__ __ __ __ _____ _ _ _____ _ _ _ | \/ | \ \ / / | __ \ (_) | | / ____| | | | | | \ / |_ __\ V / | |__) | __ ___ ____ _| |_ ___ | (___ | |__ ___| | | | |\/| | '__|> < | ___/ '__| \ \ / / _` | __/ _ \ \___ \| '_ \ / _ \ | | | | | | |_ / . \ | | | | | |\ V / (_| | || __/ ____) | | | | __/ | | |_| |_|_(_)_/ \_\ |_| |_| |_| \_/ \__,_|\__\___| |_____/|_| |_|\___V 2.1 if you need WebShell for Seo everyday contact me on Telegram Telegram Address : @jackleetFor_More_Tools:
<?php
/**
* Code related to the command.lib.php interface.
*
* PHP version 5
*
* @category Library
* @package Sucuri
* @subpackage SucuriScanner
* @author Daniel Cid <dcid@sucuri.net>
* @copyright 2010-2018 Sucuri Inc.
* @license https://www.gnu.org/licenses/gpl-2.0.txt GPL2
* @link https://wordpress.org/plugins/sucuri-scanner
*/
if (!defined('SUCURISCAN_INIT') || SUCURISCAN_INIT !== true) {
if (!headers_sent()) {
/* Report invalid access if possible. */
header('HTTP/1.1 403 Forbidden');
}
exit(1);
}
/**
* Class to process files and folders.
*
* Here are implemented the methods needed to open, scan, read, create files
* and folders using the built-in PHP class SplFileInfo. The SplFileInfo class
* offers a high-level object oriented interface to information for an individual
* file.
*
* @category Library
* @package Sucuri
* @subpackage SucuriScanner
* @author Daniel Cid <dcid@sucuri.net>
* @copyright 2010-2018 Sucuri Inc.
* @license https://www.gnu.org/licenses/gpl-2.0.txt GPL2
* @link https://wordpress.org/plugins/sucuri-scanner
*/
class SucuriScanCommand extends SucuriScan
{
/**
* Check if the system was configured to allow the execution of certain shell
* commands. In this specific case, we want to know if the generic exec method
* is enabled or not to allow the execution of system programs.
*
* @return bool True if the exec method is enabled, false otherwise.
*/
private static function canExecuteCommands()
{
$disabled = self::iniGet('disable_functions', true);
$methods = explode(',', $disabled);
return !in_array('exec', $methods);
}
/**
* Checks if an external command exists or not.
*
* @param string $cmd Name of the external command.
* @return bool True if the command exists, false otherwise.
*/
public static function exists($cmd)
{
$err = 255;
$out = array();
if (self::canExecuteCommands()) {
$command = sprintf('command -v %s 1>/dev/null', escapeshellarg($cmd));
@exec($command, $out, $err); /* ignore output and capture errors */
}
if ($err !== 0) {
return self::throwException('Command ' . $cmd . ' does not exist');
}
return true;
}
/**
* Compares two files line by line.
*
* @param string $a File path of the original file.
* @param string $b File path of the modified file.
* @return array Line-by-line changes (if any).
*/
public static function diff($a, $b)
{
$out = array();
if (self::exists('diff')) {
@exec(
sprintf(
'diff -u -- %s %s 2> /dev/null',
escapeshellarg($a),
escapeshellarg($b)
),
$out,
$err
);
}
return $out;
}
/**
* Generates the HTML code with the diff output.
*
* The method takes the relative path of a core WordPress file, then tries
* to download a fresh copy of such file from the official WordPress API. If
* the download succeeds the method will write the content of this file into
* a temporary resource. Then it will use the Unix diff utility to find all
* the differences between the original code and the one present in the site.
*
* If there are differences, the method will write the HTML code to report
* them in the dashboard. Some basic CSS classes will be attached to some of
* the elements in the code to facilitate the styling of the diff report.
*
* @param string $filepath Relative path to the core WordPress file.
* @return string|bool HTML code with the diff report, false on failure.
