PluginProbe ʕ •ᴥ•ʔ
Anti-Malware Security and Brute-Force Firewall / 4.23.56
Anti-Malware Security and Brute-Force Firewall v4.23.56
4.23.90 trunk 1.2.03.23 1.3.02.15 3.07.06 4.14.47 4.15.16 4.16.17 4.17.28 4.17.29 4.17.44 4.17.57 4.17.58 4.17.68 4.17.69 4.18.52 4.18.62 4.18.63 4.18.69 4.18.71 4.18.74 4.18.76 4.19.44 4.19.50 4.19.68 4.19.69 4.20.59 4.20.72 4.20.92 4.20.93 4.20.94 4.20.95 4.20.96 4.21.74 4.21.83 4.21.84 4.21.85 4.21.86 4.21.87 4.21.88 4.21.89 4.21.90 4.21.91 4.21.92 4.21.93 4.21.94 4.21.95 4.21.96 4.23.56 4.23.57 4.23.67 4.23.68 4.23.69 4.23.71 4.23.73 4.23.77 4.23.81 4.23.83 4.23.85 4.23.87 4.23.88 4.23.89
gotmls / safe-load / wp-login.php
gotmls / safe-load Last commit date
.htaccess 11 years ago index.php 2 years ago session.php 2 years ago trace.php 11 years ago wp-login.php 2 years ago wp-settings.php 2 years ago
wp-login.php
115 lines
1 <?php
2 /**
3 * GOTMLS wp-login protection
4 * @package GOTMLS
5 */
6
7 if (!defined("GOTMLS_LOGIN_PROTECTION"))
8 define("GOTMLS_LOGIN_PROTECTION", microtime(true));
9 if (!defined("GOTMLS_REQUEST_METHOD"))
10 define("GOTMLS_REQUEST_METHOD", (isset($_SERVER["REQUEST_METHOD"])?strtoupper($_SERVER["REQUEST_METHOD"]):"none"));
11 if (!(isset($GLOBALS["GOTMLS"]) && is_array($GLOBALS["GOTMLS"])))
12 $GLOBALS["GOTMLS"] = array();
13 if (!isset($GLOBALS["GOTMLS"]["detected_attacks"]))
14 $GLOBALS["GOTMLS"]["detected_attacks"] = '';
15 if (is_file(dirname(__FILE__)."/session.php")) {
16 include(dirname(__FILE__)."/session.php");
17 if (!function_exists("GOTMLS_update_log_file")) {
18 function GOTMLS_update_log_file($dont_force_write = true) {
19 if (!defined("GOTMLS_SESSION_FILE"))
20 define("GOTMLS_SESSION_FILE", dirname(__FILE__)."/_SESSION/index.php");
21 if (is_file(GOTMLS_SESSION_FILE))
22 include(GOTMLS_SESSION_FILE);
23 else {
24 if (!is_dir(dirname(GOTMLS_SESSION_FILE)))
25 @mkdir(dirname(GOTMLS_SESSION_FILE));
26 if (is_dir(dirname(GOTMLS_SESSION_FILE)))
27 if (!is_file(GOTMLS_SESSION_FILE))
28 if (file_put_contents(GOTMLS_SESSION_FILE, "<?php if (!defined('GOTMLS_INSTALL_TIME')) define('GOTMLS_INSTALL_TIME', '".GOTMLS_SESSION_TIME."');"))
29 include(GOTMLS_SESSION_FILE);
30 }
31 if (!defined("GOTMLS_INSTALL_TIME"))
32 return false;
33 else {
34 $GOTMLS_LOGIN_ARRAY = array("ADDR"=>(isset($_SERVER["REMOTE_ADDR"])?$_SERVER["REMOTE_ADDR"]:"REMOTE_ADDR"), "AGENT"=>(isset($_SERVER["HTTP_USER_AGENT"])?$_SERVER["HTTP_USER_AGENT"]:"HTTP_USER_AGENT"), "TIME"=>GOTMLS_INSTALL_TIME);
35 $GOTMLS_LOGIN_KEY = md5(serialize($GOTMLS_LOGIN_ARRAY));
