Sucuri Security – Auditing, Malware Scanner and Security Hardening - Version 1.5.1

Version Description

Download this release

Release Info

Developer dd@sucuri.net
Plugin Icon 128x128 Sucuri Security – Auditing, Malware Scanner and Security Hardening
Version 1.5.1
Comparing to
See all releases

Code changes from version 1.5.0 to 1.5.1

inc/css/sucuriscan-default-css.css CHANGED
@@ -23,3 +23,5 @@
23
.sucuriscan-maincontent hr{border:none;border-top:1px solid #999}
24
.sucuriscan-maincontent table td > table{background:#fff}
25
.sucuriscan-maincontent table td > table th{padding:4px 8px}
23
.sucuriscan-maincontent hr{border:none;border-top:1px solid #999}
24
.sucuriscan-maincontent table td > table{background:#fff}
25
.sucuriscan-maincontent table td > table th{padding:4px 8px}
26
+ .sucuriscan-maincontent .sucuriscan-lastmodified td, .sucuriscan-maincontent .sucuriscan-corefiles td{font-family:Monaco, Monspace, Courier;font-weight:bold}
27
+ .sucuriscan-maincontent .sucuriscan-corefiles tr > th{background:#f1f1f1;background-image:-webkit-gradient(linear,left bottom,left top,from(#ececec),to(#f9f9f9));background-image:-webkit-linear-gradient(bottom,#ececec,#f9f9f9);background-image:-moz-linear-gradient(bottom,#ececec,#f9f9f9);background-image:-o-linear-gradient(bottom,#ececec,#f9f9f9);background-image:linear-gradient(to top,#ececec,#f9f9f9)}
inc/tpl/posthack.html.tpl CHANGED
@@ -22,7 +22,7 @@
22
23
<p>
24
Use this button to update the security keys stored in the <code>wp-config.php</code>
25
- file, we will use the official Wordpress Secret-Key API Generator. After the
26
update your current session will be closed and you'll need to login again.
27
</p>
28
@@ -51,7 +51,7 @@
51
<p>
52
Use this button to reset the current password for some specific users or for all
53
of them. We will send an email to each of those users adivising the password change
54
- that includes the new password automatically generated by Wordpress. After the
55
password reset your current session will be closed and you'll need to login again.
56
</p>
57
22
23
<p>
24
Use this button to update the security keys stored in the <code>wp-config.php</code>
25
+ file, we will use the official WordPress Secret-Key API Generator. After the
26
update your current session will be closed and you'll need to login again.
27
</p>
28
51
<p>
52
Use this button to reset the current password for some specific users or for all
53
of them. We will send an email to each of those users adivising the password change
54
+ that includes the new password automatically generated by WordPress. After the
55
password reset your current session will be closed and you'll need to login again.
56
</p>
57
lib/core_integrity.php CHANGED
@@ -8,18 +8,6 @@ if(!defined('SUCURISCAN'))
8
return(0);
9
}
10
11
- function sucuriscan_core_integrity_wrapper($content, $msg)
12
- {
13
- echo '<div class="postbox">';
14
- echo '<h3>'.$msg.'</h3>';
15
- echo '<div class="inside">';
16
- foreach ($content as $key => $value) {
17
- echo "<p>$key</p>";
18
- }
19
- echo '</div>';
20
- echo '</div>';
21
- }
22
-
23
function read_dir_r($dir = "./", $recursiv = false)
24
{
25
$skipname = basename(__FILE__);
@@ -70,19 +58,10 @@ function sucuriwp_core_integrity_check()
70
71
$cp = 0;
72
$updates = get_core_updates();
73
- if (!is_array($updates))
74
- {
75
$cp = 1;
76
}
77
- else if(empty($updates))
78
- {
79
- $cp = 1;
80
- }
81
- else if($updates[0]->response == 'latest')
82
- {
83
- $cp = 1;
84
- }
85
- if(strcmp($wp_version, "3.4.2") < 0)
86
{
87
$cp = 0;
88
}
@@ -90,69 +69,91 @@ function sucuriwp_core_integrity_check()
90
91
if($cp == 0)
92
{
93
- echo '<p><img style="position:relative;top:5px" height="22" width="22"'.
