function sixscan_events_deactivation() { if (sixscan_common_is_account_active() == TRUE) { sixscan_communication_oracle_reg_deactivate(sixscan_common_get_site_id(), sixscan_common_get_api_token()); /* "Not active" , this will disallow scanner to work on this host */ sixscan_common_set_account_active(FALSE); } /* Revert the .htaccess to "pre-6scan" state */ sixscan_htaccess_uninstall(); }
function sixscan_menu_create_dashboard_frame($redirect_request = "") { $user_height = '100%'; if ($redirect_request == "") { /* Default redirects per different plugin types */ if (SIXSCAN_PLATFORM_TYPE == 'wordpress') { $redirect_request = SIXSCAN_COMMON_DASHBOARD_URL_MAIN; } else { if (SIXSCAN_PLATFORM_TYPE == 'wordpress_backup') { $redirect_request = SIXSCAN_COMMON_DASHBOARD_URL_BACKUP; } } } /* If user has already submitted a ticket, show him a "Thank you" */ if (sixscan_menu_is_ticket_requested()) { sixscan_menu_submission_ok_msg(); return; } /* Do not show dashboard iframe, if account is not active */ if (sixscan_common_is_account_active() == FALSE) { return; } /* Widget has smaller iframe size */ if ($redirect_request == SIXSCAN_COMMON_DASHBOARD_URL_WIDGET) { $user_height = '550px'; } print "<iframe id='sixscan_dashboard_iframe' src=\"" . sixscan_communication_oracle_auth_get_link($redirect_request) . "\" width='100%' height='{$user_height}'>\n"; print "</iframe>\n"; ?> <script language='javascript'> var frame = document.getElementById('sixscan_dashboard_iframe'); frame.height = document.body.scrollHeight - 127; </script> <?php }
if ($backward_compat_active == 'SETUP_STAGE_RUNNING' || $backward_compat_active == 'SETUP_STAGE_INSTALLED') { /* Cleanup and activate for new version */ delete_option('sixscan_setupaccount'); sixscan_common_set_account_active(TRUE); } /* Verify process. Make sure that sites belongs to the user that registered it */ if (isset($_REQUEST[SIXSCAN_NOTICE_VERIFICATION_NAME]) && isset($_REQUEST[SIXSCAN_NOTICE_AUTH_NAME])) { $expected_auth_id = md5(sixscan_common_get_api_token() . sixscan_common_get_site_id()); if ($_REQUEST[SIXSCAN_NOTICE_VERIFICATION_NAME] == sixscan_common_get_site_id() && $_REQUEST[SIXSCAN_NOTICE_AUTH_NAME] == $expected_auth_id) { echo SIXSCAN_VERIFICATION_DELIMITER . sixscan_common_get_verification_token() . SIXSCAN_VERIFICATION_DELIMITER; } else { header("HTTP/1.1 500 Bad verification token"); } exit(0); } if (sixscan_common_is_account_active() != TRUE) { header("HTTP/1.1 500 6Scan not active"); exit(0); } $oracle_nonce = intval($_REQUEST['nonce']); $last_nonce = intval(get_option(SIXSCAN_OPTION_COMM_LAST_SIG_UPDATE_NONCE)); if ($last_nonce >= $oracle_nonce) { header("HTTP/1.1 500 Bad nonce request"); exit(0); } $api_token = sixscan_common_get_api_token(); $site_id = sixscan_common_get_site_id(); $expected_token = md5(SIXSCAN_SIGNATURE_SCHEDULER_SALT . $oracle_nonce . $api_token); $received_token = $_REQUEST['token']; if ($expected_token != $received_token) { header("HTTP/1.1 418 I'm a teapot");
require_once 'admin/includes/installation.php'; require_once 'admin/includes/events/deactivation.php'; require_once 'admin/includes/events/uninstall.php'; require_once 'modules/communication/oracle-reg.php'; require_once 'modules/communication/oracle-auth.php'; require_once 'modules/signatures/analyzer.php'; require_once 'modules/signatures/loginsec.php'; require_once 'modules/signatures/update.php'; require_once 'admin/includes/6scan-menu.php'; require_once 'modules/stat/analytics.php'; if (is_admin()) { /* We do not use the usual activation hook, since we want to show extended error message, if something went sideways */ register_deactivation_hook(__FILE__, 'sixscan_events_deactivation'); register_uninstall_hook(__FILE__, 'sixscan_events_uninstall'); /* This action installs the plugin */ if (sixscan_common_is_account_active() == FALSE) { add_action('admin_notices', 'sixscan_installation_manager'); } else { /* This action checks whether the plugin has registered, and if not - shows the "don't forget to register" notice to the user This is only shown, if the plugin is active */ add_action('admin_notices', 'sixscan_installation_account_setup_required_notice'); } /* 6Scan menu in Wordpress toolbar */ add_action('admin_menu', 'sixscan_menu_install'); /* Vulnerabilities found warning */ add_action('admin_notices', 'sixscan_menu_show_vulnerabilities_warning'); } /* Setting/clearing admin auth cookie */ add_action('init', 'sixscan_wordpress_admin_set_cookie_callback'); sixscan_signatures_analyzer_suspicious_request(); sixscan_signatures_loginsec_register();