*/
public static function diffHTML($filepath)
{
$checksums = SucuriScanAPI::getOfficialChecksums();
if (!$checksums) {
return SucuriScanInterface::error('Unsupported WordPress version.');
}
if (!array_key_exists($filepath, $checksums)) {
return SucuriScanInterface::error('Not an official WordPress file.');
}
$output = ''; /* initialize empty with no differences */
$a = tempnam(sys_get_temp_dir(), SUCURISCAN . '-integrity-');
$b = tempnam(sys_get_temp_dir(), SUCURISCAN . '-integrity-');
$handle = @fopen($a, 'w');
if ($handle) {
@fwrite($handle, SucuriScanAPI::getOriginalCoreFile($filepath));
@copy(ABSPATH . '/' . $filepath, $b);
$output = self::diff($a, $b);
@fclose($handle);
}
@unlink($a); /* delete original file */
@unlink($b); /* delete modified file */
if (!is_array($output) || empty($output)) {
return SucuriScanInterface::error('There are no differences.');
}
$response = "<ul class='" . SUCURISCAN . "-diff-content'>\n";
foreach ($output as $key => $line) {
$number = $key + 1; /* line number */
$cssclass = SUCURISCAN . '-diff-line';
$cssclass .= "\x20" . SUCURISCAN . '-diff-line' . $number;
if ($number === 1) {
$line = sprintf('--- %s (ORIGINAL)', $filepath);
$cssclass .= "\x20" . SUCURISCAN . '-diff-header';
} elseif ($number === 2) {
$line = sprintf('+++ %s (MODIFIED)', $filepath);
$cssclass .= "\x20" . SUCURISCAN . '-diff-header';
} elseif ($number === 3) {
$cssclass .= "\x20" . SUCURISCAN . '-diff-header';
} elseif ($line === '') {
/* do not touch empty lines */
} elseif ($line[0] === '-') {
$cssclass .= "\x20" . SUCURISCAN . '-diff-minus';
} elseif ($line[0] === '+') {
$cssclass .= "\x20" . SUCURISCAN . '-diff-plus';
}
$response .= sprintf(
"<li class='%s'>%s</li>\n",
$cssclass, /* include external CSS styling */
SucuriScan::escape($line) /* clean user input */
);
}
$response .= "</ul>\n";
return $response;
}
}
| Name | Type | Size | Permission | Actions |
|---|---|---|---|---|
| api.lib.php | File | 37.23 KB | 0644 |
|
| auditlogs.lib.php | File | 10.89 KB | 0644 |
|
| base.lib.php | File | 27.75 KB | 0644 |
|
| cache.lib.php | File | 16.15 KB | 0644 |
|
| cli.lib.php | File | 4.8 KB | 0644 |
|
| command.lib.php | File | 6.19 KB | 0644 |
|
| cron.lib.php | File | 1.8 KB | 0644 |
|
| event.lib.php | File | 32.55 KB | 0644 |
|
| fileinfo.lib.php | File | 14.98 KB | 0644 |
|
| firewall.lib.php | File | 25.74 KB | 0644 |
|
| fsscanner.lib.php | File | 4.2 KB | 0644 |
|
| globals.php | File | 8.46 KB | 0644 |
|
| hardening.lib.php | File | 10.94 KB | 0644 |
|
| hook.lib.php | File | 38.23 KB | 0644 |
|
| index.html | File | 38 B | 0644 |
|
| installer-skin-legacy.lib.php | File | 1.58 KB | 0644 |
|
| installer-skin.lib.php | File | 2.35 KB | 0644 |
|
| integrity.lib.php | File | 26.07 KB | 0644 |
|
| interface.lib.php | File | 13.03 KB | 0644 |
|
| lastlogins-failed.php | File | 14.32 KB | 0644 |
|
| lastlogins-loggedin.php | File | 7.76 KB | 0644 |
|
| lastlogins.php | File | 16.13 KB | 0644 |
|
| mail.lib.php | File | 9.48 KB | 0644 |
|
| option.lib.php | File | 23.25 KB | 0644 |
|
| pagehandler.php | File | 8.97 KB | 0644 |
|
| request.lib.php | File | 4.4 KB | 0644 |
|
| settings-alerts.php | File | 26.7 KB | 0644 |
|
| settings-apiservice.php | File | 5.53 KB | 0644 |
|
| settings-general.php | File | 27.19 KB | 0644 |
|
| settings-hardening.php | File | 32.42 KB | 0644 |
|
| settings-integrity.php | File | 5.37 KB | 0644 |
|
| settings-posthack.php | File | 21.51 KB | 0644 |
|
| settings-scanner.php | File | 9.69 KB | 0644 |
|
| settings-webinfo.php | File | 5.55 KB | 0644 |
|
| settings.php | File | 947 B | 0644 |
|
| sitecheck.lib.php | File | 19.21 KB | 0644 |
|
| strings.php | File | 45.61 KB | 0644 |
|
| template.lib.php | File | 17.88 KB | 0644 |
|
| wordpress-recommendations.lib.php | File | 10.9 KB | 0644 |
|