Anti-Malware Security and Brute-Force Firewall

Version Description

Added more sanitization and validation to all user data entered for better security.
checked code for compatibility with WordPress 5.9.

Release Info

Developer	scheeeli
Plugin	Anti-Malware Security and Brute-Force Firewall
Version	4.20.95
Comparing to
See all releases

Code changes from version 4.20.94 to 4.20.95

Files changed (3) hide show

images/index.php +57 -40
index.php +46 -41
readme.txt +10 -3

images/index.php CHANGED Viewed

	@@ -16,7 +16,7 @@ GOTMLS_define("GOTMLS_plugin_path", substr(dirname(__FILE__), 0, strlen(dirname(
16	//if (is_file(GOTMLS_plugin_path.$file) && ($contents = @file_get_contents(GOTMLS_plugin_path.$file)) && preg_match('/\nversion:\s*([0-9\.]+)/i', $contents, $match))
17	// GOTMLS_define("GOTMLS_Version", $match[1]);
18	//else
19	- GOTMLS_define("GOTMLS_Version", '4.20.94');
20	GOTMLS_define("GOTMLS_require_version", "3.3");
21	if (!function_exists("__")) {
22	function __($text, $domain = "gotmls") {
	@@ -217,7 +217,7 @@ function GOTMLS_get_corefile_URL($path, $hash) {
217	}
218	if (!function_exists("GOTMLS_Invalid_Nonce")) {
219	function GOTMLS_Invalid_Nonce($pre = "//Error: ") {
220	- return $pre.__("Invalid or expired Nonce Token!",'gotmls').(isset($_REQUEST["GOTMLS_mt"])?(" (".GOTMLS_htmlspecialchars($_REQUEST["GOTMLS_mt"]).((strlen($_REQUEST["GOTMLS_mt"]) == 32)?(isset($GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST["GOTMLS_mt"]])?$GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST["GOTMLS_mt"]]:" !found)"):" !len[".strlen($_REQUEST["GOTMLS_mt"])."])")):" (GOTMLS_mt !set)").__("Refresh and try again?",'gotmls');
221	}}
222
223	if (!function_exists("GOTMLS_set_nonce")) {
	@@ -235,9 +235,9 @@ function GOTMLS_set_nonce($context = "NULL") {
235	if (!isset($GLOBALS["GOTMLS"]["tmp"]["nonce"][$transient_name])) {
236	$GLOBALS["GOTMLS"]["tmp"]["nonce"][$transient_name] = $hour;
237	if (!GOTMLS_update_option('nonce', $GLOBALS["GOTMLS"]["tmp"]["nonce"]))
238	- return ("$context=DB-err:".preg_replace('/[\r\n]+/', " ", ~~GOTMLS_htmlspecialchars(~~print_r($GLOBALS["GOTMLS"]["tmp"]["nonce"],1).$wpdb->last_error)));
239	}
240	- return 'GOTMLS_mt='.$transient_name;
241	}}
242
243	if (!function_exists("GOTMLS_get_nonce")) {
	@@ -246,10 +246,10 @@ function GOTMLS_get_nonce() {
246	if (is_array($_REQUEST["GOTMLS_mt"])) {
247	foreach ($_REQUEST["GOTMLS_mt"] as $_REQUEST_GOTMLS_mt)
248	if (strlen($_REQUEST_GOTMLS_mt) == 32 && isset($GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST_GOTMLS_mt]))
249	- return $GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST_GOTMLS_mt];
250	return 0;
251	} elseif (strlen($_REQUEST["GOTMLS_mt"]) == 32 && isset($GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST["GOTMLS_mt"]]))
252	- return $GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST["GOTMLS_mt"]];
253	else
254	return "";
255	} else
	@@ -454,7 +454,7 @@ function checkupdateserver(server, divid) {
454	if (arguments[2])
455	return setTimeout("stopCheckingDefinitions = checkupdateserver(\'"+arguments[2]+"\',\'"+divid+"\')",15000);
456	else
457	- return setTimeout("cancelserver(\'"+divid+"\')",'.($GLOBALS["GOTMLS"]["tmp"]['execution_time']+1).'000+3000);
458	}
459	}
460	var IE = document.all?true:false;
	@@ -557,11 +557,11 @@ function GOTMLS_get_quarantine($only = false) {
557	if (is_numeric($only))
558	return get_post($only, ARRAY_A);
559	elseif ($only)
560	- return $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->posts WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'private'");
561	else
562	$args = array('posts_per_page' => (isset($_GET['posts_per_page'])&&is_numeric($_GET['posts_per_page'])&&$_GET['posts_per_page']>0?$_GET['posts_per_page']:200), 'orderby' => 'date', 'post_type' => 'GOTMLS_quarantine', "post_status" => "private");
563	- if (isset($_POST["paged"]))
564	- $args["paged"] = $_POST["paged"];
565	$my_query = new WP_Query($args);
566	$Q_Paged = '<form method="POST" name="GOTMLS_Form_page"><div style="float: left;">Page:</div>';
567	$Q_Page = '
	@@ -587,8 +587,8 @@ function GOTMLS_get_quarantine($only = false) {
587	$link = GOTMLS_error_link(__("View current/live version",'gotmls'), $post->post_title, $threat);
588	} elseif (is_array($postdb = explode(":", $post->post_title.":")) && count($postdb) > 3 && is_numeric($postdb[1])) {
589	if ("options" == substr($postdb[0], -7)) {
590	- if ($opt_row = $wpdb->get_row("SELECT * FROM `$wpdb->options` WHERE `option_id` = ".$postdb[1], ARRAY_A))
591	- $link = GOTMLS_error_link(__("View Option Record: ",'gotmls').$postdb[1], $postdb[1].'.1', $threat);
592	elseif ($opt_row = $wpdb->get_row($SQL = $wpdb->prepare("SELECT * FROM `$wpdb->options` WHERE `option_name` LIKE %s", trim($postdb[2], '"')), ARRAY_A))
593	$link = GOTMLS_error_link(__("View Option Record: ",'gotmls').htmlspecialchars($postdb[2]), $opt_row["option_id"].'.1', $threat);
594	else
	@@ -596,14 +596,14 @@ function GOTMLS_get_quarantine($only = false) {
596	} else {
597	$link = '<a target="_blank" href="';
598	if ("revision" == $postdb[0])
599	- $link .= admin_url('revision.php?revision='.$postdb[1])."\" title=\"View this revision";
600	else
601	- $link .= admin_url('post.php?action=edit&post='.$postdb[1])."\" title=\"View current ".$postdb[0];
602	- $link .= "\" id=\"list_edit_$postdb[1]\" class=\"GOTMLS_plugin $threat\">";
603	}
604	}
605	$Q_Page .= '
606	- <li id="GOTMLS_quarantine_'.$post->ID.'" class="GOTMLS_quarantine_item" onmouseover="this.style.fontWeight=\'bold\';" onmouseout="this.style.fontWeight=\'normal\';"><span class="GOTMLS_date">'.GOTMLS_error_link(__("View Quarantine Record",'gotmls'), $post->ID, $threat).$post->post_date_gmt.'</a></span><span class="GOTMLS_date">'.$post->post_modified_gmt.'</span><input type="checkbox" name="GOTMLS_fix[]" value="'.$action.'" /><img src="'.GOTMLS_images_path.$gif.'" height=16 width=16 alt="Q">'.$link.str_replace($root_path, "...", $post->post_title)."</a></li>\n";
607	}
608	$Q_Page .= "\n</ul>";
609	for ($p = 1; $p <= $my_query->max_num_pages; $p++) {
	@@ -634,13 +634,13 @@ function GOTMLS_box($bTitle, $bContents, $bType = "postbox") {
634
635	if ((isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", (isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:(isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")))) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)))) {
636	if (isset($_GET["page"]) && str_replace('-', '_', $_GET["page"]) == "GOTMLS_View_Quarantine" && isset($_REQUEST["GOTMLS_mt"]) && strlen($_REQUEST["GOTMLS_mt"]) == 32 && isset($GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST["GOTMLS_mt"]])) {
637	- $return = (print_r( array("nonce"=>$GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST["GOTMLS_mt"]],"mt"~~=>($~~_REQUEST["GOTMLS_mt"])),1));
638	try {
639	$Q_Paged = '<form method="POST" name="GOTMLS_Form_page"><input type="hidden" id="GOTMLS_paged" name="paged" value="1">';//<div style="float: left;">Page:</div>';
640	$Q_Page = '<form method="POST" action="?'.(isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?$_SERVER["QUERY_STRING"]:"page=GOTMLS_View_Quarantine&".GOTMLS_set_nonce(__FUNCTION__."592")).'" name="GOTMLS_Form_clean">';
641	$wpdb->prefix = $table_prefix;
642	if (isset($_REQUEST["id"]) && is_numeric($_REQUEST["id"])) {
643	- $my_query = $wpdb->get_results("SELECT * FROM `{$wpdb->prefix}posts` WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'private' AND `ID` = ".$_REQUEST["id"], ARRAY_A);
644	if (is_array($my_query) && count($my_query) && ($Q_post = $my_query[0]) && isset($Q_post["post_type"]) && $Q_post["post_type"] == "GOTMLS_quarantine" && isset($Q_post["post_status"]) && $Q_post["post_status"] == "private") {
645	$clean_file = $Q_post["post_title"];
646	$GLOBALS["GOTMLS"]["tmp"]["file_contents"] = GOTMLS_decode($Q_post["post_content"]);
	@@ -707,7 +707,7 @@ function select_text_range(ta_id, start, end) {
707	if (GOTMLS_file_put_contents($post_a["post_title"], GOTMLS_decode($post_a["post_content"]))) {
708	$post_a["post_modified_gmt"] = date("Y-m-d H:i:s");
709	$image = "checked";
710	- $wpdb->query("UPDATE `{$wpdb->prefix}posts` SET `post_status` = 'pending' WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'private' AND `ID` = ".$post_a["ID"]);
711	}
712	}
713	$Q_Page .= '
	@@ -723,7 +723,7 @@ function select_text_range(ta_id, start, end) {
723	die(GOTMLS_html_tags(array("html" => array("body" => GOTMLS_get_header().GOTMLS_box(__("View Quarantine",'gotmls'), "$return")))));
724	}
725	} catch (Exception $e) {
726	- die('Caught exception: '. $e->getMessage(). "\n");
727	}
728	} else {
729	header("Content-type: image/gif");
	@@ -952,12 +952,19 @@ function GOTMLS_check_threat($check_threats, $file='UNKNOWN') {
952	return count($GLOBALS["GOTMLS"]["tmp"]["threats_found"]);
953	}
954







