.htaccess
11 years ago
index.php
2 years ago
session.php
2 years ago
trace.php
11 years ago
wp-login.php
2 years ago
wp-settings.php
2 years ago
index.php
25 lines
| 1 | <?php |
| 2 | /** |
| 3 | * GOTMLS Brute-Force protections |
| 4 | * @package GOTMLS |
| 5 | */ |
| 6 | |
| 7 | if (!(isset($GLOBALS["GOTMLS"]["detected_attacks"]) && $GLOBALS["GOTMLS"]["detected_attacks"])) { |
| 8 | $file = (isset($_SERVER["SCRIPT_FILENAME"]) ? $_SERVER["SCRIPT_FILENAME"] : __FILE__); |
| 9 | $GLOBALS["GOTMLS"]["detected_attacks"] = '&attack[]='.strtolower((isset($_SERVER["DOCUMENT_ROOT"]) && strlen($_SERVER["DOCUMENT_ROOT"]) < strlen($file)) ? substr($file, strlen($_SERVER["DOCUMENT_ROOT"])) : basename($file)); |
| 10 | } |
| 11 | |
| 12 | foreach (array("REMOTE_ADDR", "HTTP_HOST", "REQUEST_URI", "HTTP_REFERER", "HTTP_USER_AGENT") as $var) |
| 13 | $GLOBALS["GOTMLS"]["detected_attacks"] .= (isset($_SERVER[$var]) ? "&SERVER_$var=".urlencode($_SERVER[$var]) : ""); |
| 14 | |
| 15 | foreach (array("log", "session_id") as $var) |
| 16 | $GLOBALS["GOTMLS"]["detected_attacks"] .= (isset($_POST[$var]) ? "&POST_$var=".urlencode($_POST[$var]).(isset($_POST["sess".$_POST[$var]]) ? "&TIME=".time()."&POST_sess$var=".urlencode($_POST["sess".$_POST[$var]]) : "") : ""); |
| 17 | |
| 18 | if (is_file($file = str_replace(basename(dirname(__FILE__)), basename(__FILE__), dirname(__FILE__))) && ($contents = @file_get_contents($file)) && preg_match('/\nversion:\s*([0-9\.]+)/i', $contents, $match)) |
| 19 | $ver = $match[1]; |
| 20 | else |
| 21 | $ver = "Unknown"; |
| 22 | |
| 23 | header("location: https://safe-load.gotmls.net/report.php?ver=$ver".$GLOBALS["GOTMLS"]["detected_attacks"]); |
| 24 | die(); |
| 25 |