2017-02-22 21:39:22 +01:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
class MainWP_Child_Vulnerability_Checker {
|
2018-09-27 19:52:32 +02:00
|
|
|
|
2017-02-22 21:39:22 +01:00
|
|
|
public static $instance = null;
|
2018-09-27 19:52:32 +02:00
|
|
|
|
2017-02-22 21:39:22 +01:00
|
|
|
static function Instance() {
|
|
|
|
|
if ( null === MainWP_Child_Vulnerability_Checker::$instance ) {
|
|
|
|
|
MainWP_Child_Vulnerability_Checker::$instance = new MainWP_Child_Vulnerability_Checker();
|
|
|
|
|
}
|
|
|
|
|
return MainWP_Child_Vulnerability_Checker::$instance;
|
|
|
|
|
}
|
|
|
|
|
|
2018-09-27 19:52:32 +02:00
|
|
|
public function __construct() {
|
|
|
|
|
|
2017-02-22 21:39:22 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function action() {
|
2017-07-11 14:10:22 +02:00
|
|
|
$information = array();
|
2017-02-22 21:39:22 +01:00
|
|
|
if ( isset( $_POST['mwp_action'] ) ) {
|
|
|
|
|
switch ( $_POST['mwp_action'] ) {
|
|
|
|
|
case 'vulner_recheck':
|
|
|
|
|
$information = $this->vulner_recheck();
|
2018-09-27 19:52:32 +02:00
|
|
|
break;
|
2017-02-22 21:39:22 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
MainWP_Helper::write( $information );
|
|
|
|
|
}
|
2018-09-27 19:52:32 +02:00
|
|
|
|
2017-02-22 21:39:22 +01:00
|
|
|
function vulner_recheck(){
|
|
|
|
|
$result = array();
|
|
|
|
|
$force = (isset($_POST['force']) && !empty($_POST['force'])) ? true : false;
|
2018-09-27 19:52:32 +02:00
|
|
|
$result['plugin'] = $this->check_plugins($force);
|
2017-02-22 21:39:22 +01:00
|
|
|
$result['wp'] = $this->check_wp($force);
|
|
|
|
|
$result['theme'] = $this->check_themes($force);
|
2018-09-27 19:52:32 +02:00
|
|
|
$information = array( 'result' => $result, 'ok' => 1);
|
2017-02-22 21:39:22 +01:00
|
|
|
return $information;
|
2018-09-27 19:52:32 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function check_plugins($force = false){
|
2017-02-22 21:39:22 +01:00
|
|
|
$result = array();
|
2018-09-27 19:52:32 +02:00
|
|
|
$active_plugins = get_option('active_plugins');
|
|
|
|
|
|
|
|
|
|
if( !empty($active_plugins) ){
|
2017-02-22 21:39:22 +01:00
|
|
|
foreach($active_plugins as $plug){
|
2018-09-27 19:52:32 +02:00
|
|
|
|
2017-02-22 21:39:22 +01:00
|
|
|
$plugin_file = WP_CONTENT_DIR . '/plugins/' . $plug;
|
2018-09-27 19:52:32 +02:00
|
|
|
$plugin_info = get_plugin_data($plugin_file);
|
|
|
|
|
$plugin_version = isset($plugin_info['Version']) ? $plugin_info['Version'] : '';
|
|
|
|
|
$string = explode('/',$plug);
|
2017-02-22 21:39:22 +01:00
|
|
|
$plug_vuln = get_transient('mainwp_vulnche_trans_plug_'.$string[0]);
|
|
|
|
|
if(false === $plug_vuln || $force) {
|
|
|
|
|