94
- 'src="'.SUCURI_URL.'images/warn.png" /> &nbsp; Your current version ('.$wp_version.') is not the latest. <a class="button-primary" href="update-core.php">Update now!</a> to be able to run the integrity check.</p>';
95
}
96
else
97
{
98
99
- $wp_core_latest_hashes = json_decode(file_get_contents("http://wordpress.sucuri.net/wp_core_latest_hashes.json"), true);
100
101
- $wp_includes_hashes = read_dir_r( ABSPATH . "wp-includes", true);
102
- $wp_admin_hashes = read_dir_r( ABSPATH . "wp-admin", true);
103
- $wp_top_hashes = read_dir_r( ABSPATH , false);
104
105
- $wp_core_hashes = array_merge( $wp_includes_hashes , $wp_admin_hashes );
106
- $wp_core_hashes = array_merge( $wp_core_hashes , $wp_top_hashes );
107
108
- $added = @array_diff_assoc( $wp_core_hashes, $wp_core_latest_hashes ); //files added
109
- $removed = @array_diff_assoc( $wp_core_latest_hashes, $wp_core_hashes ); //files deleted
110
- unset($removed['wp_version']); //ignore wp_version key
111
- $compcurrent = @array_diff_key( $wp_core_hashes, $added ); //remove all added files from current filelist
112
- $complog = @array_diff_key( $wp_core_latest_hashes, $removed ); //remove all deleted files from old file list
113
- $modified = array(); //array of modified files
114
115
- //compare file hashes and mod dates
116
- foreach ( $compcurrent as $currfile => $currattr) {
117
118
- if ( array_key_exists( $currfile, $complog ) ) {
119
120
- //if attributes differ added to modified files array
121
- if ( strcmp( $currattr['md5'], $complog[$currfile]['md5'] ) != 0 ) {
122
- $modified[$currfile]['md5'] = $currattr['md5'];
123
}
124
125
}
126
127
- }
128
129
- //ignore some junk files
130
- if($curlang != "en_US")
131
- {
132
- //ignore added files
133
- unset($added['./licencia.txt']);
134
135
- //ignore removed files
136
- unset($removed['./license.txt']);
137
138
- //ignore modified files
139
- unset($modified['./wp-includes/version.php']);
140
- unset($modified['./wp-admin/setup-config.php']);
141
- unset($modified['./readme.html']);
142
- unset($modified['./wp-config-sample.php']);
143
}
144
-
145
- //get count of changes
146
- $addcount = sizeof( $added );
147
- $removecount = sizeof( $removed );
148
- $changecount = sizeof( $modified );
149
-
150
- sucuriscan_core_integrity_wrapper($added, "Core File Added: $addcount");
151
- sucuriscan_core_integrity_wrapper($removed, "Core File Removed: $removecount");
152
- sucuriscan_core_integrity_wrapper($modified, "Core File Modified: $changecount");
153
}
154
}
155
156
function sucuriwp_list_admins($userlevel = '10') {
157
158
global $wpdb;
@@ -202,25 +203,6 @@ function sucuriwp_list_admins($userlevel = '10') {
202
echo sucuriscan_get_template('integrity-admins.html.tpl', $template_variables);
203
}
204
205
- function sucuriwp_content_check()
206
- {
207
- $wp_content_hashes = read_dir_r( ABSPATH . "wp-content", true);
208
- $days = htmlspecialchars(trim((int)$_POST['sucuriwp_content_check_back']));
209
- $back_days = current_time( 'timestamp' ) - ( $days * 86400);
210
-
211
- echo '<div class="postbox">';
212
- echo "<h3>wp_content latest modified files</h3>";
213
- echo '<div class="inside">';
214
