Changeset 3160150

Timestamp:

10/01/2024 01:33:34 AM (17 months ago)

Author:

wordpressdr

Message:

Add vulnerability checker.
Bug fix.

Location:

wpinfecscanlite/trunk

Files:

• readme.txt (modified) (3 diffs)
• scannerdata/getscanprocess_inc.php (modified) (1 diff)
• scannerdata/getscanprocess_inc2.php (modified) (1 diff)
• tab_morefuture.php (modified) (4 diffs)
• wpinfecscanlite.php (modified) (7 diffs)

wpinfecscanlite/trunk/readme.txt

@@ -1 @@
-=== WPDoctor Malware Scanner Lite ===
+=== WPDoctor Malware Scanner & Vulnerability Checker Lite ===
 Contributors: wordpressdr
-Tags: malware, virus, check, detection, scanning
+Tags: malware, vulnerability, check, detection, scanning
 Requires at least: 4.6
 Tested up to: 6.6
-Stable tag: 1.0.4
+Stable tag: 1.1
 License: GPLv2 or later
 License URI: http://www.gnu.org/licenses/gpl-2.0.html
 Requires PHP: 5.6
 
-This plug-in can exhaustively scan program files on the site to detect malware.
+This plug-in can exhaustively scan program files on the site to detect malware and vulnerability.
 
 == Description ==
+**Try it out on your free dummy site: Click here => [https://tastewp.org/plugins/wpinfecscanlite/](https://tastewp.org/plugins/wpinfecscanlite/)**
 
 * This plugin is a simple malware inspection plugin developed by a leading company in Japan that is engaged in malware removal and security-related business for WordPress sites.
@@ -19 +20 @@
 * Malware scans can be set to run automatically, with email notifications when malware is detected.
 * False positives can be whitelisted to prevent detection again.
+* Vulnerability checker will check if there are valunability in your site's plugin and wordpress. This function checks most used valunability for hacking that has over CVSS 9.0 point. Detects approximately 500 vulnerabilities created by the NIST vulnerability database.
 * This plugin is free and does not require any registration to use the above features! Simply install and press the Malware Scanning button for easy and powerful detection of malware!
 
@@ -51 +53 @@
 
 == Changelog ==
+
+= 1.1 =
+
+Add vulnerability checker.
+Bug fix.
 
 = 1.0.4 =

wpinfecscanlite/trunk/scannerdata/getscanprocess_inc.php

@@ -57 +57 @@
             if($row->infectedflag==1){
                 
-                $dbinfecdata=$dbinfecdata."<tr id='detect_".esc_html($row->id)."' class='class_".esc_html($row->filehash)."'><td><span class='dashicons dashicons-portfolio' style='font-size: 20px;color:#ababab;'></span><td>".esc_html($row->filepath)."<b>".esc_html($row->filename)."</b></td><td><div class='mfound'><img src='".esc_html($purl)."images/".esc_html(__('patternmatched.png','wpinfecscanlite'))."'>". esc_html(__("This data contains malicious code patterns.",'wpinfecscanlite'))."</div><small>*" . $infeccount ." ". esc_html(__("Pattern matched",'wpinfecscanlite'))."</small></td><td><a class='ceditbt' href='javascript:void(0);' onClick='showcode(\"".esc_html($row->filepath)."\",\"".esc_html($row->filename)."\",\"".esc_html($row->matchline)."\",\"detect_".esc_html($row->id)."\")'><span class='dashicons dashicons-text-page'></span><br>".esc_html(__("Display",'wpinfecscanlite'))."</a>
+                $dbinfecdata=$dbinfecdata."<tr id='detect_".esc_html($row->id)."' class='class_".esc_html($row->filehash)."'><td><span class='dashicons dashicons-portfolio' style='font-size: 20px;color:#ababab;'></span><td>".esc_html($row->filepath)."<b>".esc_html($row->filename)."</b></td><td><div class='mfound'><img src='".esc_html($purl)."images/".esc_html(__('patternmatched.png','wpinfecscanlite'))."'>". esc_html(__("This data contains malicious code patterns.",'wpinfecscanlite'))."</div><small>*" . $infeccount ." ". esc_html(__("Pattern matched",'wpinfecscanlite'))."</small></td><td><a class='ceditbt' href='javascript:void(0);' onClick='showcode(\"".esc_html($row->filepath)."\",\"".esc_html($row->filename)."\",\"".esc_html($row->matchline)."\",\"detect_".esc_html($row->id)."\")'><span class='dashicons dashicons-format-aside'></span><br>".esc_html(__("Display",'wpinfecscanlite'))."</a>
                 </td><td><button class='autorestorebt' href='javascript:void(0);' onClick='whitelistfile(\"".esc_html($row->filepath)."\",\"".esc_html($row->filename)."\",\"".esc_html($row->filehash)."\")'><span class='dashicons dashicons-admin-post'></span><br>".esc_html(__("Add to whitelist",'wpinfecscanlite'))."</button></td></tr>"; ////edited2
                 