$plug_vuln = $this->vulnche_get_content('https://wpvulndb.com/api/v2/plugins/' . $string[0]);
|
|
|
|
|
set_transient('mainwp_vulnche_trans_plug_'.$string[0],$plug_vuln, 1 * DAY_IN_SECONDS);
|
|
|
|
|
}
|
|
|
|
|
if ($plug_vuln) {
|
2018-09-27 19:52:32 +02:00
|
|
|
$plug_vuln = json_decode($plug_vuln, true);
|
2017-02-22 21:39:22 +01:00
|
|
|
$plug_vuln_filter = $plug_vuln;
|
|
|
|
|
|
|
|
|
|
foreach ($plug_vuln as $slug => $pl_data) {
|
2018-09-27 19:52:32 +02:00
|
|
|
if (isset($pl_data['vulnerabilities']) && count($pl_data['vulnerabilities']) > 0) {
|
2017-02-22 21:39:22 +01:00
|
|
|
$plug_vulner_data = array();
|
|
|
|
|
foreach($pl_data['vulnerabilities'] as $vuln_data) {
|
|
|
|
|
if ( isset($vuln_data['fixed_in']) && version_compare( $plugin_version, $vuln_data['fixed_in'] ) >= 0 ) {
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
$plug_vulner_data[] = $vuln_data;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if(count($plug_vulner_data) == 0) {
|
|
|
|
|
unset($plug_vuln_filter[$slug]);
|
|
|
|
|
} else {
|
|
|
|
|
$plug_vuln_filter[$slug]['vulnerabilities'] = $plug_vulner_data;
|
2017-05-11 21:07:42 +02:00
|
|
|
$plug_vuln_filter[$slug]['detected_version'] = $plugin_version;
|
|
|
|
|
$plug_vuln_filter[$slug]['plugin_slug'] = $plug;
|
2017-02-22 21:39:22 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
unset($plug_vuln_filter[$slug]);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (count($plug_vuln_filter) == 0) {
|
|
|
|
|
continue;
|
2018-09-27 19:52:32 +02:00
|
|
|
}
|
|
|
|
|
$plug_vuln = json_encode($plug_vuln_filter);
|
|
|
|
|
|
2017-02-22 21:39:22 +01:00
|
|
|
} else {
|
|
|
|
|
continue;
|
2018-09-27 19:52:32 +02:00
|
|
|
}
|
|
|
|
|
$result[$plug] = $plug_vuln;
|
2017-02-22 21:39:22 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return $result;
|
|
|
|
|
}
|
2018-09-27 19:52:32 +02:00
|
|
|
|
|
|
|
|
function check_wp($force = false){
|
2017-02-22 21:39:22 +01:00
|
|
|
$wp_vuln = get_transient('mainwp_vulnche_trans_wp_json');
|
2018-09-27 19:52:32 +02:00
|
|
|
$wp_version = str_replace('.', '', get_bloginfo('version'));
|
|
|
|
|
if(false === $wp_vuln || $force) {
|
2017-02-22 21:39:22 +01:00
|
|
|
$wp_vuln = $this->vulnche_get_content('https://wpvulndb.com/api/v2/wordpresses/' . $wp_version);
|
|
|
|
|
set_transient('mainwp_vulnche_trans_wp_json', $wp_vuln, 1 * DAY_IN_SECONDS);
|
2018-09-27 19:52:32 +02:00
|
|
|
}
|
2017-02-22 21:39:22 +01:00
|
|
|
return $wp_vuln;
|
|
|
|
|
}
|
2018-09-27 19:52:32 +02:00
|
|
|
|
2017-02-22 21:39:22 +01:00
|
|
|
function check_themes($force = false){
|
2018-09-27 19:52:32 +02:00
|
|
|
|
2017-02-22 21:39:22 +01:00
|
|
|
require_once( ABSPATH . 'wp-admin/includes/misc.php' );