36 if (!defined("GOTMLS_LOG_FILE"))
37 define("GOTMLS_LOG_FILE", dirname(GOTMLS_SESSION_FILE)."/GOTMLS.$GOTMLS_LOGIN_KEY.php");
38 if (is_file(GOTMLS_LOG_FILE))
39 include(GOTMLS_LOG_FILE);
40 if (GOTMLS_REQUEST_METHOD == "POST")
41 $GLOBALS["GOTMLS"]["logins"][$GOTMLS_LOGIN_KEY][GOTMLS_REQUEST_METHOD][GOTMLS_INSTALL_TIME] = $GOTMLS_LOGIN_ARRAY;
42 else
43 $GLOBALS["GOTMLS"]["logins"][$GOTMLS_LOGIN_KEY][GOTMLS_REQUEST_METHOD] = GOTMLS_INSTALL_TIME;
44 @file_put_contents(GOTMLS_LOG_FILE, '<?php $GLOBALS["GOTMLS"]["logins"]["'.$GOTMLS_LOGIN_KEY.'"]=unserialize(base64_decode("'.base64_encode(serialize($GLOBALS["GOTMLS"]["logins"][$GOTMLS_LOGIN_KEY])).'"));');
45 if (isset($GLOBALS["GOTMLS"]["logins"][$GOTMLS_LOGIN_KEY]) && is_array($GLOBALS["GOTMLS"]["logins"][$GOTMLS_LOGIN_KEY]))
46 return $GOTMLS_LOGIN_KEY;
47 else
48 return 0;
49 }
50 }
51 }
52 if (isset($_POST["GOTMLS_sess_id"]) && strlen($GOT_sess = preg_replace('/[^0-9\-,a-z]/i', "", $_POST["GOTMLS_sess_id"])))
53 GOTMLS_session_start("$GOT_sess");
54 else
55 GOTMLS_session_start();
56 if ((GOTMLS_REQUEST_METHOD == "POST") && isset($_POST["log"]) && isset($_POST["pwd"]) && !(isset($GOTMLS_LOGIN_KEY) && isset($GOTMLS_logins[$GOTMLS_LOGIN_KEY]["whitelist"]))) {
57 if (!(isset($_SESSION["GOTMLS_detected_attacks"]) && $_SESSION["GOTMLS_SESSION_LAST"]))
58 $GLOBALS["GOTMLS"]["detected_attacks"] = '&attack[]=NO_SESSION';
59 elseif (isset($_POST["GOTMLS_sess_id"]) && strlen($GOT_sess) && isset($_POST["GOTMLS_sess_$GOT_sess"]) && is_numeric($_POST["GOTMLS_sess_$GOT_sess"])) {
60 if (isset($_SESSION["GOTMLS_server_time"]["sess_$GOT_sess"]["JS_time"]) && isset($_SESSION["GOTMLS_server_time"]["sess_$GOT_sess"]["PHP_time"])) {
61 // $diff = ($_SESSION["GOTMLS_server_time"]["sess_$GOT_sess"]["PHP_time"] * 1000) - $_SESSION["GOTMLS_server_time"]["sess_$GOT_sess"]["JS_time"];
62 //echo "<li>$diff</li>\n";
63 $diff = substr(preg_replace('/[^1-9]/', "", md5($_SESSION["GOTMLS_server_time"]["sess_$GOT_sess"]["PHP_time"])).'111111111111', 0 , 12);
64 $JS_time = round(($_POST["GOTMLS_sess_$GOT_sess"] - $diff) / 60000);
65 $PHP_time = round((time() - $_SESSION["GOTMLS_server_time"]["sess_$GOT_sess"]["PHP_time"]) / 60);
66 if ((($PHP_time - $JS_time) > 2) || (($JS_time - $PHP_time) > 2))
67 $GLOBALS["GOTMLS"]["detected_attacks"] = '&attack[]=WRONG_JS';
68 //die("<li>$diff</li>\n<li>$JS_time</li>\n<li>$PHP_time</li>\n".json_encode(array($_POST["GOTMLS_sess_$GOT_sess"]."~".time()."<Li>"=>$_SESSION["GOTMLS_server_time"]["sess_$GOT_sess"])));
69 } else