- foreach ( $wp_content_hashes as $key => $value) {
215
- if ($value['time'] >= $back_days ){
216
- $date = date('d-m-Y H:i:s', $value['time']);
217
- echo "<p>$key : $date </p>";
218
- }
219
- }
220
- echo '</div>';
221
- echo '</div>';
222
- }
223
-
224
function sucuriwp_check_plugins()
225
{
226
do_action("wp_update_plugins"); // force WP to check plugins for updates
8
return(0);
9
}
10
11
function read_dir_r($dir = "./", $recursiv = false)
12
{
13
$skipname = basename(__FILE__);
58
59
$cp = 0;
60
$updates = get_core_updates();
61
+ if( !is_array($updates) || empty($updates) || $updates[0]->response=='latest' ){
62
$cp = 1;
63
}
64
+ if(strcmp($wp_version, "3.7") < 0)
65
{
66
$cp = 0;
67
}
69
70
if($cp == 0)
71
{
72
+ echo '<p><img style="position:relative;top:5px" height="22" width="22" '
73
+ .'src="'.SUCURI_URL.'images/warn.png" /> &nbsp; Your current version ('.$wp_version.') is not the latest. '
74
+ .'<a class="button-primary" href="update-core.php">Update now!</a> to be able to run the integrity check.</p>';
75
}
76
else
77
{
78
+ $latest_hashes = @file_get_contents("http://wordpress.sucuri.net/wp_core_latest_hashes.json");
79
+ if($latest_hashes){
80
+ $wp_core_latest_hashes = json_decode($latest_hashes, true);
81
82
+ $wp_includes_hashes = read_dir_r( ABSPATH . "wp-includes", true);
83
+ $wp_admin_hashes = read_dir_r( ABSPATH . "wp-admin", true);
84
+ $wp_top_hashes = read_dir_r( ABSPATH , false);
85
86
+ $wp_core_hashes = array_merge( $wp_includes_hashes , $wp_admin_hashes );
87
+ $wp_core_hashes = array_merge( $wp_core_hashes , $wp_top_hashes );
88
89
+ $added = @array_diff_assoc( $wp_core_hashes, $wp_core_latest_hashes ); //files added
90
+ $removed = @array_diff_assoc( $wp_core_latest_hashes, $wp_core_hashes ); //files deleted
91
+ unset($removed['wp_version']); //ignore wp_version key
92
+ $compcurrent = @array_diff_key( $wp_core_hashes, $added ); //remove all added files from current filelist
93
+ $complog = @array_diff_key( $wp_core_latest_hashes, $removed ); //remove all deleted files from old file list
94
+ $modified = array(); //array of modified files
95
96
+ //compare file hashes and mod dates
97
+ foreach ( $compcurrent as $currfile => $currattr) {
98
99
+ if ( array_key_exists( $currfile, $complog ) ) {
100
101
+ //if attributes differ added to modified files array
102
+ if ( strcmp( $currattr['md5'], $complog[$currfile]['md5'] ) != 0 ) {
103
+ $modified[$currfile]['md5'] = $currattr['md5'];
104
+ }
105
106
}
107
108
}
109
110
+ //ignore some junk files
111
+ if($curlang != "en_US")
112
+ {
113
+ //ignore added files
114
+ unset($added['./licencia.txt']);
115
116
+ //ignore removed files
117
+ unset($removed['./license.txt']);
118
119
+ //ignore modified files
120
+ unset($modified['./wp-includes/version.php']);
121
+ unset($modified['./wp-admin/setup-config.php']);
122
+ unset($modified['./readme.html']);
123
+ unset($modified['./wp-config-sample.php']);
124
+ }
125
126
+ sucuriscan_draw_corefiles_status(array(
127
+ 'added'=>$added,
128
+ 'removed'=>$removed,
129
+ 'modified'=>$modified
130
+ ));
131
+ }else{
132
+ sucuriscan_admin_notice('error', 'Error retrieving the wordpress core hashes, try again.');