wpinfecscanlite/trunk/scannerdata/getscanprocess_inc2.php

@@ -40 +40 @@
             <div class='mfound'><img src='".esc_html($purl)."images/".esc_html(__('patternmatched.png','wpinfecscanlite'))."'>
             ". esc_html(__("This data contains malicious code patterns.",'wpinfecscanlite'))."</div><small>*" . esc_html($infeccount) ." ". esc_html(__("Pattern matched",'wpinfecscanlite'))."</small></td>
-            <td><a class='ceditbt' href='javascript:void(0);' onClick='showcode(\"".esc_html($row->filepath)."\",\"".esc_html($row->filename)."\",\"".esc_html(implode(",",$infeclines))."\",\"detect_".$row->id."\")'><span class='dashicons dashicons-text-page'></span><br>".esc_html(__("Display",'wpinfecscanlite'))."</a>
+            <td><a class='ceditbt' href='javascript:void(0);' onClick='showcode(\"".esc_html($row->filepath)."\",\"".esc_html($row->filename)."\",\"".esc_html(implode(",",$infeclines))."\",\"detect_".$row->id."\")'><span class='dashicons dashicons-format-aside'></span><br>".esc_html(__("Display",'wpinfecscanlite'))."</a>
             </td><td><button class='autorestorebt' href='javascript:void(0);' onClick='whitelistfile(\"".esc_html($row->filepath)."\",\"".esc_html($row->filename)."\",\"".esc_html($row->filehash)."\")'><span class='dashicons dashicons-admin-post'></span><br>".esc_html(__("Add to whitelist",'wpinfecscanlite'))."</button></td>
             </tr>";////edited2

wpinfecscanlite/trunk/tab_morefuture.php

@@ -35 +35 @@
             <p><?php esc_html_e("*The video is an English version. The actual plug-in is available in multiple languages including English, Japanese, French, German, Italian, Spanish, and Dutch.","wpinfecscanlite");?></p>
             <h3 style="font-size:22px">
-               <?php esc_html_e("From detection of 1,000 patterns to detection of more than 16,000 patterns of malware that are constantly updated","wpinfecscanlite");?>
+               <?php esc_html_e("From detection of 1,000 patterns to detection of more than 18,000 patterns of malware that are constantly updated","wpinfecscanlite");?>
             </h3>
           </div>
@@ -47 +47 @@
           </div>
           <div class="col-md-5">
-            <p><?php esc_html_e("The WP-Doctor Malware Scanner Lite is limited to scanning by approximately 1,000 malware detection patterns, which are the most frequently detected patterns. The Pro version has 16,000 registered malware detection patterns and is always automatically updated with the latest detection patterns to detect and remove more malware.","wpinfecscanlite");?> </p>
+            <p><?php esc_html_e("The WP-Doctor Malware Scanner Lite is limited to scanning by approximately 1,000 malware detection patterns, which are the most frequently detected patterns. The Pro version has 18,000 registered malware detection patterns and is always automatically updated with the latest detection patterns to detect and remove more malware.","wpinfecscanlite");?> </p>
           </div>
       </div>
@@ -92 +92 @@
           <div class="col-lg-12">
             <h3 style="font-size:22px">
-               <?php esc_html_e("1,600 vulnerability checks","wpinfecscanlite");?>
+               <?php esc_html_e("more than 1,600 vulnerability checks","wpinfecscanlite");?>
             </h3>
           </div>
@@ -157 +157 @@
           <div class="col-md-7">
             <div class="vcontainer">
-              <iframe class="yvideo" src="https://www.youtube.com/embed/j7zxQfcd-H8?si=wyNh4fZt-kIZx783" title="YouTube video player" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen></iframe> /div>
+              <iframe class="yvideo" src="https://www.youtube.com/embed/j7zxQfcd-H8?si=wyNh4fZt-kIZx783" title="YouTube video player" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen></iframe> 
             </div>
           </div>