955	function GOTMLS_scanfile($file) {
956	global $wpdb, $GOTMLS_chmod_file, $GOTMLS_chmod_dir;
957	$GLOBALS["GOTMLS"]["tmp"]["debug_fix"]="Scanning...";
958	$GLOBALS["GOTMLS"]["tmp"]["threats_found"] = array();
959	- $gt = ">";
960	- $lt = "<";
961	$found = false;
962	$threat_link = "";
963	$className = "scanned";
	@@ -980,7 +987,7 @@ function GOTMLS_scanfile($file) {
980	if (isset($whitelist[md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'O'.$filesize]))
981	return GOTMLS_return_threat($className, "checked.gif?$className", $file, $threat_link);
982	$GLOBALS["GOTMLS"]["tmp"]["new_contents"] = $GLOBALS["GOTMLS"]["tmp"]["file_contents"];
983	- if (isset($GLOBALS["GOTMLS"]["log"]["settings"]["check_custom"]) && strlen($GLOBALS["GOTMLS"]["log"]["settings"]["check_custom"]) && isset($_GET['eli']) && ~~substr~~($GLOBALS["GOTMLS"]["log"]["settings"]["check_custom"]~~, 0, 1~~) ~~== '/'~~ && ($found = GOTMLS_check_threat($GLOBALS["GOTMLS"]["log"]["settings"]["check_custom"])))
984	$className = "known";
985	else {
986	$path = str_replace("//", "/", "/".str_replace("\\", "/", substr($file, strlen(ABSPATH))));
	@@ -1057,7 +1064,7 @@ $GLOBALS["GOTMLS"]["tmp"]["debug_fix"]="GOTMLS_fix";
1057	echo __("Success!",'gotmls');
1058	return "/--{$gt}"."/\nfixedFile('$clean_file');\n/{$lt}!--"."/";
1059	} else {
1060	- echo __("Failed:",'gotmls').' '.(strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"])?((is_writable(dirname($file)) && is_writable($file))?(($Q_post===false)?__("failed to quarantine!",'gotmls')." (".$wpdb->last_error.")":((isset($Write_File)&&$Write_File)?"Q=$Q_post: ".__("reason unknown!",'gotmls'):"Q=$Q_post: ".__("failed to write!",'gotmls'))):__("file not writable!",'gotmls')):__("no file contents!",'gotmls'));
1061	if (isset($_GET["eli"]))
1062	echo 'uid='.getmyuid().'('.get_current_user().'),gid='.getmygid().($lt.'br'.$gt.$lt.'pre'.$gt.'file_stat'.print_r(stat($file), true));
1063	return "/--{$gt}"."/\nfailedFile('$clean_file');\n/{$lt}!--"."/";
	@@ -1092,7 +1099,7 @@ function GOTMLS_db_scan($id = 0) {
1092	if ($id) {
1093	$encoded_id = GOTMLS_encode($id);
1094	$ids = explode(".", $id.'.');
1095	- if (count($ids) > 2 && 'tbl'.$ids[1] == 'tbl1' && is_numeric($ids[0]) && ($Q_post = $wpdb->get_row("SELECT * FROM `$wpdb->options` WHERE `option_id` = ".$ids[0], ARRAY_A))) {
1096	$path = 'Option ID: '.$Q_post["option_id"];
1097	$clean_file = $Q_post["option_name"];
1098	$fa = "";
	@@ -1121,7 +1128,7 @@ function GOTMLS_db_scan($id = 0) {
1121	GOTMLS_write_quarantine($Q_post, "db_scan");
1122	if ($_REQUEST["GOTMLS_fixing"] > 1) {
1123	echo "<li>Removing $path ... ";
1124	- if ($wpdb->query("DELETE FROM `$wpdb->options` WHERE `option_id` = ".$Q_post["option_id"])) {
1125	echo __("Done!",'gotmls');
1126	$li_js .= "/-->"."/\nDeletedFile('$encoded_id');\n/<!--"."/";
1127	} else {
	@@ -1206,13 +1213,13 @@ function GOTMLS_db_scan($id = 0) {
1206	if (!isset($_REQUEST["eli"]))
1207	$and = " AND `post_status` != 'trash'";
1208	if (isset($_REQUEST["limit"]) && is_numeric($_REQUEST["limit"]))
1209	- $and = " LIMIT ".$_REQUEST["limit"];
1210	if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"])) {
1211	if (isset($_GET["GOTMLS_scan"]) && strlen($_GET["GOTMLS_scan"]) > 8 && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"][substr($_GET["GOTMLS_scan"], 8)])) {
1212	$scan_replace = str_replace("db_scan", "Database for ", GOTMLS_htmlspecialchars($_GET["GOTMLS_scan"]));
1213	- $db_scan_a = array(substr($_GET["GOTMLS_scan"], 8) => $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"][substr($_GET["GOTMLS_scan"], 8)]);
1214	- } elseif (isset($_GET["GOTMLS_only_file"]) && strlen($_GET["GOTMLS_only_file"]) && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"][~~GOTMLS_decode(~~$_GET["GOTMLS_only_file"])])) {
1215	- $scan_replace = str_replace("db_scan", "Database only ".(isset($_GET["limit"]) && is_numeric($_GET["limit"])) ? $_GET["limit"] : ""." for ", GOTMLS_htmlspecialchars("db_scan".GOTMLS_decode($_GET["GOTMLS_only_file"])));
1216	$_GET["GOTMLS_scan"] = "db_scan=".GOTMLS_decode($_GET["GOTMLS_only_file"]);
1217	$db_scan_a = array(GOTMLS_decode($_GET["GOTMLS_only_file"]) => $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"][GOTMLS_decode($_GET["GOTMLS_only_file"])]);
1218	} else {
	@@ -1221,12 +1228,12 @@ function GOTMLS_db_scan($id = 0) {
1221	}
1222	echo "/<!--"."/".GOTMLS_update_status(sprintf(__("Scanning %s",'gotmls'), $scan_replace));
1223	GOTMLS_flush();
1224	- $li_js .= "/<!--"."/".GOTMLS_return_threat("dir", "checked", $_GET["GOTMLS_scan"]).GOTMLS_update_status(sprintf(__("Scanned %s",'gotmls'), $scan_replace));
1225	} else {
1226	echo "/<!--"."/".GOTMLS_update_status(sprintf(__("No Definitions for DB Injections!",'gotmls')));
1227	GOTMLS_flush();
1228	- $li_js .= GOTMLS_return_threat("error", "question", $_GET["GOTMLS_scan"]);
1229	- $db_scan_a = $_GET["GOTMLS_scan"];
1230	}
1231	if (isset($db_scan_a) && is_array($db_scan_a)) {
1232	echo "\n//memory_limit=".@ini_get("memory_limit")."\n";
	@@ -1381,7 +1388,7 @@ function GOTMLS_explode_dir($dir, $pre = '') {
1381
1382	function GOTMLS_html_tags($tags, $inner = array()) {
1383	$html = "";
1384	- $gt = ">";
1385	if (!is_array($tags))
1386	return $html;
1387	foreach ($tags as $tag => $contents) {
	@@ -1579,16 +1586,16 @@ function GOTMLS_error_link($errorTXT, $file = "", $class = "errors") {
1579	if (isset($post->post_title))
1580	$js_file = GOTMLS_strip4java(GOTMLS_htmlspecialchars($post->post_title, ENT_NOQUOTES));
1581	elseif (count($ids) > 2 && 'tbl'.$ids[1] == 'tbl1' && is_numeric($ids[0]))
1582	- $js_file = GOTMLS_strip4java(GOTMLS_htmlspecialchars($wpdb->get_var("SELECT CONCAT('option', `option_id`, ': ', `option_name`) FROM `$wpdb->options` WHERE `option_id` = ".$ids[0]), ENT_NOQUOTES));
1583	elseif (count($ids) > 2 && 'tbl'.$ids[1] == 'tbl0' && is_numeric($ids[0]))
1584	- $js_file = GOTMLS_strip4java(GOTMLS_htmlspecialchars($wpdb->get_var("SELECT CONCAT(`post_type`, `ID`, ': ', `post_title`) FROM `$wpdb->posts` WHERE `ID` = ".$ids[0]), ENT_NOQUOTES));
1585	else
1586	$js_file = GOTMLS_strip4java(GOTMLS_htmlspecialchars($file, ENT_NOQUOTES));
1587	if (count($ids) == 2 && is_numeric($ids[0])) {
1588	- $encoded_file = $file;
1589	- $onclick = 'loadIframe(\''.str_replace("\"", """, '<div style="float: left; white-space: nowrap;">'.GOTMLS_strip4java(__("Examine Quarantined Content",'gotmls')).' ... </div><div style="overflow: hidden; position: relative; height: 20px;"><div style="position: absolute; right: 0px; text-align: right; width: 9000px;">'.$js_file).'</div></div>\');" href="'.admin_url('admin-ajax.php?action=GOTMLS_scan&'.GOTMLS_set_nonce(__FUNCTION__."~~1263~~").'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].'&GOTMLS_scan='.$~~file~~);
1590	} elseif ($file)
1591	- $onclick = 'loadIframe(\''.str_replace("\"", """, '<div style="float: left; white-space: nowrap;">'.GOTMLS_strip4java(__("Examine Current Content",'gotmls')).' ... </div><div style="overflow: hidden; position: relative; height: 20px;"><div style="position: absolute; right: 0px; text-align: right; width: 9000px;">'.$js_file).'</div></div>\');" href="'.admin_url('admin-ajax.php?action=GOTMLS_scan&'.GOTMLS_set_nonce(__FUNCTION__."~~1265~~").'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].'&GOTMLS_scan='.$encoded_file.preg_replace('/\&(GOTMLS_scan\|mt\|GOTMLS_mt\|action)=/', '&last_\1=', isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"&".$_SERVER["QUERY_STRING"]:""));
1592	else
1593	$onclick = 'return false;';
1594	return "<a id=\"list_$encoded_file\" title=\"$errorTXT\" target=\"GOTMLS_iFrame\" onclick=\"$onclick\" class=\"GOTMLS_plugin $class\">";
	@@ -1669,7 +1676,7 @@ function GOTMLS_scandir($dir) {
1669	if (is_file($path)) {
1670	if (isset($_GET["GOTMLS_skip_file"]) && is_array($_GET["GOTMLS_skip_file"]) && in_array($path, $_GET["GOTMLS_skip_file"])) {
1671	$li_js .= "/-->"."/\n//skipped $path;\n/<!--"."/";
1672	- if ($~~path == $~~_GET["GOTMLS_skip_file"][count($_GET["GOTMLS_skip_file"])-1])
1673	echo GOTMLS_return_threat("errors", "blocked", $path, GOTMLS_error_link(__("Failed to read file!",'gotmls'), $path));
1674	} else {
1675	GOTMLS_check_file($path);
	@@ -1749,6 +1756,16 @@ function GOTMLS_scan_log() {
1749	return "Last ".(isset($GOTMLS_scan_log["scan"]["type"])?$GOTMLS_scan_log["scan"]["type"]:"Scan")." $LastScan";
1750	}
1751










1752	function GOTMLS_get_URL($URL) {
1753	$response = "";
1754	$GLOBALS["GOTMLS"]["get_URL"] = get_option('GOTMLS_get_URL_array', array());


