Acunetix WP Security - Version 2.2.60.2

Version Description

Release Info

Developer	hallsofmontezuma
Plugin	Acunetix WP Security
Version	2.2.60.2
Comparing to
See all releases

Code changes from version 2.2.60.1 to 2.2.60.2

Files changed (13) hide show

trunk/database.php +158 -0
trunk/functions.php +128 -0
trunk/images/bt.gif +0 -0
trunk/js/scripts.js +27 -0
trunk/password_tools.php +20 -0
trunk/readme.txt +120 -0
trunk/scanner.php +31 -0
trunk/screenshot-1.jpg +0 -0
trunk/screenshot-2.jpg +0 -0
trunk/scripts.js +28 -0
trunk/securityscan.php +189 -0
trunk/style.css +55 -0
trunk/support.php +18 -0

trunk/database.php ADDED Viewed

	@@ -0,0 +1,158 @@


1	+ <?php
2	+ /*
3	+ Thank you Philipp Heinze.
4	+ */
5	+
6	+ function mrt_sub3(){
7	+ ?>
8	+ <div class=wrap>
9	+ <h2><?php _e('WP - Database Security') ?></h2>
10	+ <div style="height:299px"><br />
11	+ <h3><i>Make a backup of your database before using this tool:</i></h3>
12	+
13	+ <?php /*global $wpdb;
14	+ $mrtright = $wpdb->get_results("SHOW GRANTS FOR '".DB_USER."'@'".DB_HOST."'", ARRAY_N);
15	+ echo "rights: ";
16	+ print_r($mrtright);*/
17	+ ?>
18	+
19	+ <p>Change your database table prefix to mitigate zero-day SQL Injection attacks.</p>
20	+ <form action='' method='post' name='prefixchanging'>
21	+ <?php
22	+ if (function_exists('wp_nonce_field')) {
23	+ wp_nonce_field('prefix-changer-change_prefix');
24	+ }
25	+ ?>
26	+ Please Change the current:<input type="Text" name="prefix_n" value="<?php echo($GLOBALS['table_prefix']);?>" size="20" maxlength="50"> prefix to something different (i.e. use the random password generator).<br />
27	+ Allowed Chars are all latin Alphanumeric Chars as well as the Chars <strong>-</strong> and <strong>_</strong>.
28	+ <input type='submit' name='renameprefix' value='Start Renaming'/>
29	+ </form>
30	+
31	+ <?php
32	+ if (isset($_POST['prefix_n'])) {
33	+ check_admin_referer('prefix-changer-change_prefix');
34	+ $wpdb =& $GLOBALS['wpdb'];
35	+ $newpref = ereg_replace("[^0-9a-zA-Z_-]", "", $_POST['prefix_n']);
36	+ //checking if user has enough rights to alter the Tablestructure
37	+ $rights = $wpdb->get_results("SHOW GRANTS FOR '".DB_USER."'@'".DB_HOST."'", ARRAY_N);
38	+ foreach ($rights as $right) {
39	+ if (ereg("ALTER(.)(\\|`".str_replace("_", "\\_", DB_NAME)."`)\.(\\|`".DB_HOST."`) TO '".DB_USER."'@'".DB_HOST."'", $right[0]) \|\| ereg("ALL PRIVILEGES ON (\\|`".str_replace("_", "\\_", DB_NAME)."`)\.(\*\|`".DB_HOST."`) TO '".DB_USER."'@'".DB_HOST."'", $right[0])) {
40	+ $rightsenough = true;
41	+ $rightstomuch = true;
42	+ break;
43	+ } else {
44	+ if (ereg("ALTER(.*)`".DB_NAME."`", $right[0])) {
45	+ $rightsenough = true;
46	+ break;
47	+ }
48	+ }
49	+ }
50	+ if (!isset($rightsenough) && $rightsenough != true) {
51	+ exit('<font color="#ff0000">Your User which is used to access your Wordpress Tables/Database, hasn\'t enough rights( is missing ALTER-right) to alter your Tablestructure. Please visit the plugin <a href="http://semperfiwebdesign.com/documentation/wp-security-scan/change-wordpress-database-table-name-prefix/" target=_blank">documentation</a> for more information.<br />');
52	+ }
53	+ if (isset($rightstomuch) && $rightstomuch === true) {
54	+ echo ('<font color="#FF9B05">Your currently used User to Access the Wordpress Database, holds too many rights. '.
55	+ 'We suggest that you limit his rights or to use another User with more limited rights instead, to increase your Security.</font><br />');
56	+ }
57	+ if ($newpref == $GLOBALS['table_prefix']) {
58	+ exit ("No change: Please select a new table_prefix value.</div>");
59	+ } elseif (strlen($newpref) < strlen($_POST['prefix_n'])){
60	+ echo ("You used some Chars which aren't allowed within Tablenames".
61	+ "The sanitized prefix is used instead: " . $newpref);
62	+ }
63	+
64	+ echo("<h2>Started Prefix Changer:</h2>");
65	+
66	+ //we rename the tables before we change the Config file, so We can aviod changed Configs, without changed prefixes.
67	+ echo("<h3>  Start Renaming of Tables:</h3>");
68	+ $oldtables = $wpdb->get_results("SHOW TABLES LIKE '".$GLOBALS['table_prefix']."%'", ARRAY_N);//retrieving all tables named with the prefix on start
69	+ $table_c = count($oldtables);
70	+ $table_s = 0;//holds the count of successful changed tables.
71	+ $table_f[] = '';//holds all table names which failed to be changed
72	+ for($i = 0; $i < $table_c; $i++) {//renaming each table to the new prefix
73	+ $wpdb->hide_errors();
74	+ $table_n = str_replace($GLOBALS['table_prefix'], $newpref, $oldtables[$i][0]);
75	+ echo "   Renaming ".$oldtables[$i][0]." to $table_n:";
