_loaded");
1563
  add_action("admin_notices", "GOTMLS_admin_notices");
1564
  add_action("admin_menu", "GOTMLS_menu");
1565
- add_action("network_admin_menu", "GOTMLS_menu");
8
  Contributors: scheeeli, gotmls
9
  Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
10
  Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
11
+ Version: 4.15.42
12
  */
13
  if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)))
14
  include(dirname(__FILE__)."/safe-load/index.php");
1562
  add_action("plugins_loaded", "GOTMLS_loaded");
1563
  add_action("admin_notices", "GOTMLS_admin_notices");
1564
  add_action("admin_menu", "GOTMLS_menu");
1565
+ add_action("network_admin_menu", "GOTMLS_menu");
readme.txt CHANGED
@@ -5,8 +5,8 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
5
  Contributors: scheeeli, gotmls
6
  Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
7
  Tags: anti-malware, security, scanner, automatic, repair, remove, malware, virus, threat, hacked, malicious, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
8
- Version: 4.15.41
9
- Stable tag: 4.15.41
10
  Requires at least: 3.3
11
  Tested up to: 4.3.1
12
 
@@ -29,7 +29,7 @@ This Anti-Malware scanner searches for Malware, Viruses, and other security thre
29
  * Check the integrity of your WordPress Core files.
30
  * Automatically Download Definition Updates When running a Complete Scan.
31
 
32
- Updated October 1st
33
 
34
  Register this plugin at [GOTMLS.NET](http://gotmls.net/) and get access to new definitions of "Known Threats" and added features like Automatic Removal, plus patches for specific security vulnerabilities like old versions of timthumb. Updated definition files can be downloaded automatically within the admin once your Key is registered. Otherwise, this plugin just scans for "Potential Threats" and leaves it up to you to identify and remove the malicious ones.
35
 
@@ -94,6 +94,9 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
94
 
95
  == Changelog ==
96
 
 
 
 
97
  = 4.15.41 =
98
  * Improved the JavaScript in the new Brute-Force login patch so that it works with caching enabled on the login page.
99
 
@@ -358,6 +361,9 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
358
 
359
  == Upgrade Notice ==
360
 
 
 
 
361
  = 4.15.41 =
362
  Improved the JavaScript in the new Brute-Force login patch so that it works with caching enabled on the login page.
363
 
5
  Contributors: scheeeli, gotmls
6
  Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
7
  Tags: anti-malware, security, scanner, automatic, repair, remove, malware, virus, threat, hacked, malicious, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
8
+ Version: 4.15.42
9
+ Stable tag: 4.15.42
10
  Requires at least: 3.3
11
  Tested up to: 4.3.1
12
 
29
  * Check the integrity of your WordPress Core files.
30
  * Automatically Download Definition Updates When running a Complete Scan.
31
 
32
+ Updated October 28th
33
 
34
  Register this plugin at [GOTMLS.NET](http://gotmls.net/) and get access to new definitions of "Known Threats" and added features like Automatic Removal, plus patches for specific security vulnerabilities like old versions of timthumb. Updated definition files can be downloaded automatically within the admin once your Key is registered. Otherwise, this plugin just scans for "Potential Threats" and leaves it up to you to identify and remove the malicious ones.
35
 
94
 
95
  == Changelog ==
96
 
97
+ = 4.15.42 =
98
+ * Had to remove the encoding of the Default Definitions to meet the WordPress Plugin Guidelines.
99
+
100
  = 4.15.41 =
101
  * Improved the JavaScript in the new Brute-Force login patch so that it works with caching enabled on the login page.
102
 
361
 
362
  == Upgrade Notice ==
363
 
364
+ = 4.15.42 =
365
+ Had to remove the encoding of the Default Definitions to meet the WordPress Plugin Guidelines.
366
+
367
  = 4.15.41 =
368
  Improved the JavaScript in the new Brute-Force login patch so that it works with caching enabled on the login page.
369