16	//if (is_file(GOTMLS_plugin_path.$file) && ($contents = @file_get_contents(GOTMLS_plugin_path.$file)) && preg_match('/\nversion:\s*([0-9\.]+)/i', $contents, $match))
17	// GOTMLS_define("GOTMLS_Version", $match[1]);
18	//else
19	+ GOTMLS_define("GOTMLS_Version", '4.20.95');
20	GOTMLS_define("GOTMLS_require_version", "3.3");
21	if (!function_exists("__")) {
22	function __($text, $domain = "gotmls") {

217	}
218	if (!function_exists("GOTMLS_Invalid_Nonce")) {
219	function GOTMLS_Invalid_Nonce($pre = "//Error: ") {
220	+ return $pre.__("Invalid or expired Nonce Token!",'gotmls').(isset($_REQUEST["GOTMLS_mt"])?(" (".GOTMLS_htmlspecialchars($_REQUEST["GOTMLS_mt"]).((strlen($_REQUEST["GOTMLS_mt"]) == 32)?(isset($GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST["GOTMLS_mt"]])?GOTMLS_htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST["GOTMLS_mt"]]):" !found)"):" !len[".strlen($_REQUEST["GOTMLS_mt"])."])")):" (GOTMLS_mt !set)").__("Refresh and try again?",'gotmls');
221	}}
222
223	if (!function_exists("GOTMLS_set_nonce")) {

235	if (!isset($GLOBALS["GOTMLS"]["tmp"]["nonce"][$transient_name])) {
236	$GLOBALS["GOTMLS"]["tmp"]["nonce"][$transient_name] = $hour;
237	if (!GOTMLS_update_option('nonce', $GLOBALS["GOTMLS"]["tmp"]["nonce"]))
238	+ return (GOTMLS_sanitize($context)."=DB-err:".urlencode(preg_replace('/[\r\n]+/', " ", print_r($GLOBALS["GOTMLS"]["tmp"]["nonce"],1).$wpdb->last_error)));
239	}
240	+ return 'GOTMLS_mt='.urlencode($transient_name);
241	}}
242
243	if (!function_exists("GOTMLS_get_nonce")) {

246	if (is_array($_REQUEST["GOTMLS_mt"])) {
247	foreach ($_REQUEST["GOTMLS_mt"] as $_REQUEST_GOTMLS_mt)
248	if (strlen($_REQUEST_GOTMLS_mt) == 32 && isset($GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST_GOTMLS_mt]))
249	+ return (INT) $GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST_GOTMLS_mt];
250	return 0;
251	} elseif (strlen($_REQUEST["GOTMLS_mt"]) == 32 && isset($GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST["GOTMLS_mt"]]))
252	+ return (INT) $GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST["GOTMLS_mt"]];
253	else
254	return "";
255	} else

454	if (arguments[2])
455	return setTimeout("stopCheckingDefinitions = checkupdateserver(\'"+arguments[2]+"\',\'"+divid+"\')",15000);
456	else
457	+ return setTimeout("cancelserver(\'"+divid+"\')",'.(((INT) $GLOBALS["GOTMLS"]["tmp"]['execution_time'])+1).'000+3000);
458	}
459	}
460	var IE = document.all?true:false;

557	if (is_numeric($only))
558	return get_post($only, ARRAY_A);
559	elseif ($only)
560	+ return $wpdb->get_var("SELECT COUNT(*) FROM `$wpdb->posts` WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'private'");
561	else
562	$args = array('posts_per_page' => (isset($_GET['posts_per_page'])&&is_numeric($_GET['posts_per_page'])&&$_GET['posts_per_page']>0?$_GET['posts_per_page']:200), 'orderby' => 'date', 'post_type' => 'GOTMLS_quarantine', "post_status" => "private");
563	+ if (isset($_POST["paged"]) && is_numeric($_POST["paged"]))
564	+ $args["paged"] = (INT) $_POST["paged"];
565	$my_query = new WP_Query($args);
566	$Q_Paged = '<form method="POST" name="GOTMLS_Form_page"><div style="float: left;">Page:</div>';
567	$Q_Page = '

587	$link = GOTMLS_error_link(__("View current/live version",'gotmls'), $post->post_title, $threat);
588	} elseif (is_array($postdb = explode(":", $post->post_title.":")) && count($postdb) > 3 && is_numeric($postdb[1])) {
589	if ("options" == substr($postdb[0], -7)) {
590	+ if ($opt_row = $wpdb->get_row($wpdb->prepare("SELECT * FROM `$wpdb->options` WHERE `option_id` = %s",(INT) $postdb[1]), ARRAY_A))
591	+ $link = GOTMLS_error_link(__("View Option Record: ",'gotmls').((INT) $postdb[1]), ((INT) $postdb[1]).'.1', $threat);
592	elseif ($opt_row = $wpdb->get_row($SQL = $wpdb->prepare("SELECT * FROM `$wpdb->options` WHERE `option_name` LIKE %s", trim($postdb[2], '"')), ARRAY_A))
593	$link = GOTMLS_error_link(__("View Option Record: ",'gotmls').htmlspecialchars($postdb[2]), $opt_row["option_id"].'.1', $threat);
594	else

596	} else {
597	$link = '<a target="_blank" href="';
598	if ("revision" == $postdb[0])
599	+ $link .= admin_url('revision.php?revision='.urlencode($postdb[1]))."\" title=\"View this revision";
600	else
601	+ $link .= admin_url('post.php?action=edit&post='.urlencode((INT) $postdb[1]))."\" title=\"View current ".GOTMLS_htmlspecialchars($postdb[0]);
602	+ $link .= "\" id=\"list_edit_".((INT) $postdb[1])."\" class=\"GOTMLS_plugin $threat\">";
603	}
604	}
605	$Q_Page .= '
606	+ <li id="GOTMLS_quarantine_'.((INT) $post->ID).'" class="GOTMLS_quarantine_item" onmouseover="this.style.fontWeight=\'bold\';" onmouseout="this.style.fontWeight=\'normal\';"><span class="GOTMLS_date">'.GOTMLS_error_link(__("View Quarantine Record",'gotmls'), $post->ID, $threat).$post->post_date_gmt.'</a></span><span class="GOTMLS_date">'.GOTMLS_htmlspecialchars($post->post_modified_gmt).'</span><input type="checkbox" name="GOTMLS_fix[]" value="'.$action.'" /><img src="'.GOTMLS_images_path.$gif.'" height=16 width=16 alt="Q">'.$link.GOTMLS_htmlspecialchars(str_replace($root_path, "...", $post->post_title))."</a></li>\n";
607	}
608	$Q_Page .= "\n</ul>";
609	for ($p = 1; $p <= $my_query->max_num_pages; $p++) {

634
635	if ((isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", (isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:(isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")))) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)))) {
636	if (isset($_GET["page"]) && str_replace('-', '_', $_GET["page"]) == "GOTMLS_View_Quarantine" && isset($_REQUEST["GOTMLS_mt"]) && strlen($_REQUEST["GOTMLS_mt"]) == 32 && isset($GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST["GOTMLS_mt"]])) {
637	+ $return = GOTMLS_htmlspecialchars(print_r( array("nonce"=>$GLOBALS["GOTMLS"]["tmp"]["nonce"][$_REQUEST["GOTMLS_mt"]],"mt"=>$_REQUEST["GOTMLS_mt"]),1));
638	try {
639	$Q_Paged = '<form method="POST" name="GOTMLS_Form_page"><input type="hidden" id="GOTMLS_paged" name="paged" value="1">';//<div style="float: left;">Page:</div>';
640	$Q_Page = '<form method="POST" action="?'.(isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?$_SERVER["QUERY_STRING"]:"page=GOTMLS_View_Quarantine&".GOTMLS_set_nonce(__FUNCTION__."592")).'" name="GOTMLS_Form_clean">';
641	$wpdb->prefix = $table_prefix;
642	if (isset($_REQUEST["id"]) && is_numeric($_REQUEST["id"])) {
643	+ $my_query = $wpdb->get_results($wpdb->prepare("SELECT * FROM `{$wpdb->prefix}posts` WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'private' AND `ID` = %s", (INT) $_REQUEST["id"]), ARRAY_A);
644	if (is_array($my_query) && count($my_query) && ($Q_post = $my_query[0]) && isset($Q_post["post_type"]) && $Q_post["post_type"] == "GOTMLS_quarantine" && isset($Q_post["post_status"]) && $Q_post["post_status"] == "private") {
645	$clean_file = $Q_post["post_title"];
646	$GLOBALS["GOTMLS"]["tmp"]["file_contents"] = GOTMLS_decode($Q_post["post_content"]);

707	if (GOTMLS_file_put_contents($post_a["post_title"], GOTMLS_decode($post_a["post_content"]))) {
708	$post_a["post_modified_gmt"] = date("Y-m-d H:i:s");
709	$image = "checked";
710	+ $wpdb->query($wpdb->prepare("UPDATE `{$wpdb->prefix}posts` SET `post_status` = 'pending' WHERE `post_type` = 'GOTMLS_quarantine' AND `post_status` = 'private' AND `ID` = %s", (INT) $post_a["ID"]));
711	}
712	}
713	$Q_Page .= '

723	die(GOTMLS_html_tags(array("html" => array("body" => GOTMLS_get_header().GOTMLS_box(__("View Quarantine",'gotmls'), "$return")))));
724	}
725	} catch (Exception $e) {
726	+ die('Caught exception: '.GOTMLS_htmlspecialchars($e->getMessage())."\n");
727	}
728	} else {
729	header("Content-type: image/gif");

952	return count($GLOBALS["GOTMLS"]["tmp"]["threats_found"]);
953	}
954
955	+ function GOTMLS_verify_regex($RegExp) {
956	+ if (preg_match('/^(\/\|\#\|\\|).+\1[is]*$/', $RegExp))
957	+ return $RegExp;
958	+ else
959	+ return "";
960	+ }
961	+
962	function GOTMLS_scanfile($file) {
963	global $wpdb, $GOTMLS_chmod_file, $GOTMLS_chmod_dir;
964	$GLOBALS["GOTMLS"]["tmp"]["debug_fix"]="Scanning...";
965	$GLOBALS["GOTMLS"]["tmp"]["threats_found"] = array();
966	+ $gt = ">"; // This local variable never changes
967	+ $lt = "<"; // This local variable never changes
968	$found = false;
969	$threat_link = "";
970	$className = "scanned";

987	if (isset($whitelist[md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"]).'O'.$filesize]))
988	return GOTMLS_return_threat($className, "checked.gif?$className", $file, $threat_link);
989	$GLOBALS["GOTMLS"]["tmp"]["new_contents"] = $GLOBALS["GOTMLS"]["tmp"]["file_contents"];
990	+ if (isset($GLOBALS["GOTMLS"]["log"]["settings"]["check_custom"]) && strlen($GLOBALS["GOTMLS"]["log"]["settings"]["check_custom"]) && isset($_GET['eli']) && GOTMLS_verify_regex($GLOBALS["GOTMLS"]["log"]["settings"]["check_custom"]) && ($found = GOTMLS_check_threat($GLOBALS["GOTMLS"]["log"]["settings"]["check_custom"])))
991	$className = "known";
992	else {
993	$path = str_replace("//", "/", "/".str_replace("\\", "/", substr($file, strlen(ABSPATH))));