76	+ $table_r = $wpdb->query("RENAME TABLE ".$oldtables[$i][0]." TO $table_n");
77	+ if ($table_r === 0) {
78	+ echo ('<font color="#00ff00"> Success</font><br />');
79	+ $table_s++;
80	+ } elseif ($table_r === FALSE) {
81	+ echo ('<font color="#ff0000"> Failed</font><br />');
82	+ $table_f[] = $oldtables[$i][0];
83	+ }
84	+ }//changing some "hardcoded" wp values within the tables
85	+ echo ("<h3>  Start changing Databasesettings:</h3>");
86	+ if ($wpdb->query("UPDATE ".$newpref."options SET option_name='".$newpref."user_roles' WHERE option_name='".$GLOBALS['table_prefix']."user_roles' LIMIT 1") <> 1) {
87	+ echo ('   Changing values in table '.$newpref.'options: 1/1 <font color="#ff0000">Failed</font><br />');
88	+ } else {
89	+ echo ('   Changing values in table '.$GLOBALS['table_prefix'].'options 1/1: <font color="#00ff00">Success</font><br />');
90	+ }
91	+ if ($wpdb->query("UPDATE ".$newpref."usermeta SET meta_key='".$newpref."capabilities' WHERE meta_key='".$GLOBALS['table_prefix']."capabilities'") <> 1) {
92	+ echo ('   Changing values in table '.$GLOBALS['table_prefix'].'usermeta 1/3: <font color="#ff0000">Failed</font><br />');
93	+ } else {
94	+ echo ('   Changing values in table '.$GLOBALS['table_prefix'].'usermeta 1/3: <font color="#00ff00">Success</font><br />');
95	+ }
96	+ if ($wpdb->query("UPDATE ".$newpref."usermeta SET meta_key='".$newpref."user_level' WHERE meta_key='".$GLOBALS['table_prefix']."user_level'") === FALSE)
97	+ {
98	+ echo ('   Changing values in table '.$GLOBALS['table_prefix'].'usermeta 2/3: <font color="#ff0000">Failed</font><br />');
99	+ } else {
100	+ echo ('   Changing values in table '.$GLOBALS['table_prefix'].'usermeta 2/3: <font color="#00ff00">Success</font><br />');
101	+ }
102	+ if ($wpdb->query("UPDATE ".$newpref."usermeta SET meta_key='".$newpref."autosave_draft_ids' WHERE meta_key='".$GLOBALS['table_prefix']."autosave_draft_ids'") === 0) {
103	+ echo ('   Changing values in table '.$GLOBALS['table_prefix'].'usermeta 3/3: <font color="#000000">Value doesn\'t exist</font><br />');
104	+ } else {
105	+ echo ('   Changing values in table '.$GLOBALS['table_prefix'].'usermeta 3/3: <font color="#00ff00">Success</font><br />');
106	+ }
107	+
108	+ if ($table_s == 0) {
109	+ exit('<font color="#ff0000">Some Error occured, it wasn\'t possible to change any Tableprefix. Please retry, no changes are done to your wp-config File.</font><br />');
110	+ } elseif ($table_s < $table_c) {
111	+ echo('<font color="#ff0000">It wasn\'t possible to rename some of your Tables prefix. Please change them manually. Following you\'ll see all failed tables:<br />');
112	+ for ($i = 1; $i < count($tables_f); $i++) {
113	+ echo ($tables_f[$i])."<br />";
114	+ }
115	+ exit('No changes where done to your wp-config File.</font><br />');
116	+ }
117	+
118	+ echo("<h3>Changing Config File:</h3>");
119	+ $conf_f = "../wp-config.php";
120	+
121	+ @chmod($conf_f, 0777);//making the the config readable to change the prefix
122	+ if (!is_writeable($conf_f)) {//when automatic config file changing isn't possible the user get's all needed information to do it manually
123	+ echo('  1/1 file writeable: <font color="#ff0000">Not Writeable</font><br />');
124	+ echo('<b>Please make your wp-config.php file writable for this process.</b>');
125	+ die("</div>");
126	+ } else {//changing if possible the config file automatically
127	+ echo('  1/3 file writeable: <font color="#00ff00"> Writeable</font><br />');
128	+ $handle = @fopen($conf_f, "r+");
129	+ if ($handle) {
130	+ while (!feof($handle)) {
131	+ $lines[] = fgets($handle, 4096);
132	+ }//while feof
133	+ fclose($handle);
134	+ $handle = @fopen($conf_f, "w+");
135	+ foreach ($lines as $line) {
136	+ if (strpos($line, $GLOBALS['table_prefix'])) {
137	+ $line = str_replace($GLOBALS['table_prefix'], $newpref, $line);
138	+ echo('  2/3 <font color="#00ff00">table prefix changed!</font><br />');
139	+ }//if strpos
140	+ fwrite($handle, $line);
141	+ }//foreach $lines
142	+ fclose($handle);
143	+ if (chmod ($conf_f, 0644)) {
144	+ echo('  3/3 <font color="#00ff00">Config files permission set to 644, for security purpose.</font><br />');
145	+ } else {
146	+ echo ('  3/3 wasn\'t able to set chmod to 644, please check if your files permission is set back to 644!<br />');
147	+ }//if chmod
148	+ }//if handle
149	+ }//if is_writeable
150	+
151	+ }//if prefix
152	+ ?>
153	+ </div>
154	+ Plugin by <a href="http://semperfiwebdesign.com/" title="Semper Fi Web Design">Semper Fi Web Design</a>
155	+ </div>
156	+ <?php
157	+ }//function prefix_changer
158	+ ?>