133
}
134
}
135
}
136
137
+ function sucuriscan_draw_corefiles_status($list=array()){
138
+ if( is_array($list) && !empty($list) ): ?>
139
+ <table class="wp-list-table widefat sucuriscan-corefiles">
140
+ <thead>
141
+ <tr><th>Core files altered</th></tr>
142
+ </thead>
143
+ <tbody>
144
+ <?php
145
+ foreach($list as $core_file_type=>$core_file_list){
146
+ printf('<tr><th>Core File %s: %d</th></tr>', ucwords($core_file_type), sizeof($core_file_list));
147
+ foreach($core_file_list as $filepath=>$extrainfo){
148
+ printf('<tr><td>%s</td></tr>', $filepath);
149
+ }
150
+ }
151
+ ?>
152
+ </tbody>
153
+ </table>
154
+ <?php endif; ?>
155
+ <?php }
156
+
157
function sucuriwp_list_admins($userlevel = '10') {
158
159
global $wpdb;
203
echo sucuriscan_get_template('integrity-admins.html.tpl', $template_variables);
204
}
205
206
function sucuriwp_check_plugins()
207
{
208
do_action("wp_update_plugins"); // force WP to check plugins for updates
lib/hardening.php CHANGED
@@ -93,7 +93,7 @@ function sucuriscan_harden_version()
93
{
94
$cp = 1;
95
}
96
- if(strcmp($wp_version, "3.4.2") < 0)
97
{
98
$cp = 0;
99
}
@@ -361,12 +361,7 @@ function sucuriscan_harden_phpversion()
361
}
362
363
function sucuriscan_cloudproxy_enabled(){
364
- $enabled = FALSE;
365
-
366
- if(
367
- isset($_SERVER['SUCURIREAL_REMOTE_ADDR'])
368
- || preg_match('/cloudproxy.*\.sucuri\.net/', gethostbyaddr(gethostbyname($_SERVER['HTTP_HOST'])))
369
- ){ $enabled = TRUE; }
370
371
sucuriscan_wrapper_open('Verify if your site is protected by a Web Firewall');
372
sucuriscan_harden_status(
93
{
94
$cp = 1;
95
}
96
+ if(strcmp($wp_version, "3.7") < 0)
97
{
98
$cp = 0;
99
}
361
}
362
363
function sucuriscan_cloudproxy_enabled(){
364
+ $enabled = sucuriscan_is_behind_cloudproxy();
365
366
sucuriscan_wrapper_open('Verify if your site is protected by a Web Firewall');
367
sucuriscan_harden_status(
readme.txt CHANGED
@@ -3,8 +3,8 @@ Contributors: dd@sucuri.net, dremeda
3
Donate Link: http://sitecheck.sucuri.net
4
Tags: malware, security, scan, spam, virus, sucuri, WordPress,
5
Requires at least:3.2
6
- Stable tag:1.5.0
7
- Tested up to: 3.6
8
9
The Sucuri Security - SiteCheck Malware Scanner plugin enables you to scan your WordPress site using Sucuri SiteCheck and verify the integrity of your core files right in your dashboard. It also includes post-hack options to help you reset passwords and secret keys in case it has been already hacked.
10
3
Donate Link: http://sitecheck.sucuri.net
4
Tags: malware, security, scan, spam, virus, sucuri, WordPress,
5
Requires at least:3.2
6
+ Stable tag:1.5.1
7
+ Tested up to: 3.7.1
8
9
The Sucuri Security - SiteCheck Malware Scanner plugin enables you to scan your WordPress site using Sucuri SiteCheck and verify the integrity of your core files right in your dashboard. It also includes post-hack options to help you reset passwords and secret keys in case it has been already hacked.
10
sucuri.php CHANGED
@@ -6,8 +6,8 @@ Description: The <a href="http://sucuri.net">Sucuri Security</a> - SiteCheck Mal
6
7
You can also scan your site at <a href="http://sitecheck.sucuri.net">SiteCheck.Sucuri.net</a>.