70 $GLOBALS["GOTMLS"]["detected_attacks"] = '&attack[]=NO_JS';
71 }
72 if (!isset($_SERVER["REMOTE_ADDR"]))
73 $GLOBALS["GOTMLS"]["detected_attacks"] .= '&attack[]=NO_REMOTE_ADDR';
74 if (!isset($_SERVER["HTTP_USER_AGENT"]))
75 $GLOBALS["GOTMLS"]["detected_attacks"] .= '&attack[]=NO_HTTP_USER_AGENT';
76 if (!isset($_SERVER["HTTP_REFERER"]) && !(isset($_SERVER["HTTP_USER_AGENT"]) && substr($_SERVER["HTTP_USER_AGENT"], 0, 18) == "Mozilla/5.0 (iPad;"))
77 $GLOBALS["GOTMLS"]["detected_attacks"] .= '&attack[]=NO_HTTP_REFERER';
78 if (!(isset($GLOBALS["GOTMLS"]["detected_attacks"]) && $GLOBALS["GOTMLS"]["detected_attacks"])) {
79 if (isset($_SESSION["GOTMLS_login_attempts"]) && is_numeric($_SESSION["GOTMLS_login_attempts"]) && strlen($_SESSION["GOTMLS_login_attempts"]."") > 0)
80 $_SESSION["GOTMLS_login_attempts"]++;
81 else {
82 if ($GOTMLS_LOGIN_KEY = GOTMLS_update_log_file()) {
83 if (!(isset($GLOBALS["GOTMLS"]["logins"][$GOTMLS_LOGIN_KEY]["POST"]) && is_array($GLOBALS["GOTMLS"]["logins"][$GOTMLS_LOGIN_KEY]["POST"])))
84 $GLOBALS["GOTMLS"]["detected_attacks"] .= '&attack[]=NO_LOGIN_ATTEMPTS';
85 elseif (!isset($GLOBALS["GOTMLS"]["logins"][$GOTMLS_LOGIN_KEY]["GET"]))
86 $GLOBALS["GOTMLS"]["detected_attacks"] .= '&attack[]=NO_LOGIN_GETS';
87 else {
88 $_SESSION["GOTMLS_login_attempts"] = 0;
89 foreach ($GLOBALS["GOTMLS"]["logins"][$GOTMLS_LOGIN_KEY]["POST"] as $LOGIN_TIME=>$LOGIN_ARRAY) {
90 if ($LOGIN_TIME > $GLOBALS["GOTMLS"]["logins"][$GOTMLS_LOGIN_KEY]["GET"])
91 $_SESSION["GOTMLS_login_attempts"]++;
92 else
93 unset($GLOBALS["GOTMLS"]["logins"][$GOTMLS_LOGIN_KEY]["POST"][$LOGIN_TIME]);
94 }
95 }
96 } else
97 $GLOBALS["GOTMLS"]["detected_attacks"] .= '&attack[]=NO_LOG_FILE';
98 }
99 if (!(isset($_SESSION["GOTMLS_login_attempts"]) && is_numeric($_SESSION["GOTMLS_login_attempts"]) && ($_SESSION["GOTMLS_login_attempts"] < 6) && $_SESSION["GOTMLS_login_attempts"]))
100 $GLOBALS["GOTMLS"]["detected_attacks"] .= '&attack[]=TOO_MANY_login_attempts';
101 }
102 if (isset($GLOBALS["GOTMLS"]["detected_attacks"]) && $GLOBALS["GOTMLS"]["detected_attacks"])
103 require(dirname(__FILE__)."/index.php");
104 } else {
105 if (isset($_SERVER["SCRIPT_FILENAME"]) && basename(__FILE__) == basename($_SERVER["SCRIPT_FILENAME"]))
106 GOTMLS_update_log_file();
107 $_SESSION["GOTMLS_detected_attacks"] = '';
108 $_SESSION["GOTMLS_login_attempts"] = 0;
109 }
110 GOTMLS_session_close();
111 } else {
112 $GLOBALS["GOTMLS"]["detected_attacks"] .= '&attack[]=NO_session.php_FILE';
113 require(dirname(__FILE__)."/index.php");
114 }
115