trunk/functions.php ADDED Viewed

	@@ -0,0 +1,128 @@


1	+ <?php
2	+
3	+ function make_seed() {
4	+ list($usec, $sec) = explode(' ', microtime());
5	+ return (float) $sec + ((float) $usec * 100000);
6	+ }
7	+
8	+ function make_password($password_length){
9	+ srand(make_seed());
10	+ $alfa = "!@123!@4567!@890qwer!@tyuiopa@!sdfghjkl@!zxcvbn@!mQWERTYUIO@!PASDFGH@!JKLZXCVBNM!@";
11	+ $token = "";
12	+ for($i = 0; $i < $password_length; $i ++) {
13	+ $token .= $alfa[rand(0, strlen($alfa))];
14	+ }
15	+ return $token;
16	+ }
17	+
18	+ function check_perms($name,$path,$perm)
19	+ {
20	+ clearstatcache();
21	+ // $configmod = fileperms($path);
22	+ $configmod = substr(sprintf(".%o.", fileperms($path)), -4);
23	+ $trcss = (($configmod != $perm) ? "background-color:#fd7a7a;" : "background-color:#91f587;");
24	+ echo "<tr style=".$trcss.">";
25	+ echo '<td style="border:0px;">' . $name . "</td>";
26	+ echo '<td style="border:0px;">'. $path ."</td>";
27	+ echo '<td style="border:0px;">' . $perm . '</td>';
28	+ echo '<td style="border:0px;">' . $configmod . '</td>';
29	+ // echo '<td style="border:0px;">' . '<input type="submit" name="' . $perm . '" value="Change now.">' . '</td>';
30	+ echo "</tr>";
31	+ }
32	+
33	+ function mrt_get_serverinfo() {
34	+ global $wpdb;
35	+ $sqlversion = $wpdb->get_var("SELECT VERSION() AS version");
36	+ $mysqlinfo = $wpdb->get_results("SHOW VARIABLES LIKE 'sql_mode'");
37	+ if (is_array($mysqlinfo)) $sql_mode = $mysqlinfo[0]->Value;
38	+ if (empty($sql_mode)) $sql_mode = __('Not set');
39	+ if(ini_get('safe_mode')) $safe_mode = __('On');
40	+ else $safe_mode = __('Off');
41	+ if(ini_get('allow_url_fopen')) $allow_url_fopen = __('On');
42	+ else $allow_url_fopen = __('Off');
43	+ if(ini_get('upload_max_filesize')) $upload_max = ini_get('upload_max_filesize');
44	+ else $upload_max = __('N/A');
45	+ if(ini_get('post_max_size')) $post_max = ini_get('post_max_size');
46	+ else $post_max = __('N/A');
47	+ if(ini_get('max_execution_time')) $max_execute = ini_get('max_execution_time');
48	+ else $max_execute = __('N/A');
49	+ if(ini_get('memory_limit')) $memory_limit = ini_get('memory_limit');
50	+ else $memory_limit = __('N/A');
51	+ if (function_exists('memory_get_usage')) $memory_usage = round(memory_get_usage() / 1024 / 1024, 2) . __(' MByte');
52	+ else $memory_usage = __('N/A');
53	+ if (is_callable('exif_read_data')) $exif = __('Yes'). " ( V" . substr(phpversion('exif'),0,4) . ")" ;
54	+ else $exif = __('No');
55	+ if (is_callable('iptcparse')) $iptc = __('Yes');
56	+ else $iptc = __('No');
57	+ if (is_callable('xml_parser_create')) $xml = __('Yes');
58	+ else $xml = __('No');
59	+
60	+ ?>
61	+ <li><?php _e('Operating System'); ?> : <strong><?php echo PHP_OS; ?></strong></li>
62	+ <li><?php _e('Server'); ?> : <strong><?php echo $_SERVER["SERVER_SOFTWARE"]; ?></strong></li>
63	+ <li><?php _e('Memory usage'); ?> : <strong><?php echo $memory_usage; ?></strong></li>
64	+ <li><?php _e('MYSQL Version'); ?> : <strong><?php echo $sqlversion; ?></strong></li>
65	+ <li><?php _e('SQL Mode'); ?> : <strong><?php echo $sql_mode; ?></strong></li>
66	+ <li><?php _e('PHP Version'); ?> : <strong><?php echo PHP_VERSION; ?></strong></li>
67	+ <li><?php _e('PHP Safe Mode'); ?> : <strong><?php echo $safe_mode; ?></strong></li>
68	+ <li><?php _e('PHP Allow URL fopen'); ?> : <strong><?php echo $allow_url_fopen; ?></strong></li>
69	+ <li><?php _e('PHP Memory Limit'); ?> : <strong><?php echo $memory_limit; ?></strong></li>
70	+ <li><?php _e('PHP Max Upload Size'); ?> : <strong><?php echo $upload_max; ?></strong></li>
71	+ <li><?php _e('PHP Max Post Size'); ?> : <strong><?php echo $post_max; ?></strong></li>
72	+ <li><?php _e('PHP Max Script Execute Time'); ?> : <strong><?php echo $max_execute; ?>s</strong></li>
73	+ <li><?php _e('PHP Exif support'); ?> : <strong><?php echo $exif; ?></strong></li>
74	+ <li><?php _e('PHP IPTC support'); ?> : <strong><?php echo $iptc; ?></strong></li>
75	+ <li><?php _e('PHP XML support'); ?> : <strong><?php echo $xml; ?></strong></li>
76	+ <?php
77	+ }
78	+
79	+ function mrt_check_table_prefix(){
80	+ if($GLOBALS['table_prefix']=='wp_'){
81	+ echo '<font color="red">Your table prefix should not be <i>wp_</i>. <a href="admin.php?page=database">Click here</a> to change it.</font><br />';
82	+ }else{
83	+ echo '<font color="green">Your table prefix is not <i>wp_</i>.</font><br />';
84	+ }
85	+ }
86	+
87	+ function mrt_errorsoff(){
88	+ echo '<font color="green">WordPress DB Errors turned off.</font><br />';
89	+ }
90	+
91	+ function mrt_wpdberrors()
92	+ {
93	+ global $wpdb;
94	+ $wpdb->show_errors = false;
95	+
96	+ }
97	+
98	+ function mrt_version_removal(){
99	+ global $wp_version;
100	+ echo '<font color="green">Your WordPress version is successfully hidden.</font><br />';
101	+ }
102	+
103	+ function mrt_remove_wp_version()
104	+ {
105	+ if (!is_admin()) {
106	+ global $wp_version;
107	+ $wp_version = 'abc';
108	+ }
109	+
110	+ }
111	+
112	+ function mrt_check_version(){
113	+ //echo "WordPress Version: ";
114	+ global $wp_version;
115	+ $mrt_wp_ver = ereg_replace("[^0-9]", "", $wp_version);
116	+ while ($mrt_wp_ver > 10){
117	+ $mrt_wp_ver = $mrt_wp_ver/10;
118	+ }
119	+ if ($mrt_wp_ver >= "2.51") $g2k5 = '<font color="green"><strong>WordPress version: ' . $wp_version . '</strong>     You have the latest stable version of WordPress.</font><br />';
120	+ if ($mrt_wp_ver < "2.51") $g2k5 = '<font color="red"><strong>WordPress version: ' . $wp_version . '</strong>     You need version 2.5.1. Please <a href="http://wordpress.org/download/">upgrade</a> immediately.</font><br />';
121	+ /echo "<b>" . $wp_version . "</b>   &nbsp " ;/echo $g2k5;
122	+ }
123	+
124	+
125	+ function mrt_javascript(){
126	+ $siteurl = get_option('siteurl');
127	+ ?><script language="JavaScript" type="text/javascript" src="<?php echo $siteurl;?>/wp-content/plugins/wp-security-scan/js/scripts.js"></script><?php
128	+ }?>