8
9
- Author: Sucuri Security
10
- Version: 1.5.0
11
Author URI: http://sucuri.net
12
*/
13
@@ -23,7 +23,7 @@ if(!function_exists('add_action'))
23
@ignore_user_abort(TRUE);
24
25
define('SUCURISCAN','sucuriscan');
26
- define('SUCURISCAN_VERSION','1.5.0');
27
define('SUCURI_URL',plugin_dir_url( __FILE__ ));
28
define('SUCURISCAN_PLUGIN_FOLDER', 'sucuri-scanner');
29
define('SUCURISCAN_LASTLOGINS_USERSLIMIT', 100);
@@ -136,6 +136,8 @@ function sucuriscan_print_scan()
136
echo '</div>';
137
echo '</div>';
138
echo '</div>';
139
}else{
140
$res = unserialize($myresults['body']);
141
@@ -543,7 +545,7 @@ function sucuriscan_posthack_page()
543
if( isset($_POST['sucuri_posthack_action']) ){
544
if( !wp_verify_nonce($_POST['sucuri_posthack_nonce'], 'sucuri_posthack_nonce') )
545
{
546
- wp_die(__('Wordpress Nonce verification failed, try again going back and checking the form.') );
547
}
548
549
switch($_POST['sucuri_posthack_action']){
@@ -645,6 +647,21 @@ function sucuriscan_get_remoteaddr()
645
return $remote_addr;
646
}
647
648
function sucuriscan_lastlogins_page()
649
{
650
if( !current_user_can('manage_options') )
6
7
You can also scan your site at <a href="http://sitecheck.sucuri.net">SiteCheck.Sucuri.net</a>.
8
9
+ Author: Sucuri, INC
10
+ Version: 1.5.1
11
Author URI: http://sucuri.net
12
*/
13
23
@ignore_user_abort(TRUE);
24
25
define('SUCURISCAN','sucuriscan');
26
+ define('SUCURISCAN_VERSION','1.5.1');
27
define('SUCURI_URL',plugin_dir_url( __FILE__ ));
28
define('SUCURISCAN_PLUGIN_FOLDER', 'sucuri-scanner');
29
define('SUCURISCAN_LASTLOGINS_USERSLIMIT', 100);
136
echo '</div>';
137
echo '</div>';
138
echo '</div>';
139
+ }else if( preg_match('/^ERROR:/', $myresults['body']) ){
140
+ sucuriscan_admin_notice('error', $myresults['body'].' The URL scanned was: <code>'.$website_scanned.'</code>');
141
}else{
142
$res = unserialize($myresults['body']);
143
545
if( isset($_POST['sucuri_posthack_action']) ){
546
if( !wp_verify_nonce($_POST['sucuri_posthack_nonce'], 'sucuri_posthack_nonce') )
547
{
548
+ wp_die(__('WordPress Nonce verification failed, try again going back and checking the form.') );
549
}
550
551
switch($_POST['sucuri_posthack_action']){
647
return $remote_addr;
648
}
649
650
+ function sucuriscan_is_behind_cloudproxy(){
651
+ $http_host = isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : '127.0.0.1';
652
+ if( preg_match('/^(.*):.*/', $http_host, $match) ){ $http_host = $match[1]; }
653
+ $host = gethostbyaddr(gethostbyname($http_host));
654
+
655
+ if(
656
+ isset($_SERVER['SUCURIREAL_REMOTE_ADDR'])
657
+ || preg_match('/cloudproxy.*\.sucuri\.net/', $host)
658
+ ){
659
+ return TRUE;
660
+ }
661
+
662
+ return FALSE;
663
+ }
664
+
665
function sucuriscan_lastlogins_page()
666
{
667
if( !current_user_can('manage_options') )
sucuriscan_core_integrity.php CHANGED
@@ -12,51 +12,84 @@ if(!defined('SUCURISCAN'))
12
13
/* Sucuri WordPress Integrity page. */
14
15
- function sucuriscan_core_integrity_function_wrapper($function_name, $stitle, $description)
16
- {
17
- echo '<div class="postbox">';
18
- echo '<div class="inside">';
19
- echo '<form action="" method="post">'.