|
|
|
|
|
require_once( ABSPATH . 'wp-admin/includes/theme.php' );
|
2018-09-27 19:52:32 +02:00
|
|
|
|
2017-02-22 21:39:22 +01:00
|
|
|
if ( current_user_can( 'switch_themes' ) ) {
|
|
|
|
|
$themes = wp_prepare_themes_for_js();
|
|
|
|
|
} else {
|
|
|
|
|
$themes = wp_prepare_themes_for_js( array( wp_get_theme() ) );
|
2018-09-27 19:52:32 +02:00
|
|
|
}
|
|
|
|
|
wp_reset_vars( array( 'theme', 'search' ) );
|
|
|
|
|
$result = array();
|
|
|
|
|
if(!empty($themes)){
|
2017-02-22 21:39:22 +01:00
|
|
|
foreach($themes as $th){
|
|
|
|
|
if(empty($th['parent'])) {
|
|
|
|
|
$th_vuln = get_transient('mainwp_vulnche_trans_theme_' . $th['id']);
|
|
|
|
|
if (false === $th_vuln || $force) {
|
|
|
|
|
$th_vuln = $this->vulnche_get_content('https://wpvulndb.com/api/v2/themes/' . $th['id']);
|
|
|
|
|
set_transient('mainwp_vulnche_trans_theme_' . $th['id'], $th_vuln, 1 * DAY_IN_SECONDS);
|
|
|
|
|
}
|
2018-09-27 19:52:32 +02:00
|
|
|
|
2017-02-22 21:39:22 +01:00
|
|
|
if ($th_vuln) {
|
|
|
|
|
$th_vuln = json_decode($th_vuln, true);
|
2018-09-27 19:52:32 +02:00
|
|
|
$th_vuln_filter = $th_vuln;
|
2017-02-22 21:39:22 +01:00
|
|
|
foreach ($th_vuln as $slug => $th_data) {
|
|
|
|
|
if (isset($th_data['vulnerabilities']) && count($th_data['vulnerabilities']) > 0) {
|
2018-09-27 19:52:32 +02:00
|
|
|
|
2017-02-22 21:39:22 +01:00
|
|
|
$th_vulner_data = array();
|
|
|
|
|
foreach($th_data['vulnerabilities'] as $vuln_data) {
|
|
|
|
|
if (empty($vuln_data))
|
|
|
|
|
continue;
|
2018-09-27 19:52:32 +02:00
|
|
|
|
2017-02-22 21:39:22 +01:00
|
|
|
if ( isset($vuln_data['fixed_in']) && version_compare( $th['version'], $vuln_data['fixed_in'] ) >= 0 ) {
|
|
|
|
|
continue;
|
|
|
|
|
}
|
2018-09-27 19:52:32 +02:00
|
|
|
|
2017-02-22 21:39:22 +01:00
|
|
|
$th_vulner_data[] = $vuln_data;
|
|
|
|
|
}
|
2018-09-27 19:52:32 +02:00
|
|
|
|
2017-02-22 21:39:22 +01:00
|
|
|
if(count($th_vulner_data) == 0) {
|
|
|
|
|
unset($th_vuln_filter[$slug]);
|
|
|
|
|
} else {
|
|
|
|
|
$th_vuln_filter[$slug]['vulnerabilities'] = $th_vulner_data;
|
2018-09-27 19:52:32 +02:00
|
|
|
}
|
2017-02-22 21:39:22 +01:00
|
|
|
} else {
|
|
|
|
|
unset($th_vuln_filter[$slug]);
|
2018-09-27 19:52:32 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-02-22 21:39:22 +01:00
|
|
|
if (count($th_vuln_filter) == 0) {
|
|
|
|
|
continue;
|
2018-09-27 19:52:32 +02:00
|
|
|
}
|
|
|
|
|
|
2017-02-22 21:39:22 +01:00
|
|
|
$th_vuln = json_encode($th_vuln_filter);
|
|
|
|
|
} else {
|
|
|
|
|
continue;
|
|
|
|
|
}
|
2018-09-27 19:52:32 +02:00
|
|
|
|
2017-02-22 21:39:22 +01:00
|
|
|
$result[$th['id']]['vulner_data'] = $th_vuln;
|
|
|
|
|