1064	echo __("Success!",'gotmls');
1065	return "/--{$gt}"."/\nfixedFile('$clean_file');\n/{$lt}!--"."/";
1066	} else {
1067	+ echo __("Failed:",'gotmls').' '.(strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"])?((is_writable(dirname($file)) && is_writable($file))?(($Q_post===false)?__("failed to quarantine!",'gotmls')." (".GOTMLS_htmlspecialchars($wpdb->last_error).")":((isset($Write_File)&&$Write_File)?"Q=$Q_post: ".__("reason unknown!",'gotmls'):"Q=$Q_post: ".__("failed to write!",'gotmls'))):__("file not writable!",'gotmls')):__("no file contents!",'gotmls'));
1068	if (isset($_GET["eli"]))
1069	echo 'uid='.getmyuid().'('.get_current_user().'),gid='.getmygid().($lt.'br'.$gt.$lt.'pre'.$gt.'file_stat'.print_r(stat($file), true));
1070	return "/--{$gt}"."/\nfailedFile('$clean_file');\n/{$lt}!--"."/";

1099	if ($id) {
1100	$encoded_id = GOTMLS_encode($id);
1101	$ids = explode(".", $id.'.');
1102	+ if (count($ids) > 2 && 'tbl'.$ids[1] == 'tbl1' && is_numeric($ids[0]) && ($Q_post = $wpdb->get_row($wpdb->prepare("SELECT * FROM `$wpdb->options` WHERE `option_id` = %s", (INT) $ids[0]), ARRAY_A))) {
1103	$path = 'Option ID: '.$Q_post["option_id"];
1104	$clean_file = $Q_post["option_name"];
1105	$fa = "";

1128	GOTMLS_write_quarantine($Q_post, "db_scan");
1129	if ($_REQUEST["GOTMLS_fixing"] > 1) {
1130	echo "<li>Removing $path ... ";
1131	+ if ($wpdb->query($wpdb->prepare("DELETE FROM `$wpdb->options` WHERE `option_id` = %s", (INT) $Q_post["option_id"]))) {
1132	echo __("Done!",'gotmls');
1133	$li_js .= "/-->"."/\nDeletedFile('$encoded_id');\n/<!--"."/";
1134	} else {

1213	if (!isset($_REQUEST["eli"]))
1214	$and = " AND `post_status` != 'trash'";
1215	if (isset($_REQUEST["limit"]) && is_numeric($_REQUEST["limit"]))
1216	+ $and = " LIMIT ".((INT) $_REQUEST["limit"]);
1217	if (isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"])) {
1218	if (isset($_GET["GOTMLS_scan"]) && strlen($_GET["GOTMLS_scan"]) > 8 && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"][substr($_GET["GOTMLS_scan"], 8)])) {
1219	$scan_replace = str_replace("db_scan", "Database for ", GOTMLS_htmlspecialchars($_GET["GOTMLS_scan"]));
1220	+ $db_scan_a = array(GOTMLS_sanitize(substr($_GET["GOTMLS_scan"], 8)) => $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"][substr($_GET["GOTMLS_scan"], 8)]);
1221	+ } elseif (isset($_GET["GOTMLS_only_file"]) && strlen($_GET["GOTMLS_only_file"]) && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"][$_GET["GOTMLS_only_file"]])) {
1222	+ $scan_replace = str_replace("db_scan", "Database only ".(isset($_GET["limit"]) && is_numeric($_GET["limit"])) ? (INT) $_GET["limit"] : ""." for ", GOTMLS_htmlspecialchars("db_scan=".GOTMLS_decode($_GET["GOTMLS_only_file"])));
1223	$_GET["GOTMLS_scan"] = "db_scan=".GOTMLS_decode($_GET["GOTMLS_only_file"]);
1224	$db_scan_a = array(GOTMLS_decode($_GET["GOTMLS_only_file"]) => $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["db_scan"][GOTMLS_decode($_GET["GOTMLS_only_file"])]);
1225	} else {

1228	}
1229	echo "/<!--"."/".GOTMLS_update_status(sprintf(__("Scanning %s",'gotmls'), $scan_replace));
1230	GOTMLS_flush();
1231	+ $li_js .= "/<!--"."/".GOTMLS_return_threat("dir", "checked", GOTMLS_htmlspecialchars($_GET["GOTMLS_scan"])).GOTMLS_update_status(sprintf(__("Scanned %s",'gotmls'), $scan_replace));
1232	} else {
1233	echo "/<!--"."/".GOTMLS_update_status(sprintf(__("No Definitions for DB Injections!",'gotmls')));
1234	GOTMLS_flush();
1235	+ $li_js .= GOTMLS_return_threat("error", "question", GOTMLS_htmlspecialchars($_GET["GOTMLS_scan"]));
1236	+ $db_scan_a = GOTMLS_sanitize($_GET["GOTMLS_scan"]);
1237	}
1238	if (isset($db_scan_a) && is_array($db_scan_a)) {
1239	echo "\n//memory_limit=".@ini_get("memory_limit")."\n";

1388
1389	function GOTMLS_html_tags($tags, $inner = array()) {
1390	$html = "";
1391	+ $gt = ">"; // This local variable never changes
1392	if (!is_array($tags))
1393	return $html;
1394	foreach ($tags as $tag => $contents) {

1586	if (isset($post->post_title))
1587	$js_file = GOTMLS_strip4java(GOTMLS_htmlspecialchars($post->post_title, ENT_NOQUOTES));
1588	elseif (count($ids) > 2 && 'tbl'.$ids[1] == 'tbl1' && is_numeric($ids[0]))
1589	+ $js_file = GOTMLS_strip4java(GOTMLS_htmlspecialchars($wpdb->get_var($wpdb->prepare("SELECT CONCAT('option', `option_id`, ': ', `option_name`) FROM `$wpdb->options` WHERE `option_id` = %s", (INT) $ids[0])), ENT_NOQUOTES));
1590	elseif (count($ids) > 2 && 'tbl'.$ids[1] == 'tbl0' && is_numeric($ids[0]))
1591	+ $js_file = GOTMLS_strip4java(GOTMLS_htmlspecialchars($wpdb->get_var($wpdb->prepare("SELECT CONCAT(`post_type`, `ID`, ': ', `post_title`) FROM `$wpdb->posts` WHERE `ID` = %s", (INT) $ids[0])), ENT_NOQUOTES));
1592	else
1593	$js_file = GOTMLS_strip4java(GOTMLS_htmlspecialchars($file, ENT_NOQUOTES));
1594	if (count($ids) == 2 && is_numeric($ids[0])) {
1595	+ $encoded_file = (INT) $file;
1596	+ $onclick = 'loadIframe(\''.str_replace("\"", """, '<div style="float: left; white-space: nowrap;">'.GOTMLS_strip4java(__("Examine Quarantined Content",'gotmls')).' ... </div><div style="overflow: hidden; position: relative; height: 20px;"><div style="position: absolute; right: 0px; text-align: right; width: 9000px;">'.$js_file).'</div></div>\');" href="'.admin_url('admin-ajax.php?action=GOTMLS_scan&'.GOTMLS_set_nonce(__FUNCTION__."1655").'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].'&GOTMLS_scan='.$encoded_file);
1597	} elseif ($file)
1598	+ $onclick = 'loadIframe(\''.str_replace("\"", """, '<div style="float: left; white-space: nowrap;">'.GOTMLS_strip4java(__("Examine Current Content",'gotmls')).' ... </div><div style="overflow: hidden; position: relative; height: 20px;"><div style="position: absolute; right: 0px; text-align: right; width: 9000px;">'.$js_file).'</div></div>\');" href="'.admin_url('admin-ajax.php?action=GOTMLS_scan&'.GOTMLS_set_nonce(__FUNCTION__."1657").'&mt='.$GLOBALS["GOTMLS"]["tmp"]["mt"].'&GOTMLS_scan='.$encoded_file.preg_replace('/\&(GOTMLS_scan\|mt\|GOTMLS_mt\|action)=/', '&last_\1=', isset($_SERVER["QUERY_STRING"])&&strlen($_SERVER["QUERY_STRING"])?"&".$_SERVER["QUERY_STRING"]:""));
1599	else
1600	$onclick = 'return false;';
1601	return "<a id=\"list_$encoded_file\" title=\"$errorTXT\" target=\"GOTMLS_iFrame\" onclick=\"$onclick\" class=\"GOTMLS_plugin $class\">";

1676	if (is_file($path)) {
1677	if (isset($_GET["GOTMLS_skip_file"]) && is_array($_GET["GOTMLS_skip_file"]) && in_array($path, $_GET["GOTMLS_skip_file"])) {
1678	$li_js .= "/-->"."/\n//skipped $path;\n/<!--"."/";
1679	+ if ($_GET["GOTMLS_skip_file"][count($_GET["GOTMLS_skip_file"])-1] == $path)
1680	echo GOTMLS_return_threat("errors", "blocked", $path, GOTMLS_error_link(__("Failed to read file!",'gotmls'), $path));
1681	} else {
1682	GOTMLS_check_file($path);