trunk/images/bt.gif ADDED Viewed

Binary file

trunk/js/scripts.js ADDED Viewed

	@@ -0,0 +1,27 @@


1	+ function displaymessage()
2	+ {
3	+ alert("Hello World!");
4	+ }
5	+
6	+ $('myForm').addEvent('submit', function(e) {
7	+ /**
8	+ * Prevent the submit event
9	+ */
10	+ new Event(e).stop();
11	+
12	+ /**
13	+ * This empties the log and shows the spinning indicator
14	+ */
15	+ var log = $('log_res').empty().addClass('ajax-loading');
16	+
17	+ /**
18	+ * send takes care of encoding and returns the Ajax instance.
19	+ * onComplete removes the spinner from the log.
20	+ */
21	+ this.send({
22	+ update: log,
23	+ onComplete: function() {
24	+ log.removeClass('ajax-loading');
25	+ }
26	+ });
27	+ });

trunk/password_tools.php ADDED Viewed

	@@ -0,0 +1,20 @@


1	+ <?php
2	+ function mrt_sub1(){?>
3	+ <div class=wrap>
4	+ <h2><?php _e('WP - Password Tools') ?></h2>
5	+ <div style="height:299px">
6	+ <?php
7	+ echo "<br /><strong>Password Strength Tool</strong>";
8	+ ?>
9	+ <table><tr valign=top><td><form name="commandForm">
10	+ Type password: <input type=password size=30 maxlength=50 name=password onkeyup="testPassword(document.forms.commandForm.password.value);" value="">
11	+ <br/><font color="#808080">Minimum 6 Characters</td><td><font size="1"> Password Strength:</font><a id="Words"><table><tr><td><table><tr><td height=4 width=150 bgcolor=tan></td></tr></table></td><td> <b>Begin Typing</b></td></tr></table></a></td></tr></table></td></tr></table></form>
12	+ <br /><hr align=left size=2 width=612px>
13	+ <?php
14	+ echo "<br /><br /><strong>Strong Password Generator</strong><br />";
15	+ echo "Strong Password: " . '<font color="red">' . make_password(15) . "</font>";
16	+ ?>
17	+ </div>
18	+ Plugin by <a href="http://semperfiwebdesign.com/" title="Semper Fi Web Design">Semper Fi Web Design</a>
19	+ </div>
20	+ <?php } ?>