wpinfecscanlite/trunk/wpinfecscanlite.php

@@ -1 +1 @@
 <?php
 /**
-Plugin Name: WPDoctor Malware Scanner Lite
+Plugin Name: WPDoctor Malware Scanner & Vulnerability Checker Lite
 Plugin URI: https://wordpress.org/plugins/wpinfecscanlite/
-description: Based on the most frequently detected malware detection patterns, this plug-in can exhaustively scan program files on the site to detect malware.
-Version: 1.0.4
+description: Based on the most frequently detected malware detection patterns, this plug-in can exhaustively scan program files on the site to detect malware and vulnerability.
+Version: 1.1
 Text Domain: wpinfecscanlite
 Domain Path: /languages
@@ -77 +77 @@
     delete_option( 'wpinfectlitescanner_hidealert_info' );
     
+    delete_option( 'wpinfectlitescanner_valncheck');
+    delete_option( 'wpinfectlitescanner_valnchecktime');
+    
 } 
 register_deactivation_hook (__FILE__, 'wpinfectlitescannercron_deactivate');
@@ -112 +115 @@
 add_action( 'wp_ajax_wpinfectlitescanner_realtimerun', 'wpinfectlitescanner_realtimerun' );
 
+function wpinfectlitescanner_valncheck(){
+    
+    if ( ! current_user_can( 'manage_options' ) ) {
+        die();
+    }
+    
+    if ( ! check_ajax_referer('wpinfecscanlite', 'nonce', false)) {
+        die();
+    }
+    
+    $chackdata=sanitize_text_field($_POST['chackdata']);
+
+    if(empty($chackdata)){
+        die();
+    }
+    
+    $checkdata = json_decode(hex2bin(str_rot13($chackdata)),false);
+    
+    $vulnerabilitiestxt = file_get_contents(__DIR__ . "/scannerdata/vulnerabilities.json");
+    $vulnerabilities = json_decode($vulnerabilitiestxt);
+    
+    
+    if($checkdata && count($vulnerabilities)>10){
+        
+        $resultdata=array();
+        
+        foreach($checkdata as $onedata){
+            if(count($onedata)!=4){
+                continue;
+            }
+            
+            $dataname = trim($onedata[0]);
+            $type= trim($onedata[1]);
+            $versiondata = trim($onedata[2]);
+            
+            $foundvaln = false;
+            $cve = "";
+            
+            foreach($vulnerabilities as $vulnerabilitie){
+                if($vulnerabilitie->productdataname == $dataname){
+                    $valnversion = explode("\n",$vulnerabilitie->versioninfo);
+                    for($i=0;$i<count($valnversion);$i++){
+                        $ptn = trim($valnversion[$i]);
+                        if (strlen($ptn)>1){
+                            $ptnar = explode(" ",$ptn);
+                            if(strpos($ptn,'&') === false){
+                                $hikaku = "";
+                                $versionhikaku = "";
+                                for($ii=0;$ii<count($ptnar);$ii++){
+                                    if(strpos(trim($ptnar[$ii]),'>') !== false || strpos(trim($ptnar[$ii]),'<') !== false || strpos(trim($ptnar[$ii]),'=') !== false){
+                                        $hikaku=trim($ptnar[$ii]);
+                                    }
+                                    if (preg_match("/[0-9]/", trim($ptnar[$ii]))) {
+                                        $versionhikaku=trim($ptnar[$ii]);
+                                    }
+                                }
+                                if($hikaku=="="){
+                                    $hikaku="==";
+                                }
+                                if($hikaku!="" && $versionhikaku!=""){
+                                   
+                                    $versionresult = version_compare($versiondata,$versionhikaku,$hikaku);
+                                    
+                                    if($versionresult){
+                                        $cve.=$vulnerabilitie->cveid.",";
+                                        $foundvaln=true;
+                                    }
+                                }
+                            }else{
+                                $ptnar=explode("&",$ptn);
+                                $ptnar1 = explode(" ",$ptnar[0]);
+                                $ptnar2 = explode(" ",$ptnar[1]);
+                                $hikaku1 = "";
+                                $versionhikaku1 = "";
+                                $hikaku2 = "";
+                                $versionhikaku2 = "";
+                                for($ii=0;$ii<count($ptnar1);$ii++){
+                                    if(strpos(trim($ptnar1[$ii]),'>') !== false || strpos(trim($ptnar1[$ii]),'<') !== false || strpos(trim($ptnar1[$ii]),'=') !== false){
+                                        $hikaku1=trim($ptnar1[$ii]);
+                                    }
+                                    if (preg_match("/[0-9]/", trim($ptnar1[$ii]))) {
+                                        $versionhikaku1=trim($ptnar1[$ii]);
+                                    }
+                                }
+                                for($ii=0;$ii<count($ptnar2);$ii++){
+                                    if(strpos(trim($ptnar2[$ii]),'>') !== false || strpos(trim($ptnar2[$ii]),'<') !== false || strpos(trim($ptnar2[$ii]),'=') !== false){
+                                        $hikaku2=trim($ptnar2[$ii]);
+                                    }
+                                    if (preg_match("/[0-9]/", trim($ptnar2[$ii]))) {
+                                        $versionhikaku2=trim($ptnar2[$ii]);
+                                    }
+                                }
+                                if($hikaku1=="="){
+                                    $hikaku1="==";
+                                }
+                                if($hikaku2=="="){
+                                    $hikaku2="==";
+                                }
+                                if($hikaku1!="" && $versionhikaku1!="" && $hikaku2!="" && $versionhikaku2!=""){
+                                    $versionresult = version_compare($versiondata,$versionhikaku1,$hikaku1);
+                                    
+                                    $versionresult2 = version_compare($versiondata,$versionhikaku2,$hikaku2);
+                                    
+                                    if($versionresult || $versionresult2){
+                                        $cve.=$vulnerabilitie->cveid.",";
+                                        $foundvaln=true;
+                                    }
+                                }
+                            }
+                        }
+                    }
+                }
+            }
+            
+            if($foundvaln){
+                $resultdata[]=array($onedata[0],$onedata[1],$onedata[2],$cve,$onedata[3]);
+            }else{
+                $resultdata[]=array($onedata[0],$onedata[1],$onedata[2],"0",$onedata[3]);
+            }
+                
+            
+        }
+        
+        if(is_array($resultdata)){
+            update_option( 'wpinfectlitescanner_valncheck',json_encode($resultdata));
+            update_option( 'wpinfectlitescanner_valnchecktime',date_i18n ("Y/m/d H:i:s"));
+        }
+        
+        echo json_encode($resultdata);
+    }
+    
+    die();
+}
+add_action( 'wp_ajax_wpinfectlitescanner_valncheck', 'wpinfectlitescanner_valncheck' );
+
 include_once('scannerdata/getscanprocess_inc.php');
 
