.htaccess
11 years ago
index.php
10 years ago
session.php
11 years ago
trace.php
11 years ago
wp-login.php
10 years ago
wp-settings.php
8 years ago
index.php
21 lines
| 1 | <?php |
| 2 | /** |
| 3 | * GOTMLS Brute-Force protections |
| 4 | * @package GOTMLS |
| 5 | */ |
| 6 | |
| 7 | if (!(isset($GLOBALS["GOTMLS"]["detected_attacks"]) && $GLOBALS["GOTMLS"]["detected_attacks"])) { |
| 8 | $file = (isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:__FILE__); |
| 9 | $GLOBALS["GOTMLS"]["detected_attacks"] = '&attack[]='.strtolower((isset($_SERVER["DOCUMENT_ROOT"]) && strlen($_SERVER["DOCUMENT_ROOT"]) < strlen($file))?substr($file, strlen($_SERVER["DOCUMENT_ROOT"])):basename($file)); |
| 10 | } |
| 11 | foreach (array("REMOTE_ADDR", "HTTP_HOST", "REQUEST_URI", "HTTP_REFERER", "HTTP_USER_AGENT") as $var) |
| 12 | $GLOBALS["GOTMLS"]["detected_attacks"] .= (isset($_SERVER[$var])?"&SERVER_$var=".urlencode($_SERVER[$var]):""); |
| 13 | foreach (array("log", "session_id") as $var) |
| 14 | $GLOBALS["GOTMLS"]["detected_attacks"] .= (isset($_POST[$var])?"&POST_$var=".urlencode($_POST[$var]).(isset($_POST["sess".$_POST[$var]])?"&TIME=".time()."&POST_sess$var=".urlencode($_POST["sess".$_POST[$var]]):""):""); |
| 15 | $ver = "Unknown"; |
| 16 | if ($file = str_replace(basename(dirname(__FILE__)), basename(__FILE__), dirname(__FILE__))) |
| 17 | if (is_file($file) && $contents = @file_get_contents($file)) |
| 18 | if (preg_match('/\nversion:\s*([0-9\.]+)/i', $contents, $match)) |
| 19 | $ver = $match[1]; |
| 20 | header("location: http://safe-load.gotmls.net/report.php?ver=$ver".$GLOBALS["GOTMLS"]["detected_attacks"]); |
| 21 | die(); |