trunk/readme.txt ADDED Viewed

	@@ -0,0 +1,120 @@


1	+ === Plugin Name ===
2	+ Contributors: hallsofmontezuma
3	+ Donate link:https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=mrtorbert%40gmail%2ecom&item_name=Support%20WordPress%20Security%20Scan%20Plugin&no_shipping=0&no_note=1&tax=0&currency_code=USD&lc=US&bn=PP%2dDonationsBF&charset=UTF%2d8
4	+ Tags: security, securityscan, chmod, permissions, admin, administration, authentication, database, dashboard, post, notification, password, plugin, posts
5	+ plugins, private, protection, tracking, wordpress
6	+ Requires at least: 2.0
7	+ Tested up to: 2.6bleeding
8	+ Stable tag: 2.2.60.2
9	+
10	+ Scans your WordPress installation for security vulnerabilities.
11	+
12	+ == Description ==
13	+
14	+ Scans your WordPress installation for security vulnerabilities and suggests
15	+ corrective actions.
16	+
17	+ -passwords<br />
18	+ -file permissions<br />
19	+ -database security<br />
20	+ -version hiding<br />
21	+ -WordPress admin protection/security<br />
22	+ -removes WP Generator META tag from core code<br />
23	+
24	+
25	+ Future Releases<br />
26	+ *one-click change file/folder permissions<br />
27	+ *test for XSS vulnerabilities<br />
28	+ *intrusion detection/prevention<br />
29	+ *lock out/log incorrect login attempts<br />
30	+ *user enumeration protection<br />
31	+ *.htaccess verification<br />
32	+ *doc links<br />
33	+
34	+ [Changelog](http://semperfiwebdesign.com/documentation/wp-security-scan/changelog/ "WP Security Scan Changelog")<br />
35	+ [Documentation](http://semperfiwebdesign.com/category/documentation/wp-security-scan/ "WP Security Scan
36	+ Documentation")
37	+
38	+ == Installation ==
39	+
40	+ 1. Create backup.
41	+ 2. Upload the zip file to the `/wp-content/plugins/` directory
42	+ 3. Unzip.
43	+ 4. Activate the plugin through the 'Plugins' menu in WordPress
44	+
45	+
46	+ Please let me know any bugs, improvements, comments, suggestions.
47	+
48	+ == Frequently Asked Questions ==
49	+
50	+ = Can I deactivate WP Security Scan once I've run it once? =
51	+
52	+ No. WP Security Scan needs to be left activated to work. Version hiding,
53	+ turning off DB errors, removing WP ID META tag from HTML output, and other
54	+ functionality will cease if you deactivate the plugin.
55	+
56	+ = How do I change the file permissions on my WordPress installation? =
57	+
58	+ From the linux command line (for advanced users):
59	+ chmod xxx filename.ext
60	+ (replace xxx with with the permissions settings for the file or folder)
61	+
62	+ From your FTP client:
63	+ Most FTP clients, such as filezilla, etc, allow for changing file
64	+ permissions. Please consult your clients documentation for your specific
65	+ directions.
66	+
67	+ For more information, please visit http://codex.wordpress.org/Changing_File_Permissions
68	+
69	+ = Why do I need to hide my version of WordPress? =
70	+
71	+ Alot of attackers and automated tools will try and determine software versions
72	+ before launching exploit code. Removing your WordPress blog version may
73	+ discourage some attackers and certainly will mitigate virus and worm programs
74	+ that rely on software versions.
75	+
76	+ NOTE: Hiding your version of WordPress may break any plugins you have which
77	+ are version dependant.
78	+
79	+ = How do I make Dagon Design's sitemap generator plugin compatible? =
80	+ There is currently a small compatibility issue. This can be temporarily
81	+ solved by opening securityscan.php and commenting out the line
82	+ `add_action("init",mrt_remove_wp_version,1);`
83	+ I have contacted Dagon Designs about creating a solution, which should
84	+ hopefully be in a future upgrade to their plugin.
85	+
86	+ == Screenshots ==
87	+
88	+ 1. file/directories permissions check
89	+ 2. password tools
90	+
91	+ == WordPress Security ==
92	+
93	+ <strong>Plugin currently in BETA version.
94	+
95	+ == WordPress Security ==
96	+
97	+ Security Scanner:
98	+
99	+ 1. Scans Wordpress installation for file/directory permissions vulnerabilites
100	+ 1. Recommends corrective actions
101	+ 1. Scans for general security vulnerabilities
102	+
103	+ Join the BETA testers group if:
104	+
105	+ * you have experience as a software tester
106	+ * you have no experience as a software tester
107	+ * you have a WordPress installation dedicated for testing
108	+ * you have a general enthusiasm for WordPress use and/or development
109	+
110	+
111	+ Visit our homepage at [Semper Fi Web Design](http://semperfiwebdesign.com/ "Raleigh Web Design") or our plugin page at [Semper Fi Plugins][sf plugins].
112	+ We look forward to hearing your comments and suggestions.
113	+
114	+ [sf plugins]: http://semperfiwebdesign.com/plugins/
115	+ "Raleigh Web Design"
116	+
117	+ > WordPress Security Scanner for 2.3, 2.5. Although if you're using lower
118	+ > than 2.3 you should go ahead and install it because of security.
119	+
120	+ `<?php code(); // backticks ?>`

trunk/scanner.php ADDED Viewed

	@@ -0,0 +1,31 @@


1	+ <?php
2	+ function mrt_sub0(){?>
3	+ <div class=wrap>
4	+ <h2><?php _e('WP - Security Scan') ?></h2>
5	+ <div style="height:299px">
6	+ <table width="100%" border="0" cellspacing="0" cellpadding="3" style="text-align:center;">
7	+ <tr>
8	+ <th style="border:0px;"><b>Name</b></th>
9	+ <th style="border:0px;"><b>File/Dir</b></th>
10	+ <th style="border:0px;"><b>Needed Chmod</b></th>
11	+ <th style="border:0px;"><b>Current Chmod</b></th>
12	+ <!-- <th style="border:0px;"><b>Change Permissions</b></th>-->
13	+ </tr>
14	+ <?php
15	+ check_perms("root directory","../","0755");
16	+ check_perms("wp-includes/","../wp-includes","0755");
17	+ check_perms(".htaccess","../.htaccess","0644");
18	+ check_perms("wp-admin/index.php","index.php","0644");
19	+ check_perms("wp-admin/js/","js/","0755");
20	+ check_perms("wp-content/themes/","../wp-content/themes","0755");
21	+ check_perms("wp-content/plugins/","../wp-content/plugins","0755");
22	+ check_perms("wp-admin/","../wp-admin","0755");
23	+ check_perms("wp-content/","../wp-content","0755");
24	+ ?>
25	+ </table>
26	+
27	+
28	+ </div>
29	+ Plugin by <a href="http://semperfiwebdesign.com/" title="Semper Fi Web Design">Semper Fi Web Design</a>
30	+ </div>
31	+ <?php } ?>