@@ -134 +272 @@
         die();
     }
-
 
     global $wpdb;
@@ -575 +712 @@
                 <p class="lead"></p>
                 
-                <p><small style="font-size:12px">Version 1.0.4</small></p>
+                <p><small style="font-size:12px">Version 1.1</small></p>
                     
                     <p class="lead">
@@ -592 +729 @@
             <li class="nav-item"><a href="#ContentA" data-bs-toggle="tab" class="nav-link active"><?php esc_html_e('Malware scan','wpinfecscanlite'); ?></a></li>
             <li class="nav-item"><a href="#ContentD" data-bs-toggle="tab" class="nav-link"><?php esc_html_e('Whitelist','wpinfecscanlite'); ?></a></li>
+            <li class="nav-item"><a href="#ContentE" data-bs-toggle="tab" class="nav-link"><?php esc_html_e('Vulnerability check','wpinfecscanlite'); ?></a></li>
             <li class="nav-item"><a href="#ContentB" id="ContentBtab" data-bs-toggle="tab" class="nav-link"><?php esc_html_e('Setting','wpinfecscanlite'); ?></a></li>
             <li class="nav-item"><a href="#ContentC" data-bs-toggle="tab" class="nav-link"><?php esc_html_e('Detect more recent malware','wpinfecscanlite'); ?></a></li>
@@ -600 +738 @@
                 <?php require_once('tab_malwrescan.php'); ?>
                 <?php require_once('tab_whitelist.php'); ?>
+                <?php require_once('tab_valn.php'); ?>
                 <?php require_once('tab_setting.php'); ?>
                 <?php require_once('tab_morefuture.php');?>