$result[$th['id']]['name'] = $th['name'];
|
2018-09-27 19:52:32 +02:00
|
|
|
$result[$th['id']]['author'] = $th['author'];
|
2017-05-11 21:07:42 +02:00
|
|
|
$result[$th['id']]['detected_version'] = $th['version'];
|
2017-02-22 21:39:22 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return $result;
|
|
|
|
|
}
|
|
|
|
|
|
2018-09-27 19:52:32 +02:00
|
|
|
|
2017-02-22 21:39:22 +01:00
|
|
|
function vulnche_get_content ($url) {
|
2018-09-27 19:52:32 +02:00
|
|
|
|
2017-02-22 21:39:22 +01:00
|
|
|
$ch = curl_init();
|
2018-09-27 19:52:32 +02:00
|
|
|
|
2017-02-22 21:39:22 +01:00
|
|
|
curl_setopt($ch, CURLOPT_URL, $url);
|
|
|
|
|
curl_setopt($ch, CURLOPT_HEADER, 0);
|
|
|
|
|
curl_setopt($ch, CURLOPT_USERAGENT, $this->get_random_user_agent());
|
|
|
|
|
curl_setopt($ch, CURLOPT_RETURNTRANSFER,true);
|
2018-09-27 19:52:32 +02:00
|
|
|
|
2017-02-22 21:39:22 +01:00
|
|
|
$output = curl_exec($ch);
|
|
|
|
|
$info = curl_getinfo($ch, CURLINFO_HTTP_CODE);
|
2018-09-27 19:52:32 +02:00
|
|
|
|
2017-02-22 21:39:22 +01:00
|
|
|
curl_close($ch);
|
|
|
|
|
if ($output === false || $info != 200) {
|
|
|
|
|
$output = null;
|
|
|
|
|
}
|
|
|
|
|
return $output;
|
|
|
|
|
}
|
2018-09-27 19:52:32 +02:00
|
|
|
|
|
|
|
|
|
2017-02-22 21:39:22 +01:00
|
|
|
function get_random_user_agent ( ) {
|
2018-09-27 19:52:32 +02:00
|
|
|
|
2017-02-22 21:39:22 +01:00
|
|
|
$someUA = array (
|
|
|
|
|
"Mozilla/5.0 (Windows; U; Windows NT 6.0; fr; rv:1.9.1b1) Gecko/20081007 Firefox/3.1b1",
|
|
|
|
|
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.0",
|
|
|
|
|
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/525.19 (KHTML, like Gecko) Chrome/0.4.154.18 Safari/525.19",
|
|
|
|
|
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/525.13 (KHTML, like Gecko) Chrome/0.2.149.27 Safari/525.13",
|
|
|
|
|
"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)",
|
|
|
|
|
"Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.40607)",
|
|
|
|
|
"Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1; .NET CLR 1.1.4322)",
|
|
|
|
|
"Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1; .NET CLR 1.0.3705; Media Center PC 3.1; Alexa Toolbar; .NET CLR 1.1.4322; .NET CLR 2.0.50727)",
|
|
|
|
|
"Mozilla/45.0 (compatible; MSIE 6.0; Windows NT 5.1)",
|
|
|
|
|
"Mozilla/4.08 (compatible; MSIE 6.0; Windows NT 5.1)",
|
|
|
|
|
"Mozilla/4.01 (compatible; MSIE 6.0; Windows NT 5.1)"
|
|
|
|
|
);
|
2018-09-27 19:52:32 +02:00
|
|
|
|
2017-02-22 21:39:22 +01:00
|
|
|
srand((double)microtime()*1000000);
|
2018-09-27 19:52:32 +02:00
|
|
|
|
2017-02-22 21:39:22 +01:00
|
|
|
return $someUA[rand(0,count($someUA)-1)];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