20
- '<input type="hidden" name="'.$function_name.'nonce" value="'.wp_create_nonce($function_name.'nonce').'" />'.
21
- '<input type="hidden" name="'.$function_name.'" value="'.$function_name.'" />'.
22
- '<h4>'.$stitle.'</h4>'.
23
- '<p>'.$description.'</p>'.
24
- '<input class="button-primary" type="submit" name="'.$function_name.'" value="Check">'.
25
- '</form>';
26
- echo '</div>';
27
- echo '</div>';
28
-
29
- if (isset($_POST[$function_name.'nonce']) && isset($_POST[$function_name])) {
30
- $function_name();
31
- }
32
- }
33
-
34
- function sucuriscan_core_integrity_wp_content_wrapper()
35
- {
36
- echo '<div class="postbox">';
37
- echo '<div class="inside">';
38
- echo '<form action="" method="post">'.
39
- '<input type="hidden" name="sucuriwp_content_checknonce" value="'.wp_create_nonce('sucuriwp_content_checknonce').'" />'.
40
- '<input type="hidden" name="sucuriwp_content_check" value="sucuriwp_content_check" />'.
41
- '<h4>Latest modified files</h4>'.
42
- '<p>This test will list all files inside wp-content that have been modified in the past
43
-
44
- <select name="sucuriwp_content_check_back">
45
- <option value="1">1</option>
46
- <option value="3">3</option>
47
- <option value="7">7</option>
48
- <option value="30">30</option>
49
- </select> days. (select the number of days first)</p>'.
50
-
51
- '<input class="button-primary" type="submit" name="sucuriwp_content_check" value="Check">'.
52
- '</form>';
53
- echo '</div>';
54
- echo '</div>';
55
-
56
- if (isset($_POST['sucuriwp_content_checknonce']) && isset($_POST['sucuriwp_content_check'])) {
57
- sucuriwp_content_check();
58
- }
59
- }
60
61
function sucuriscan_core_integrity_lib()
62
{
@@ -87,7 +120,7 @@ function sucuriscan_core_integrity_lib()
87
<?php
88
89
sucuriscan_core_integrity_function_wrapper(
90
- 'sucuriwp_core_integrity_check',
91
'Verify Integrity of WordPress Core Files',
92
'This test will check wp-includes, wp-admin, and the top directory files against the latest WordPress hashing database. If any of those files were modified, it is a big sign of a possible compromise.'
93
);
@@ -95,17 +128,17 @@ function sucuriscan_core_integrity_lib()
95
sucuriscan_core_integrity_wp_content_wrapper();
96
97
sucuriscan_core_integrity_function_wrapper(
98
- 'sucuriwp_list_admins',
99
'Admin User Dump',
100
'List all administrator users and their latest login time.'
101
);
102
sucuriscan_core_integrity_function_wrapper(
103
- 'sucuriwp_check_plugins',
104
'Outdated Plugin list',
105
'This test will list any outdated (active) plugins.'
106
);
107
sucuriscan_core_integrity_function_wrapper(
108
- 'sucuriwp_check_themes',
109
'Outdated Theme List',
110
'This test will list any outdated theme.'