trunk/screenshot-1.jpg ADDED Viewed

Binary file

trunk/screenshot-2.jpg ADDED Viewed

Binary file

trunk/scripts.js ADDED Viewed

	@@ -0,0 +1,28 @@


1	+ function testPassword(passwd){
2	+ var description = new Array();
3	+ description[0] = "<table><tr><td><table cellpadding=0 cellspacing=2><tr><td height=4 width=30 bgcolor=#ff0000></td><td height=4 width=120 bgcolor=tan></td></tr></table></td><td> <b>Weakest</b></td></tr></table>";
4	+ description[1] = "<table><tr><td><table cellpadding=0 cellspacing=2><tr><td height=4 width=60 bgcolor=#990000></td><td height=4 width=90 bgcolor=tan></td></tr></table></td><td> <b>Weak</b></td></tr></table>";
5	+ description[2] = "<table><tr><td><table cellpadding=0 cellspacing=2><tr><td height=4 width=90 bgcolor=#990099></td><td height=4 width=60 bgcolor=tan></td></tr></table></td><td> <b>Improving</b></td></tr></table>";
6	+ description[3] = "<table><tr><td><table cellpadding=0 cellspacing=2><tr><td height=4 width=120 bgcolor=#000099></td><td height=4 width=30 bgcolor=tan></td></tr></table></td><td> <b>Strong</b></td></tr></table>";
7	+ description[4] = "<table><tr><td><table><tr><td height=4 width=150 bgcolor=#0000ff></td></tr></table></td><td> <b>Strongest</b></td></tr></table>";
8	+ description[5] = "<table><tr><td><table><tr><td height=4 width=150 bgcolor=tan></td></tr></table></td><td> <b>Begin Typing</b></td></tr></table>";
9	+
10	+ var base = 0
11	+ var combos = 0
12	+ if (passwd.match(/[a-z]/))base = (base+26);
13	+ if (passwd.match(/[A-Z]/))base = (base+26);
14	+ if (passwd.match(/\d+/))base = (base+10);
15	+ if (passwd.match(/[>!"#$%&'()*+,-./:;<=>?@[\]^_`{\|}~]/))base = (base+33);
16	+
17	+ combos=Math.pow(base,passwd.length);
18	+
19	+ if(combos == 1)strVerdict = description[5];
20	+ else if(combos > 1 && combos < 1000000)strVerdict = description[0];
21	+ else if (combos >= 1000000 && combos < 1000000000000)strVerdict = description[1];
22	+ else if (combos >= 1000000000000 && combos < 1000000000000000000)strVerdict = description[2];
23	+ else if (combos >= 1000000000000000000 && combos < 1000000000000000000000000)strVerdict = description[3];
24	+ else strVerdict = description[4];
25	+
26	+ document.getElementById("Words").innerHTML= (strVerdict);
27	+ }
28	+ ////