1756	return "Last ".(isset($GOTMLS_scan_log["scan"]["type"])?$GOTMLS_scan_log["scan"]["type"]:"Scan")." $LastScan";
1757	}
1758
1759	+ function GOTMLS_sanitize($unsanitized, $allow = 'a-zA-Z0-9\\|\[\]\{\}<>\s\?\*\%\#\&\/=_\~\:;\.,\+-') {
1760	+ if (is_array($unsanitized)) {
1761	+ $sanitized = array();
1762	+ foreach ($unsanitized as $key => $val)
1763	+ $sanitized[preg_replace('/[^'.$allow.']/', '', $key)] = preg_replace('/[^'.$allow.']/', '', $val);
1764	+ } else
1765	+ $sanitized = preg_replace('/[^'.$allow.']/', '', $unsanitized);
1766	+ return $sanitized;
1767	+ }
1768	+
1769	function GOTMLS_get_URL($URL) {
1770	$response = "";
1771	$GLOBALS["GOTMLS"]["get_URL"] = get_option('GOTMLS_get_URL_array', array());

index.php CHANGED Viewed

	@@ -8,7 +8,7 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
8	Contributors: scheeeli, gotmls
9	Donate link: https://gotmls.net/donate/
10	Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
11	- Version: 4.20.94
12	*/
13	if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", (isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:(isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")))) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)) \|\| !(function_exists("add_action") && function_exists("load_plugin_textdomain")))
14	include(dirname(__FILE__)."/safe-load/index.php");
	@@ -225,7 +225,7 @@ function GOTMLS_display_header($optional_box = "") {
225	</ul></li>
226	<li><img src="//gravatar.com/avatar/5feb789dd3a292d563fea3b885f786d6?s=16" border="0" alt="Plugin site:"><b><a target="_blank" href="'.GOTMLS_plugin_home.'">GOTMLS.NET</a></b></li>
227	<li><img src="//gravatar.com/avatar/8151cac22b3fc543d099241fd573d176?s=16" border="0" alt="Developer site:"><b><a target="_blank" href="http://wordpress.ieonly.com/category/my-plugins/anti-malware/">Eli\'s Blog</a></b></li>
228	- <li><img src="https://~~ssl~~.~~gstatic~~.com/ui/~~v1/icons/mail/favicon.ico~~" border="0" alt="mail:"><b><a target="_blank" href="mailto:eli@gotmls.net">Email Eli</a></b></li>
229	</ul>
230	<a target="_blank" href="https://www.google.com/transparencyreport/safebrowsing/diagnostic/index.html#url='.urlencode(GOTMLS_siteurl).'">Google Safe Browsing Diagnostic</a>', "stuffbox").//GOTMLS_box(__("Last Scan Status",'gotmls'), GOTMLS_scan_log(), "stuffbox").
231	$optional_box.'</div>';
	@@ -268,13 +268,13 @@ if (getWindowWidth(780) == 780)
268	function GOTMLS_get_scanlog() {
269	global $wpdb;
270	$LastScan = '';
271	- if (isset($_GET["GOTMLS_cl"]) && GOTMLS_get_nonce()) {
272	$SQL = $wpdb->prepare("DELETE FROM `$wpdb->options` WHERE option_name LIKE %s AND substring_index(option_name, '/', -1) < %s", 'GOTMLS_scan_log/%', $_GET["GOTMLS_cl"]);
273	if ($cleared = $wpdb->query($SQL))
274	$LastScan .= sprintf(__("Cleared %s records from the history.",'gotmls'), $cleared);
275	// else $LastScan .= $wpdb->last_error."<li>$SQL</li>";
276	}
277	- $SQL = "SELECT substring_index(option_name, '/', -1) AS `mt`, option_name, option_value FROM `$wpdb->options` WHERE option_name LIKE ~~'GOTMLS_scan_log/%'~~ ORDER BY mt DESC";
278	if ($rs = $wpdb->get_results($SQL, ARRAY_A)) {
279	$units = array("seconds"=>60,"minutes"=>60,"hours"=>24,"days"=>365,"years"=>10);
280	$LastScan .= '<ul class="GOTMLS-scanlog GOTMLS-sidebar-links">';
	@@ -282,7 +282,7 @@ function GOTMLS_get_scanlog() {
282	$LastScan .= "\n<li>";
283	$GOTMLS_scan_log = (isset($row["option_name"])?get_option($row["option_name"], array()):array());
284	if (isset($GOTMLS_scan_log["scan"]["type"]) && strlen($GOTMLS_scan_log["scan"]["type"]))
285	- $LastScan .= ~~GOTMLS_htmlentities~~($GOTMLS_scan_log["scan"]["type"]);
286	else
287	$LastScan .= "Unknown scan type";
288	if (isset($GOTMLS_scan_log["scan"]["dir"]) && is_dir($GOTMLS_scan_log["scan"]["dir"]))
	@@ -360,8 +360,8 @@ function GOTMLS_Firewall_Options() {
360	GOTMLS_ajax_load_update();
361	GOTMLS_display_header();
362	$GOTMLS_nonce_found = GOTMLS_get_nonce();
363	- $gt = ">";
364	- $lt = "<";
365	$save_action = "";
366	$patch_attr = array(
367	array(
	@@ -472,7 +472,7 @@ function GOTMLS_Firewall_Options() {
472	$patch_status = 2;
473	}
474	if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_firewall_option"]) && strlen($_POST["GOTMLS_firewall_option"]) && isset($_POST["GOTMLS_firewall_value"]) && strlen($_POST["GOTMLS_firewall_value"])) {
475	- $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"][$_POST["GOTMLS_firewall_option"]] = $_POST["GOTMLS_firewall_value"];
476	if (update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]))
477	$save_action = "\n{$lt}div onclick=\"this.style.display='none';\" style='position: relative; top: -40px; margin: 0 300px 0 130px;' class='updated'$gt\nSettings Saved!$lt/div$gt\n";
478	else
	@@ -489,7 +489,7 @@ function GOTMLS_Firewall_Options() {
489	$admin_notice .= $lt.'hr /'.$gt;
490	if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_admin_username"]) && ($current_user->user_login != trim($_POST["GOTMLS_admin_username"])) && strlen(trim($_POST["GOTMLS_admin_username"])) && preg_match('/^\s[a-z_0-9\@\.\-]{3,}\s$/i', $_POST["GOTMLS_admin_username"])) {
491	if ($wpdb->update($wpdb->users, array("user_login" => trim($_POST["GOTMLS_admin_username"])), array("user_login" => $current_user->user_login))) {
492	- $wpdb->query("UPDATE `{$wpdb->prefix}sitemeta` SET `meta_value` = REPLACE(`meta_value`, 's:5:\"admin\";', 's:".strlen(trim($_POST["GOTMLS_admin_username"]))."~~:\""~~.trim($_POST["GOTMLS_admin_username"])."\";') ~~WHERE `meta_key` =~~ '~~site_admins' AND `meta_value` like '~~%s:5:\"admin\";%'");
493	$admin_notice .= $lt.'div class="updated"'.$gt.sprintf(__("You username has been change to %s. Don't forget to use your new username when you login again.",'gotmls'), $_POST["GOTMLS_admin_username"]).$lt.'/div'.$gt;
494	} else
495	$admin_notice .= $lt.'div class="error"'.$gt.sprintf(__("SQL Error changing username: %s. Please try again later.",'gotmls'), $wpdb->last_error).$lt.'/div'.$gt;
	@@ -610,17 +610,16 @@ function GOTMLS_ajax_load_update() {
610	if (file_exists(GOTMLS_plugin_path.'definitions_update.txt'))
611	@unlink(GOTMLS_plugin_path.'definitions_update.txt');
612	$saved = GOTMLS_update_option('definitions', $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]);
613	- $~~_REQUEST~~["check"] = array();
614	foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"] as $threat_level=>$definition_names) {
615	if ($threat_level != "potential")
616	- $~~_REQUEST~~["check"][] = $threat_level;
617	foreach ($definition_names as $definition_name=>$definition_version)
618	if (is_array($definition_version) && isset($definition_version[0]) && strlen($definition_version[0]) == 5)
619	if (!isset($GOTMLS_definitions_versions[$threat_level]) \|\| $definition_version[0] > $GOTMLS_definitions_versions[$threat_level])
620	$GOTMLS_definitions_versions[$threat_level] = $definition_version[0];
621	}
622	- $GLOBALS["GOTMLS"]["~~log~~"]["~~settings~~"]["check"] = $~~_REQUEST~~["check"];
623	- $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $_REQUEST["check"];
624	asort($GOTMLS_definitions_versions);
625	$autoUpJS .= '<span style="color: #0C0;">(Newest Definition Updates Installed.)</span>';
626	} elseif ($form != 'registerKeyForm') {
	@@ -645,11 +644,11 @@ function GOTMLS_ajax_load_update() {
645	} elseif (isset($GOTnew_definitions) && is_array($GOTnew_definitions) && count($GOTnew_definitions))
646	$finJS .= "\nalert('Definition update $new_ver could not be saved because update_option Failed! (saved=".($saved?"TRUE":"FALSE").") $debug');";
647	if (isset($_REQUEST["UPDATE_core"]) && ($_REQUEST["UPDATE_core"] == GOTMLS_wp_version) && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][GOTMLS_wp_version])) {
648	- foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][~~$_REQUEST["UPDATE_core"~~]] as $file => $md5) {
649	if (is_file(ABSPATH.$file)) {
650	$GLOBALS["GOTMLS"]["tmp"]["file_contents"] = file_get_contents(ABSPATH.$file);
651	if (GOTMLS_check_threat($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"], ABSPATH.$file)) {
652	- if (isset($GLOBALS["GOTMLS"]["tmp"]["new_contents"]) && isset($_REQUEST["UPDATE_restore"]) && (md5($GLOBALS["GOTMLS"]["tmp"]["new_contents"])."O".strlen($GLOBALS["GOTMLS"]["tmp"]["new_contents"]) ~~== $_REQUEST["UPDATE_restore"]~~))
653	$autoUpJS .= "<li>Core File Restored: $file</li>";
654	else
655	$autoUpJS .= "<li>Core File MODIFIED: $file (".md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"])."O".strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"])." => $md5)</li>";
	@@ -657,7 +656,7 @@ function GOTMLS_ajax_load_update() {
657	} else
658	$autoUpJS .= "<li>Core File MISSING: $file</li>";
659	}
660	- $autoUpJS .= '<div class="update">Definition update: '.$_REQUEST["UPDATE_core"].' checked '.count($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][~~$_REQUEST["UPDATE_core"~~]]).' core files!</div>';
661	}
662	die('//<![CDATA[
663	var inc_form = "";
	@@ -686,12 +685,11 @@ if (foundUpdates = document.getElementById("UPDATE_definitions_div"))
686	function GOTMLS_settings() {
687	global $wpdb, $GOTMLS_dirs_at_depth, $GOTMLS_dir_at_depth;
688	$GOTMLS_scan_groups = array();
689	- $gt = ">";
690	- $lt = "<";
691	GOTMLS_ajax_load_update();
692	if (($GOTMLS_nonce_found = GOTMLS_get_nonce()) && isset($_REQUEST["check"]) && is_array($_REQUEST["check"]))
693	- $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $_REQUEST["check"];
694	- /* removed old code */
695	if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"])) {
696	$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $GLOBALS["GOTMLS"]["tmp"]["threat_levels"];
697	update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
	@@ -701,21 +699,21 @@ function GOTMLS_settings() {
701	$GOTMLS_scan_groups[] = implode(GOTMLS_slash(), array_slice($dirs, -1 * (3 + $SL), 1));
702	if (isset($_POST["exclude_ext"])) {
703	if (strlen(trim(str_replace(",","",$_POST["exclude_ext"]).' ')) > 0)
704	- $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"] = preg_split('/[\s]([,]+[\s])+/', trim(str_replace('.', ',', ~~GOTMLS_htmlentities~~($_POST["exclude_ext"]))), -1, PREG_SPLIT_NO_EMPTY);
705	else
706	$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"] = array();
707	}
708	$default_exclude_ext = str_replace(",gotmls", "", implode(",", $GLOBALS["GOTMLS"]["tmp"]["skip_ext"]));
709	$GLOBALS["GOTMLS"]["tmp"]["skip_ext"] = $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"];
710	if (isset($_POST["UPDATE_definitions_checkbox"])) {
711	- if (isset($_POST[$_POST["UPDATE_definitions_checkbox"]]) && ~~strlen~~(~~trim(" ".$~~_POST[$_POST["UPDATE_definitions_checkbox"]])))
712	- $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"] = $_POST[$_POST["UPDATE_definitions_checkbox"]];
713	else
714	$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"] = "";
715	}
716	if (isset($_POST["exclude_dir"])) {
717	if (strlen(trim(str_replace(",","",$_POST["exclude_dir"]).' ')) > 0)
718	- $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"] = preg_split('/[\s]([,]+[\s])+/', trim(~~GOTMLS_htmlentities~~($_POST["exclude_dir"])), -1, PREG_SPLIT_NO_EMPTY);
719	else
720	$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"] = array();
721	for ($d=0; $d<count($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"]); $d++)
	@@ -724,14 +722,13 @@ function GOTMLS_settings() {
724	}
725	$GLOBALS["GOTMLS"]["tmp"]["skip_dirs"] = array_merge($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"], $GLOBALS["GOTMLS"]["tmp"]["skip_dirs"]);
726	if (isset($_POST["scan_what"]) && is_numeric($_POST["scan_what"]) && $_POST["scan_what"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"])
727	- $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"] = $_POST["scan_what"];
728	if (isset($_POST["check_custom"]) && $_POST["check_custom"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"])
729	- $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = stripslashes($_POST["check_custom"]);
730	if (isset($_POST["scan_depth"]) && is_numeric($_POST["scan_depth"]) && $_POST["scan_depth"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"])
731	- $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"] = $_POST["scan_depth"];
732	- /* ~~removed~~ ~~old~~ ~~code~~ */
733	- ~~if (isset(~~$~~_POST~~['skip_quarantine']) && $_POST['skip_quarantine'])
734	- $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['skip_quarantine'] = $_POST['skip_quarantine'];
735	elseif (isset($_POST["exclude_ext"]))
736	$GLOBALS["GOTMLS"]["tmp"]["settings_array"]['skip_quarantine'] = 0;
737	GOTMLS_update_scan_log(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));
	@@ -747,7 +744,7 @@ function GOTMLS_settings() {
747	if (isset($files) && is_array($files))
748	foreach ($files as $file)
749	if (is_dir(GOTMLS_trailingslashit($dir).$file))
750	- $scan_whatopts = $lt.'input type="checkbox" name="scan_only[]" value="'.~~GOTMLS_htmlentities~~($file).'" /'.$gt.~~GOTMLS_htmlentities~~($file).$lt.'br /'.$gt.$scan_whatopts;
751	$scan_whatopts = "\n$lt".'div style="padding: 4px 30px;" id="scan_group_div_'.$mg.'"'.$gt.$lt.'input type="radio" name="scan_what" id="not-only'.$mg.'" value="'.$mg.'"'.($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]==$mg?' checked':'').' /'.$gt.$lt.'a style="text-decoration: none;" href="#scan_what" onclick="showOnly(\''.$mg.'\');document.getElementById(\'not-only'.$mg.'\').checked=true;"'."$gt{$lt}b$gt$GOTMLS_scan_group$lt/b$gt$lt/a$gt{$lt}br /$gt\n$lt".'div class="rounded-corners" style="position: absolute; display: none; background-color: #CCF; margin: 0; padding: 10px; z-index: 10;" id="only'.$mg.'"'.$gt.$lt.'div style="padding-bottom: 6px;"'.$gt.GOTMLS_close_button('only'.$mg, 0).$lt.'b'.$gt.str_replace(" ", " ", __("Only Scan These Folders:",'gotmls')).$lt.'/b'.$gt.$lt.'/div'.$gt.$scan_whatopts;
752	}
753	$scan_optjs .= "document.getElementById('only'+what).style.display = 'block';\n}";
	@@ -1017,9 +1014,9 @@ var startTime = 0;
1017	$scan_groups_UL = "";
1018	foreach ($scan_groups as $scan_name => $scan_group)
1019	$scan_groups_UL .= "\n{$lt}ul name=\"found_$scan_group\" id=\"found_$scan_group\" class=\"GOTMLS_plugin $scan_group\" style=\"background-color: #ccc; display: none; padding: 0;\"$gt{$lt}a class=\"rounded-corners\" name=\"link_$scan_group\" style=\"float: right; padding: 0 4px; margin: 5px 5px 0 30px; line-height: 16px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;\" href=\"#found_top\" onclick=\"showhide('found_$scan_group');\"{$gt}X$lt/a$gt{$lt}h3$gt$scan_name$lt/h3$gt\n".($scan_group=='potential'?$lt.'p'.$gt.'   * '.__("NOTE: These are probably not malicious scripts (but it's a good place to start looking <u>IF</u> your site is infected and no Known Threats were found).",'gotmls').$lt.'/p'.$gt:($scan_group=='wp_core'?$lt.'p'.$gt.'   * '.sprintf(__("NOTE: We have detected changes to the WordPress Core files on your site. This could be an intentional modification or the malicious work of a hacker. We can restore these files to their original state to preserve the integrity of your original WordPress %s installation.",'gotmls'), GOTMLS_wp_version).' (for more info '.$lt.'a target="_blank" href="'.GOTMLS_plugin_home.'tag/wp-core-files/"'.$gt.__("read my blog",'gotmls').$lt.'/a'.$gt.').'.$lt.'/p'.$gt:$lt.'br /'.$gt)).$lt.'/ul'.$gt;
1020	- if (!($dir = implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + $_REQUEST["scan_what"])))))
1021	$dir = "/";
1022	- GOTMLS_update_scan_log(array("scan" => array("dir" => $dir, "start" => time(), "type" => ~~GOTMLS_htmlentities~~($_REQUEST["scan_type"]))));
1023	echo GOTMLS_box($lt.'div id="GOTMLS_scan_dir" style="float: right;"'.$gt.' ('.$GLOBALS["GOTMLS"]["log"]["scan"]["dir"].") $lt/div$gt".__("Scan Details:",'gotmls'), $scan_groups_UL);
1024	$no_flush_LANGUAGE = __("Not flushing OB Handlers: %s",'gotmls');
1025	if (isset($_REQUEST["no_ob_end_flush"]))
	@@ -1254,7 +1251,7 @@ function GOTMLS_admin_init() {
1254	$ajax_functions = array('load_update', 'log_session', 'empty_trash', 'fix', 'logintime', 'lognewkey', 'position', 'scan', 'View_Quarantine', 'whitelist');
1255	if (GOTMLS_get_nonce()) {
1256	if (isset($_REQUEST["dont_check"]) && is_array($_REQUEST["dont_check"]) && count($_REQUEST["dont_check"]))
1257	- $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"] = $_REQUEST["dont_check"];
1258	elseif (isset($_POST["scan_type"]) \|\| !(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"])))
1259	$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"] = array();
1260	if (isset($_POST["scan_level"]) && is_numeric($_POST["scan_level"]))
	@@ -1320,7 +1317,7 @@ function GOTMLS_init() {
1320	)
1321	);
1322	}
1323	- add_action("~~admin_init~~", "GOTMLS_init");
1324
1325	function GOTMLS_ajax_log_session() {
1326	header("Content-type: text/javascript");
	@@ -1354,13 +1351,13 @@ function GOTMLS_ajax_position() {
1354	</script'.$gl.'/head';
1355	} elseif (isset($_GET["GOTMLS_x"]) \|\| isset($_GET["GOTMLS_y"]) \|\| isset($_GET["GOTMLS_h"]) \|\| isset($_GET["GOTMLS_w"])) {
1356	if (isset($_GET["GOTMLS_x"]))
1357	- ~~$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][~~0] = $_GET["GOTMLS_x"];
1358	if (isset($_GET["GOTMLS_y"]))
1359	- ~~$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][~~1] = $_GET["GOTMLS_y"];
1360	if (isset($_GET["GOTMLS_h"]))
1361	- ~~$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][~~2] = $_GET["GOTMLS_h"];
1362	if (isset($_GET["GOTMLS_w"]))
1363	- ~~$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][~~3] = $_GET["GOTMLS_w"];
1364	$_GET["GOTMLS_msg"] = __("New position",'gotmls');
1365	} else
1366	die("\n//Position Error: No new position to save!\n");
	@@ -1370,6 +1367,14 @@ function GOTMLS_ajax_position() {
1370	die(GOTMLS_Invalid_Nonce("\n//Position Error: ")."\n");
1371	}
1372