111
);
12
13
/* Sucuri WordPress Integrity page. */
14
15
+ function sucuriscan_core_integrity_function_wrapper($function_name, $stitle, $description){ ?>
16
+ <div class="postbox">
17
+ <div class="inside">
18
+ <form method="post">
19
+ <input type="hidden" name="<?php echo $function_name; ?>nonce" value="<?php echo wp_create_nonce($function_name.'nonce'); ?>" />
20
+ <input type="hidden" name="<?php echo $function_name; ?>" value="1" />
21
+ <h4><?php echo $stitle; ?></h4>
22
+ <p><?php echo $description; ?></p>
23
+ <input class="button-primary" type="submit" name="<?php echo $function_name; ?>" value="Check" />
24
+ </form>
25
+ <br />
26
+ <?php
27
+ if (isset($_POST[$function_name.'nonce']) && isset($_POST[$function_name])) {
28
+ if( function_exists($function_name) ){
29
+ $function_name();
30
+ }
31
+ }
32
+ ?>
33
+ </div>
34
+ </div>
35
+ <?php }
36
+
37
+ function sucuriscan_core_integrity_wp_content_wrapper(){ ?>
38
+ <div class="postbox">
39
+ <h3>Latest modified files</h3>
40
+ <div class="inside">
41
+ <form method="post">
42
+ <input type="hidden" name="sucuriwp_content_checknonce" value="<?php echo wp_create_nonce('sucuriwp_content_checknonce'); ?>" />
43
+ <input type="hidden" name="sucuriwp_content_check" value="sucuriwp_content_check" />
44
+ <p>
45
+ This test will list all files inside wp-content that have been modified in the past
46
+ <select name="sucuriwp_content_check_back">
47
+ <?php foreach(array( 1,3,7,30 ) as $days): ?>
48
+ <?php $selected =
49
+ ( isset($_POST['sucuriwp_content_check_back']) && $_POST['sucuriwp_content_check_back']==$days )
50
+ ? 'selected="selected"' : ''; ?>
51
+ <option value="<?php echo $days; ?>" <?php echo $selected; ?>><?php echo $days; ?></option>
52
+ <?php endforeach; ?>
53
+ </select> days. (select the number of days first)
54
+ </p>
55
+ <input class="button-primary" type="submit" name="sucuriwp_content_check" value="Check">
56
+ </form>
57
+
58
+ <?php if (
59
+ isset($_POST['sucuriwp_content_checknonce'])
60
+ // && wp_verify_nonce($_POST['sucuriwp_content_checknonce'], 'sucuriwp_content_checknonce')
61
+ && isset($_POST['sucuriwp_content_check'])
62
+ ): ?>
63
+ <br />
64
+ <table class="wp-list-table widefat sucuriscan-lastmodified">
65
+ <thead>
66
+ <tr>
67
+ <th colspan="2">wp_content latest modified files</th>
68
+ </tr>
69
+ <tr>
70
+ <th class="manage-column">Filepath</th>
71
+ <th class="manage-column">Modification date/time</th>
72
+ </tr>
73
+ </thead>
74
+ <tbody>
75
+ <?php
76
+ $wp_content_hashes = read_dir_r(ABSPATH.'wp-content', true);
77
+ $days = htmlspecialchars(trim((int)$_POST['sucuriwp_content_check_back']));
78
+ $back_days = current_time( 'timestamp' ) - ( $days * 86400);
79
+
80
+ foreach ( $wp_content_hashes as $key => $value) {
81
+ if ($value['time'] >= $back_days ){
82
+ $date = date('d-m-Y H:i:s', $value['time']);
83
+ printf('<tr><td>%s</td><td>%s</td></tr>', $key, $date);
84
+ }
85
+ }
86
+ ?>
87
+ </tbody>
88
+ </table>
89
+ <?php endif; ?>
90
+ </div>
91
+ </div>
92
+ <?php }
93
94
function sucuriscan_core_integrity_lib()
95
{
120
<?php
121
122
sucuriscan_core_integrity_function_wrapper(
123
+ 'sucuriwp_core_integrity_check',
124
'Verify Integrity of WordPress Core Files',
125
'This test will check wp-includes, wp-admin, and the top directory files against the latest WordPress hashing database. If any of those files were modified, it is a big sign of a possible compromise.'
126
);
128
sucuriscan_core_integrity_wp_content_wrapper();
129
130
sucuriscan_core_integrity_function_wrapper(
131
+ 'sucuriwp_list_admins',
132
'Admin User Dump',
133
'List all administrator users and their latest login time.'
134
);
135
sucuriscan_core_integrity_function_wrapper(
136
+ 'sucuriwp_check_plugins',
137
'Outdated Plugin list',
138
'This test will list any outdated (active) plugins.'
139
);
140
sucuriscan_core_integrity_function_wrapper(
141
+ 'sucuriwp_check_themes',
142
'Outdated Theme List',
143
'This test will list any outdated theme.'
144
);