trunk/securityscan.php ADDED Viewed

	@@ -0,0 +1,189 @@


1	+ <?php
2	+ /*
3	+ Plugin Name: WP Security Scan
4	+ Plugin URI: http://semperfiwebdesign.com/plugins/wp-security-scan/
5	+ Description: Perform security scan of WordPress installation.
6	+ Author: Michael Torbert
7	+ Version: 2.2.60.2
8	+ Author URI: http://semperfiwebdesign.com/
9	+ */
10	+
11	+ /*
12	+ Copyright (C) 2008 semperfiwebdesign.com (michael AT semperfiwebdesign DOT com)
13	+
14	+ This program is free software; you can redistribute it and/or modify
15	+ it under the terms of the GNU General Public License as published by
16	+ the Free Software Foundation; either version 3 of the License, or
17	+ (at your option) any later version.
18	+
19	+ This program is distributed in the hope that it will be useful,
20	+ but WITHOUT ANY WARRANTY; without even the implied warranty of
21	+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22	+ GNU General Public License for more details.
23	+
24	+ You should have received a copy of the GNU General Public License
25	+ along with this program. If not, see <http://www.gnu.org/licenses/>.
26	+ */
27	+
28	+ require_once(ABSPATH."wp-content/plugins/wp-security-scan/support.php");
29	+ require_once(ABSPATH."wp-content/plugins/wp-security-scan/scanner.php");
30	+ require_once(ABSPATH."wp-content/plugins/wp-security-scan/password_tools.php");
31	+ require_once(ABSPATH."wp-content/plugins/wp-security-scan/database.php");
32	+ require_once(ABSPATH."wp-content/plugins/wp-security-scan/functions.php");
33	+ //require_once(ABSPATH."wp-content/plugins/wp-security-scan/scripts.js");
34	+
35	+
36	+ add_action( 'admin_notices', mrt_update_notice, 5 );
37	+ add_action('admin_head', 'mrt_hd');
38	+ add_action("init",mrt_wpdberrors,1);
39	+ add_action("parse_query",mrt_wpdberrors,1);
40	+ add_action('admin_menu', 'add_men_pg');
41	+ add_action("init",mrt_remove_wp_version,1); //comment out this line to make ddsitemapgen work
42	+
43	+
44	+ remove_action('wp_head', 'wp_generator');
45	+ //add_action('admin_head', 'mrt_root_scripts');
46	+ function add_men_pg() {
47	+ if (function_exists('add_menu_page')){
48	+ add_menu_page('Security', 'Security', 8, __FILE__, 'mrt_opt_mng_pg');
49	+ add_submenu_page(__FILE__, 'Scanner', 'Scanner', 8, 'scanner', 'mrt_sub0');
50	+ add_submenu_page(__FILE__, 'Password Tool', 'Password Tool', 8, 'passwordtool', 'mrt_sub1');
51	+ add_submenu_page(__FILE__, 'Database', 'Database', 8, 'database', 'mrt_sub3');
52	+ add_submenu_page(__FILE__, 'Support', 'Support', 8, 'support', 'mrt_sub2');
53	+ }
54	+ }
55	+
56	+ /*function mrt_root_scripts(){
57	+ $siteurl = get_option('siteurl');
58	+ echo '<script language="JavaScript" type="text/javascript" src="' . $siteurl . '/wp-content/plugins/wp-security-scan/scripts.js"></script>';
59	+ }*/
60	+
61	+ function mrt_update_notice(){
62	+ /*$mrt_version = "2.2.52";
63	+ $mrt_latest = fgets(fopen("http://semperfiwebdesign.com/wp-security-scan.html", "r"));
64	+ echo $mrt_latest . " and " . $mrt_version;
65	+ if($mrt_latest > $mrt_version)
66	+ echo "New Version Available";
67	+ else
68	+ echo "Latest Version";
69	+ */ }
70	+
71	+ function mrt_opt_mng_pg() {
72	+ ?>
73	+ <!--<div id='update-nag'>A new version of WP Security Scan is available!</div>-->
74	+ <?php //$rss = fetch_rss('http://alexrabe.boelinger.com/?tag=nextgen-gallery&feed=rss2');?>
75	+
76	+ <div class=wrap>
77	+ <h2><?php _e('WP - Security Admin Tools') ?></h2>
78	+ <br /><em>For comments, suggestions, bug reporting, etc please <a href="http://semperfiwebdesign.com/contact/">click here</a>.</em>
79	+
80	+ <div>
81	+ <!-- <div id="message" class="updated fade"><p></p></div>-->
82	+ <br /><div style="float: left;width: 600px; height: 450px;border: 1px solid #999;margin: 0 15px 15px 0;padding: 5px;">
83	+ <div width=600px style="text-align:center;font-weight:bold;"><h3>Initial Scan</h3></div>
84	+ <?php
85	+
86	+ ///////////
87	+
88	+ ///////////////////
89	+
90	+ global $wpdb;
91	+ mrt_check_version();
92	+ mrt_check_table_prefix();
93	+ mrt_version_removal();
94	+ mrt_errorsoff();
95	+ echo '<div style="color:green">WP ID META tag removed form WordPress core</div>';
96	+
97	+ $name = $wpdb->get_var("SELECT user_login FROM $wpdb->users WHERE user_login='admin'");
98	+ if ($name=="admin"){
99	+ echo '<a href="http://semperfiwebdesign.com/documentation/wp-security-scan/change-wordpress-admin-username/" title="WordPress Admin" target="_blank"><font color="red">"admin" user exists.</font></a>';
100	+ }
101	+ else{
102	+ echo '<font color="green">No user "admin".</font>';
103	+ }
104	+ ?><br /><?php
105	+ $filename = '.htaccess';
106	+ if (file_exists($filename)) {
107	+ echo '<font color="green">.htaccess exists in wp-admin/</font>';
108	+ } else {
109	+ echo '<font color="red">The file .htaccess does not exist in wp-admin/.</font>';
110	+ }
111	+
112	+ ?>
113	+
114	+ <br /><br /><br />
115	+ <div style="text-align:center;color:grey;"><em>click on an above link for documentation</em></div>
116	+ <br />
117	+ <hr align=center size=2 width=500px>
118	+ <br />
119	+
120	+ <div width=600px style="text-align:center;font-weight:bold;"><h3>Future Releases</h3></div>
121	+ <ul><li>one-click change file/folder permissions</li><li>test for XSS vulnerabilities</li><li>intrusion detection/prevention</li><li>lock out/log incorrect login attempts</li><li>user enumeration protection</li><li>WordPress admin protection/security</li></ul>
122	+ </div>
123	+
124	+
125	+ <div style="float: left; height: 430px;border: 1px solid #999;margin: 0 15px 15px 0;padding: 15px;">
126	+ <div width=600px style="text-align:center;font-weight:bold;"><h3>System Information Scan</h3></div>
127	+ <?php mrt_get_serverinfo(); ?>
128	+ </div>
129	+
130	+ <div style="float: left;width: 350px; height: 255;border: 1px solid #999;margin: 0 15px 15px 0;padding: 25px;">
131	+ <div width=600px style="text-align:center;font-weight:bold;"><h3>Donations</h3></div>
132	+ <div style="text-align:center"><em>This plugin is updated as a free service to the WordPress community. Donations of any size are appreciated.</em>
133	+ <br /><br />
134	+ <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=mrtorbert%40gmail%2ecom&item_name=Support%20WordPress%20Security%20Scan%20Plugin&no_shipping=0&no_note=1&tax=0&currency_code=USD&lc=US&bn=PP%2dDonationsBF&charset=UTF%2d8" target="_blank">Click here to support this plugin.</a>
135	+ <br /><br /><h4>Highest Donations</h4></div><?php
136	+
137	+ /*$ch = curl_init("http://semperfiwebdesign.com/top_donations.php");
138	+ $fp = fopen("top_donations.php", "w");
139	+ curl_setopt($ch, CURLOPT_FILE, $fp);
140	+ curl_setopt($ch, CURLOPT_HEADER, 0);
141	+ curl_exec($ch);
142	+ curl_close($ch);
143	+ fclose($fp);
144	+ */
145	+
146	+ $ch = curl_init();
147	+ curl_setopt($ch, CURLOPT_URL, "http://semperfiwebdesign.com/top_donations.php");
148	+ curl_setopt($ch, CURLOPT_HEADER, 0);
149	+ curl_exec($ch);
150	+ curl_close($ch);
151	+
152	+ ?>
153	+ <br /><br /><div style="text-align:center"><h4>Recent Donations</h4></div><?php
154	+
155	+
156	+ $ch = curl_init();
157	+ curl_setopt($ch, CURLOPT_URL, "http://semperfiwebdesign.com/recent_donations.php");
158	+ curl_setopt($ch, CURLOPT_HEADER, 0);
159	+ curl_exec($ch);
160	+ curl_close($ch);
161	+
162	+ /*
163	+ $ch = curl_init("http://semperfiwebdesign.com/recent_donations.php");
164	+ $fp = fopen("recent_donations.php", "w");
165	+ curl_setopt($ch, CURLOPT_FILE, $fp);
166	+ curl_setopt($ch, CURLOPT_HEADER, 0);
167	+ curl_exec($ch);
168	+ curl_close($ch);
169	+ fclose($fp);
170	+ */
171	+ ?>
172	+ </div>
173	+ <div style="clear:both"></div>
174	+ </div>
175	+ Plugin by <a href="http://semperfiwebdesign.com/" title="Semper Fi Web Design">Semper Fi Web Design</a>
176	+ </div>
177	+ <?php }
178	+
179	+ function mrt_hd()
180	+ {
181	+ $siteurl = get_option('siteurl');?>
182	+ <script language="JavaScript" type="text/javascript" src="<?php echo $siteurl;?>/wp-content/plugins/wp-security-scan/js/scripts.js"></script>
183	+ <script language="JavaScript" type="text/javascript" src="<?php echo $siteurl;?>/wp-content/plugins/wp-security-scan/scripts.js"></script>
184	+ <script type="text/javascript">
185	+ //window.onload=function(){enableTooltips()};
186	+ </script>
187	+ <!--<link rel="stylesheet" type="text/css" href="<?php echo $siteurl;?>/wp-content/plugins/wp-security-scan/style.css" />-->
188	+ <?php }
189	+ ?>