1373	function GOTMLS_ajax_empty_trash() {
1374	global $wpdb;
1375	$gl = '><';
	@@ -1493,7 +1498,7 @@ function GOTMLS_ajax_fix() {
1493	echo "</li>\n$li_js/-->"."/\n$callAlert\n//".$GLOBALS["GOTMLS"]["tmp"]["debug_fix"]."\n</script>\n";
1494	$li_js = "<script type=\"text/javascript\">\n/<!--"."/";
1495	} else
1496	- echo "<li>".sprintf(__("File %s not found!",'gotmls'), ~~GOTMLS_htmlentities~~($path))."</li>";
1497	GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "Automatic Fix")));
1498	}
1499	}
	@@ -1535,7 +1540,7 @@ if (typeof window.parent.showhide === "function")
1535	</script><table style="top: 0px; left: 0px; width: 100%; height: 100%; position: absolute;"><tr><td style="width: 100%"><form style="margin: 0;" method="post" action="';
1536	@set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] - 5);
1537	if (is_numeric($_GET["GOTMLS_scan"])) {
1538	- if (($Q_post = GOTMLS_get_quarantine($_GET["GOTMLS_scan"])) && isset($Q_post["post_type"]) && $Q_post["post_type"] == "GOTMLS_quarantine" && isset($Q_post["post_status"]) && $Q_post["post_status"] == "private") {
1539	////////// posts table (quarantine)
1540	$clean_file = $Q_post["post_title"];
1541	$GLOBALS["GOTMLS"]["tmp"]["file_contents"] = GOTMLS_decode($Q_post["post_content"]);


8	Contributors: scheeeli, gotmls
9	Donate link: https://gotmls.net/donate/
10	Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
11	+ Version: 4.20.95
12	*/
13	if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", (isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:(isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")))) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)) \|\| !(function_exists("add_action") && function_exists("load_plugin_textdomain")))
14	include(dirname(__FILE__)."/safe-load/index.php");

225	</ul></li>
226	<li><img src="//gravatar.com/avatar/5feb789dd3a292d563fea3b885f786d6?s=16" border="0" alt="Plugin site:"><b><a target="_blank" href="'.GOTMLS_plugin_home.'">GOTMLS.NET</a></b></li>
227	<li><img src="//gravatar.com/avatar/8151cac22b3fc543d099241fd573d176?s=16" border="0" alt="Developer site:"><b><a target="_blank" href="http://wordpress.ieonly.com/category/my-plugins/anti-malware/">Eli\'s Blog</a></b></li>
228	+ <li><img src="https://s.gravatar.com/avatar/7530906968df6594bfbe934ddc117f58?s=16" border="0" alt="mail:"><b><a target="_blank" href="mailto:eli@gotmls.net">Email Eli</a></b></li>
229	</ul>
230	<a target="_blank" href="https://www.google.com/transparencyreport/safebrowsing/diagnostic/index.html#url='.urlencode(GOTMLS_siteurl).'">Google Safe Browsing Diagnostic</a>', "stuffbox").//GOTMLS_box(__("Last Scan Status",'gotmls'), GOTMLS_scan_log(), "stuffbox").
231	$optional_box.'</div>';