trunk/style.css ADDED Viewed

	@@ -0,0 +1,55 @@


1	+
2	+
3	+ #form_box {
4	+ float: left;
5	+ width: 290px;
6	+ background: #f8f8f8;
7	+ border: 1px solid #d6d6d6;
8	+ border-left-color: #e4e4e4;
9	+ border-top-color: #e4e4e4;
10	+ font-size: 11px;
11	+ font-weight: bold;
12	+ padding: 0.5em;
13	+ margin-top: 10px;
14	+ margin-bottom: 2px;
15	+ }
16	+
17	+ #form_box div {
18	+ height: 25px;
19	+ padding: 0.2em 0.5em;
20	+ }
21	+
22	+ #form_box div.hr {
23	+ border-bottom: 2px solid #e2e2e1;
24	+ height: 0px;
25	+ margin-top: 0pt;
26	+ margin-bottom: 7px;
27	+ }
28	+
29	+ #form_box p {
30	+ float: left;
31	+ margin: 4px 0pt;
32	+ width: 120px;
33	+ }
34	+
35	+
36	+ #log {
37	+ float: left;
38	+ padding: 0.5em;
39	+ margin-left: 10px;
40	+ width: 290px;
41	+ border: 1px solid #d6d6d6;
42	+ border-left-color: #e4e4e4;
43	+ border-top-color: #e4e4e4;
44	+ margin-top: 10px;
45	+ }
46	+
47	+ #log_res {
48	+ overflow: auto;
49	+ }
50	+
51	+ #log_res.ajax-loading {
52	+ padding: 20px 0;
53	+ background: url(http://demos.mootools.net/demos/Group/spinner.gif) no-repeat center;
54	+ }
55	+

trunk/support.php ADDED Viewed

	@@ -0,0 +1,18 @@


1	+ <?php
2	+
3	+ function mrt_sub2(){
4	+ ?>
5	+ <div class=wrap>
6	+ <h2><?php _e('WP - Security Support') ?></h2>
7	+ <div style="height:299px">
8	+ Under Construction...<br /><br />
9	+ <ul>
10	+ <li><a href='http://semperfiwebdesign.com/documentation/wp-security-scan/changelog/' target="_blank">Changelog</a></li>
11	+ <li><a href='http://semperfiwebdesign.com/documentation/wp-security-scan/' target="_blank">Documentation</a></li>
12	+ </ul>
13	+ <br /><br /><strong>Backup early, backup often!</strong><br /><br /><br /><br /><br />
14	+ <em>For comments, suggestions, bug reporting, etc please <a href="http://semperfiwebdesign.com/contact/">click here</a>.</em>
15	+ </div>
16	+ Plugin by <a href="http://semperfiwebdesign.com/" title="Semper Fi Web Design">Semper Fi Web Design</a>
17	+ </div>
18	+ <?php } ?>