268	function GOTMLS_get_scanlog() {
269	global $wpdb;
270	$LastScan = '';
271	+ if (isset($_GET["GOTMLS_cl"]) && is_numeric($_GET["GOTMLS_cl"]) && GOTMLS_get_nonce()) {
272	$SQL = $wpdb->prepare("DELETE FROM `$wpdb->options` WHERE option_name LIKE %s AND substring_index(option_name, '/', -1) < %s", 'GOTMLS_scan_log/%', $_GET["GOTMLS_cl"]);
273	if ($cleared = $wpdb->query($SQL))
274	$LastScan .= sprintf(__("Cleared %s records from the history.",'gotmls'), $cleared);
275	// else $LastScan .= $wpdb->last_error."<li>$SQL</li>";
276	}
277	+ $SQL = $wpdb->prepare("SELECT substring_index(option_name, '/', -1) AS `mt`, option_name, option_value FROM `$wpdb->options` WHERE option_name LIKE %s ORDER BY mt DESC", 'GOTMLS_scan_log/%');
278	if ($rs = $wpdb->get_results($SQL, ARRAY_A)) {
279	$units = array("seconds"=>60,"minutes"=>60,"hours"=>24,"days"=>365,"years"=>10);
280	$LastScan .= '<ul class="GOTMLS-scanlog GOTMLS-sidebar-links">';

282	$LastScan .= "\n<li>";
283	$GOTMLS_scan_log = (isset($row["option_name"])?get_option($row["option_name"], array()):array());
284	if (isset($GOTMLS_scan_log["scan"]["type"]) && strlen($GOTMLS_scan_log["scan"]["type"]))
285	+ $LastScan .= GOTMLS_sanitize($GOTMLS_scan_log["scan"]["type"]);
286	else
287	$LastScan .= "Unknown scan type";
288	if (isset($GOTMLS_scan_log["scan"]["dir"]) && is_dir($GOTMLS_scan_log["scan"]["dir"]))

360	GOTMLS_ajax_load_update();
361	GOTMLS_display_header();
362	$GOTMLS_nonce_found = GOTMLS_get_nonce();
363	+ $gt = ">"; // This local variable never changes
364	+ $lt = "<"; // This local variable never changes
365	$save_action = "";
366	$patch_attr = array(
367	array(

472	$patch_status = 2;
473	}
474	if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_firewall_option"]) && strlen($_POST["GOTMLS_firewall_option"]) && isset($_POST["GOTMLS_firewall_value"]) && strlen($_POST["GOTMLS_firewall_value"])) {
475	+ $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["firewall"][GOTMLS_sanitize($_POST["GOTMLS_firewall_option"])] = (INT) $_POST["GOTMLS_firewall_value"];
476	if (update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]))
477	$save_action = "\n{$lt}div onclick=\"this.style.display='none';\" style='position: relative; top: -40px; margin: 0 300px 0 130px;' class='updated'$gt\nSettings Saved!$lt/div$gt\n";
478	else

489	$admin_notice .= $lt.'hr /'.$gt;
490	if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_admin_username"]) && ($current_user->user_login != trim($_POST["GOTMLS_admin_username"])) && strlen(trim($_POST["GOTMLS_admin_username"])) && preg_match('/^\s[a-z_0-9\@\.\-]{3,}\s$/i', $_POST["GOTMLS_admin_username"])) {
491	if ($wpdb->update($wpdb->users, array("user_login" => trim($_POST["GOTMLS_admin_username"])), array("user_login" => $current_user->user_login))) {
492	+ $wpdb->query($wpdb->prepare("UPDATE `{$wpdb->prefix}sitemeta` SET `meta_value` = REPLACE(`meta_value`, 's:5:\"admin\";', %s) WHERE `meta_key` = 'site_admins' AND `meta_value` like %s", 's:'.strlen(trim($_POST["GOTMLS_admin_username"])).':"'.trim($_POST["GOTMLS_admin_username"]).'";', '%s:5:"admin";%'));
493	$admin_notice .= $lt.'div class="updated"'.$gt.sprintf(__("You username has been change to %s. Don't forget to use your new username when you login again.",'gotmls'), $_POST["GOTMLS_admin_username"]).$lt.'/div'.$gt;
494	} else
495	$admin_notice .= $lt.'div class="error"'.$gt.sprintf(__("SQL Error changing username: %s. Please try again later.",'gotmls'), $wpdb->last_error).$lt.'/div'.$gt;

610	if (file_exists(GOTMLS_plugin_path.'definitions_update.txt'))
611	@unlink(GOTMLS_plugin_path.'definitions_update.txt');
612	$saved = GOTMLS_update_option('definitions', $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]);
613	+ $GLOBALS["GOTMLS"]["log"]["settings"]["check"] = array();
614	foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"] as $threat_level=>$definition_names) {
615	if ($threat_level != "potential")
616	+ $GLOBALS["GOTMLS"]["log"]["settings"]["check"][] = $threat_level;
617	foreach ($definition_names as $definition_name=>$definition_version)
618	if (is_array($definition_version) && isset($definition_version[0]) && strlen($definition_version[0]) == 5)
619	if (!isset($GOTMLS_definitions_versions[$threat_level]) \|\| $definition_version[0] > $GOTMLS_definitions_versions[$threat_level])
620	$GOTMLS_definitions_versions[$threat_level] = $definition_version[0];
621	}
622	+ $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $GLOBALS["GOTMLS"]["log"]["settings"]["check"];

623	asort($GOTMLS_definitions_versions);
624	$autoUpJS .= '<span style="color: #0C0;">(Newest Definition Updates Installed.)</span>';
625	} elseif ($form != 'registerKeyForm') {

644	} elseif (isset($GOTnew_definitions) && is_array($GOTnew_definitions) && count($GOTnew_definitions))
645	$finJS .= "\nalert('Definition update $new_ver could not be saved because update_option Failed! (saved=".($saved?"TRUE":"FALSE").") $debug');";
646	if (isset($_REQUEST["UPDATE_core"]) && ($_REQUEST["UPDATE_core"] == GOTMLS_wp_version) && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][GOTMLS_wp_version])) {
647	+ foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][GOTMLS_wp_version] as $file => $md5) {
648	if (is_file(ABSPATH.$file)) {
649	$GLOBALS["GOTMLS"]["tmp"]["file_contents"] = file_get_contents(ABSPATH.$file);
650	if (GOTMLS_check_threat($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"], ABSPATH.$file)) {
651	+ if (isset($GLOBALS["GOTMLS"]["tmp"]["new_contents"]) && isset($_REQUEST["UPDATE_restore"]) && ($_REQUEST["UPDATE_restore"] == md5($GLOBALS["GOTMLS"]["tmp"]["new_contents"])."O".strlen($GLOBALS["GOTMLS"]["tmp"]["new_contents"])))
652	$autoUpJS .= "<li>Core File Restored: $file</li>";
653	else
654	$autoUpJS .= "<li>Core File MODIFIED: $file (".md5($GLOBALS["GOTMLS"]["tmp"]["file_contents"])."O".strlen($GLOBALS["GOTMLS"]["tmp"]["file_contents"])." => $md5)</li>";

656	} else
657	$autoUpJS .= "<li>Core File MISSING: $file</li>";
658	}
659	+ $autoUpJS .= '<div class="update">Definition update: '.$_REQUEST["UPDATE_core"].' checked '.count($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][GOTMLS_wp_version]).' core files!</div>';
660	}
661	die('//<![CDATA[
662	var inc_form = "";

685	function GOTMLS_settings() {
686	global $wpdb, $GOTMLS_dirs_at_depth, $GOTMLS_dir_at_depth;
687	$GOTMLS_scan_groups = array();
688	+ $gt = ">"; // This local variable never changes
689	+ $lt = "<"; // This local variable never changes
690	GOTMLS_ajax_load_update();
691	if (($GOTMLS_nonce_found = GOTMLS_get_nonce()) && isset($_REQUEST["check"]) && is_array($_REQUEST["check"]))
692	+ $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = GOTMLS_sanitize($_REQUEST["check"]);

693	if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"])) {
694	$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $GLOBALS["GOTMLS"]["tmp"]["threat_levels"];
695	update_option("GOTMLS_settings_array", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);

699	$GOTMLS_scan_groups[] = implode(GOTMLS_slash(), array_slice($dirs, -1 * (3 + $SL), 1));
700	if (isset($_POST["exclude_ext"])) {
701	if (strlen(trim(str_replace(",","",$_POST["exclude_ext"]).' ')) > 0)
702	+ $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"] = preg_split('/[\s]([,]+[\s])+/', trim(str_replace('.', ',', GOTMLS_sanitize($_POST["exclude_ext"]))), -1, PREG_SPLIT_NO_EMPTY);
703	else
704	$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"] = array();
705	}
706	$default_exclude_ext = str_replace(",gotmls", "", implode(",", $GLOBALS["GOTMLS"]["tmp"]["skip_ext"]));
707	$GLOBALS["GOTMLS"]["tmp"]["skip_ext"] = $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"];
708	if (isset($_POST["UPDATE_definitions_checkbox"])) {
709	+ if (isset($_POST[$_POST["UPDATE_definitions_checkbox"]]) && is_numeric($_POST[$_POST["UPDATE_definitions_checkbox"]]))
710	+ $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"] = (INT) $_POST[$_POST["UPDATE_definitions_checkbox"]];
711	else
712	$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"] = "";
713	}
714	if (isset($_POST["exclude_dir"])) {
715	if (strlen(trim(str_replace(",","",$_POST["exclude_dir"]).' ')) > 0)
716	+ $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"] = preg_split('/[\s]([,]+[\s])+/', trim(GOTMLS_sanitize($_POST["exclude_dir"])), -1, PREG_SPLIT_NO_EMPTY);
717	else
718	$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"] = array();
719	for ($d=0; $d<count($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"]); $d++)

722	}
723	$GLOBALS["GOTMLS"]["tmp"]["skip_dirs"] = array_merge($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"], $GLOBALS["GOTMLS"]["tmp"]["skip_dirs"]);
724	if (isset($_POST["scan_what"]) && is_numeric($_POST["scan_what"]) && $_POST["scan_what"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"])
725	+ $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"] = (INT) $_POST["scan_what"];
726	if (isset($_POST["check_custom"]) && $_POST["check_custom"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"])
727	+ $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"] = GOTMLS_verify_regex(trim(stripslashes($_POST["check_custom"])));
728	if (isset($_POST["scan_depth"]) && is_numeric($_POST["scan_depth"]) && $_POST["scan_depth"] != $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"])
729	+ $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"] = (INT) $_POST["scan_depth"];
730	+ if (isset($_POST['skip_quarantine']) && is_numeric($_POST['skip_quarantine']) && $_POST['skip_quarantine'])
731	+ $GLOBALS["GOTMLS"]["tmp"]["settings_array"]['skip_quarantine'] = (INT) $_POST['skip_quarantine'];

732	elseif (isset($_POST["exclude_ext"]))
733	$GLOBALS["GOTMLS"]["tmp"]["settings_array"]['skip_quarantine'] = 0;
734	GOTMLS_update_scan_log(array("settings" => $GLOBALS["GOTMLS"]["tmp"]["settings_array"]));

744	if (isset($files) && is_array($files))
745	foreach ($files as $file)
746	if (is_dir(GOTMLS_trailingslashit($dir).$file))
747	+ $scan_whatopts = $lt.'input type="checkbox" name="scan_only[]" value="'.GOTMLS_htmlspecialchars($file).'" /'.$gt.GOTMLS_htmlspecialchars($file).$lt.'br /'.$gt.$scan_whatopts;
748	$scan_whatopts = "\n$lt".'div style="padding: 4px 30px;" id="scan_group_div_'.$mg.'"'.$gt.$lt.'input type="radio" name="scan_what" id="not-only'.$mg.'" value="'.$mg.'"'.($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]==$mg?' checked':'').' /'.$gt.$lt.'a style="text-decoration: none;" href="#scan_what" onclick="showOnly(\''.$mg.'\');document.getElementById(\'not-only'.$mg.'\').checked=true;"'."$gt{$lt}b$gt$GOTMLS_scan_group$lt/b$gt$lt/a$gt{$lt}br /$gt\n$lt".'div class="rounded-corners" style="position: absolute; display: none; background-color: #CCF; margin: 0; padding: 10px; z-index: 10;" id="only'.$mg.'"'.$gt.$lt.'div style="padding-bottom: 6px;"'.$gt.GOTMLS_close_button('only'.$mg, 0).$lt.'b'.$gt.str_replace(" ", " ", __("Only Scan These Folders:",'gotmls')).$lt.'/b'.$gt.$lt.'/div'.$gt.$scan_whatopts;
749	}
750	$scan_optjs .= "document.getElementById('only'+what).style.display = 'block';\n}";

1014	$scan_groups_UL = "";
1015	foreach ($scan_groups as $scan_name => $scan_group)
1016	$scan_groups_UL .= "\n{$lt}ul name=\"found_$scan_group\" id=\"found_$scan_group\" class=\"GOTMLS_plugin $scan_group\" style=\"background-color: #ccc; display: none; padding: 0;\"$gt{$lt}a class=\"rounded-corners\" name=\"link_$scan_group\" style=\"float: right; padding: 0 4px; margin: 5px 5px 0 30px; line-height: 16px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;\" href=\"#found_top\" onclick=\"showhide('found_$scan_group');\"{$gt}X$lt/a$gt{$lt}h3$gt$scan_name$lt/h3$gt\n".($scan_group=='potential'?$lt.'p'.$gt.'   * '.__("NOTE: These are probably not malicious scripts (but it's a good place to start looking <u>IF</u> your site is infected and no Known Threats were found).",'gotmls').$lt.'/p'.$gt:($scan_group=='wp_core'?$lt.'p'.$gt.'   * '.sprintf(__("NOTE: We have detected changes to the WordPress Core files on your site. This could be an intentional modification or the malicious work of a hacker. We can restore these files to their original state to preserve the integrity of your original WordPress %s installation.",'gotmls'), GOTMLS_wp_version).' (for more info '.$lt.'a target="_blank" href="'.GOTMLS_plugin_home.'tag/wp-core-files/"'.$gt.__("read my blog",'gotmls').$lt.'/a'.$gt.').'.$lt.'/p'.$gt:$lt.'br /'.$gt)).$lt.'/ul'.$gt;
1017	+ if (!($dir = implode(GOTMLS_slash(), array_slice($dirs, 0, -1 * (2 + (INT) $_REQUEST["scan_what"])))))
1018	$dir = "/";
1019	+ GOTMLS_update_scan_log(array("scan" => array("dir" => $dir, "start" => time(), "type" => GOTMLS_sanitize($_REQUEST["scan_type"]))));
1020	echo GOTMLS_box($lt.'div id="GOTMLS_scan_dir" style="float: right;"'.$gt.' ('.$GLOBALS["GOTMLS"]["log"]["scan"]["dir"].") $lt/div$gt".__("Scan Details:",'gotmls'), $scan_groups_UL);
1021	$no_flush_LANGUAGE = __("Not flushing OB Handlers: %s",'gotmls');
1022	if (isset($_REQUEST["no_ob_end_flush"]))

1251	$ajax_functions = array('load_update', 'log_session', 'empty_trash', 'fix', 'logintime', 'lognewkey', 'position', 'scan', 'View_Quarantine', 'whitelist');
1252	if (GOTMLS_get_nonce()) {
1253	if (isset($_REQUEST["dont_check"]) && is_array($_REQUEST["dont_check"]) && count($_REQUEST["dont_check"]))
1254	+ $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"] = GOTMLS_sanitize($_REQUEST["dont_check"]);
1255	elseif (isset($_POST["scan_type"]) \|\| !(isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"])))
1256	$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["dont_check"] = array();
1257	if (isset($_POST["scan_level"]) && is_numeric($_POST["scan_level"]))

1317	)
1318	);
1319	}
1320	+ add_action("init", "GOTMLS_init");
1321
1322	function GOTMLS_ajax_log_session() {
1323	header("Content-type: text/javascript");

1351	</script'.$gl.'/head';
1352	} elseif (isset($_GET["GOTMLS_x"]) \|\| isset($_GET["GOTMLS_y"]) \|\| isset($_GET["GOTMLS_h"]) \|\| isset($_GET["GOTMLS_w"])) {
1353	if (isset($_GET["GOTMLS_x"]))
1354	+ GOTMLS_validate_position(0, $_GET["GOTMLS_x"]);
1355	if (isset($_GET["GOTMLS_y"]))
1356	+ GOTMLS_validate_position(1, $_GET["GOTMLS_y"]);
1357	if (isset($_GET["GOTMLS_h"]))
1358	+ GOTMLS_validate_position(2, $_GET["GOTMLS_h"]);
1359	if (isset($_GET["GOTMLS_w"]))
1360	+ GOTMLS_validate_position(3, $_GET["GOTMLS_w"]);
1361	$_GET["GOTMLS_msg"] = __("New position",'gotmls');
1362	} else
1363	die("\n//Position Error: No new position to save!\n");

1367	die(GOTMLS_Invalid_Nonce("\n//Position Error: ")."\n");
1368	}
1369
1370	+ function GOTMLS_validate_position($vector, $position) {
1371	+ if (preg_match('/^[0-9]+px$/', $position)) {
1372	+ $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["msg_position"][$vector] = $position;
1373	+ return true;
1374	+ } else
1375	+ return false;
1376	+ }
1377	+
1378	function GOTMLS_ajax_empty_trash() {
1379	global $wpdb;
1380	$gl = '><';

1498	echo "</li>\n$li_js/-->"."/\n$callAlert\n//".$GLOBALS["GOTMLS"]["tmp"]["debug_fix"]."\n</script>\n";
1499	$li_js = "<script type=\"text/javascript\">\n/<!--"."/";
1500	} else
1501	+ echo "<li>".sprintf(__("File %s not found!",'gotmls'), GOTMLS_htmlspecialchars($path))."</li>";
1502	GOTMLS_update_scan_log(array("scan" => array("finish" => time(), "type" => "Automatic Fix")));
1503	}
1504	}

1540	</script><table style="top: 0px; left: 0px; width: 100%; height: 100%; position: absolute;"><tr><td style="width: 100%"><form style="margin: 0;" method="post" action="';
1541	@set_time_limit($GLOBALS["GOTMLS"]["tmp"]['execution_time'] - 5);
1542	if (is_numeric($_GET["GOTMLS_scan"])) {
1543	+ if (($Q_post = GOTMLS_get_quarantine((INT) $_GET["GOTMLS_scan"])) && isset($Q_post["post_type"]) && $Q_post["post_type"] == "GOTMLS_quarantine" && isset($Q_post["post_status"]) && $Q_post["post_status"] == "private") {
1544	////////// posts table (quarantine)
1545	$clean_file = $Q_post["post_title"];
1546	$GLOBALS["GOTMLS"]["tmp"]["file_contents"] = GOTMLS_decode($Q_post["post_content"]);

readme.txt CHANGED Viewed

	@@ -5,10 +5,10 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
5	Contributors: scheeeli, gotmls
6	Donate link: https://gotmls.net/donate/
7	Tags: security, firewall, anti-malware, scanner, automatic, repair, remove, malware, virus, threat, hacked, malicious, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
8	- Version: 4.20.94
9	- Stable tag: 4.20.94
10	Requires at least: 3.3
11	- Tested up to: 5.~~8.3~~
12
13	This Anti-Malware scanner searches for Malware, Viruses, and other security threats and vulnerabilities on your server and it helps you fix them.
14
	@@ -93,6 +93,10 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
93
94	== Changelog ==
95




96	= 4.20.94 =
97	* Fixed an XSS vulnerability and checked code for compatibility with WordPress 5.8.3.
98
	@@ -376,6 +380,9 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
376
377	== Upgrade Notice ==
378



379	= 4.20.94 =
380	Fixed an XSS vulnerability and checked code for compatibility with WordPress 5.8.3.
381


5	Contributors: scheeeli, gotmls
6	Donate link: https://gotmls.net/donate/
7	Tags: security, firewall, anti-malware, scanner, automatic, repair, remove, malware, virus, threat, hacked, malicious, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
8	+ Version: 4.20.95
9	+ Stable tag: 4.20.95
10	Requires at least: 3.3
11	+ Tested up to: 5.9
12
13	This Anti-Malware scanner searches for Malware, Viruses, and other security threats and vulnerabilities on your server and it helps you fix them.
14

93
94	== Changelog ==
95
96	+ = 4.20.95 =
97	+ * Added more sanitization and validation to all user data entered for better security.
98	+ * checked code for compatibility with WordPress 5.9.
99	+
100	= 4.20.94 =
101	* Fixed an XSS vulnerability and checked code for compatibility with WordPress 5.8.3.
102

380
381	== Upgrade Notice ==
382
383	+ = 4.20.95 =
384	+ Added more sanitization and validation to all user data entered for better security and checked code for compatibility with WordPress 5.9.
385	+
386	= 4.20.94 =
387	Fixed an XSS vulnerability and checked code for compatibility with WordPress 5.8.3.
388

Anti-Malware Security and Brute-Force Firewall - Version 4.20.95

Version Description

Release Info

Code changes from version 4.20.94 to 4.20.95