function sixscan_events_deactivation() { if (sixscan_common_is_account_active() == TRUE) { sixscan_communication_oracle_reg_deactivate(sixscan_common_get_site_id(), sixscan_common_get_api_token()); /* "Not active" , this will disallow scanner to work on this host */ sixscan_common_set_account_active(FALSE); } /* Revert the .htaccess to "pre-6scan" state */ sixscan_htaccess_uninstall(); }
function sixscan_communication_oracle_auth_dashboard_get($nonce, $redirect_link) { if (sixscan_common_get_dashboard_token() == FALSE || sixscan_common_get_site_id() == FALSE) { return FALSE; } $paypal_return_get = isset($_GET['thankyou']) ? 1 : 0; $fixnow_get = isset($_GET['fixnow']) ? 1 : 0; $token_for_dashboard = md5(SIXSCAN_COMM_ORACLE_AUTH_SALT . $nonce . sixscan_common_get_dashboard_token()); $dashboard_url = SIXSCAN_COMM_ORACLE_AUTH_DASHBOARD_URL . 'site_id=' . sixscan_common_get_site_id() . '&nonce=' . $nonce . '&token=' . $token_for_dashboard . '&redirect_to=' . $redirect_link . "&thankyou=" . $paypal_return_get . "&fixnow=" . $fixnow_get; return $dashboard_url; }
function sixscan_backup_comm_req_signature_from_server($req_type, $params, $date, $backup_id, $prev_etag = "") { $req_signature = array(); $api_token = sixscan_common_get_api_token(); $site_id = sixscan_common_get_site_id(); $url = SIXSCAN_BODYGUARD_6SCAN_BACKUP_MPU_SIG_URL . "?site_id=" . $site_id . "&api_token=" . $api_token . "&backup_id=" . $backup_id . "&req_type=" . $req_type . "&date=" . urlencode($date) . "&prev_etag=" . $prev_etag . "¶meters=" . urlencode($params); $result = sixscan_common_request_network($url, NULL); if (is_wp_error($result) == TRUE) { return NULL; } $result = json_decode(wp_remote_retrieve_body($result)); $req_signature['url'] = base64_decode(urldecode($result->url)); $req_signature['signature'] = $result->signature; return $req_signature; }
header("HTTP/1.1 500 Bad verification token"); } exit(0); } if (sixscan_common_is_account_active() != TRUE) { header("HTTP/1.1 500 6Scan not active"); exit(0); } $oracle_nonce = intval($_REQUEST['nonce']); $last_nonce = intval(get_option(SIXSCAN_OPTION_COMM_LAST_SIG_UPDATE_NONCE)); if ($last_nonce >= $oracle_nonce) { header("HTTP/1.1 500 Bad nonce request"); exit(0); } $api_token = sixscan_common_get_api_token(); $site_id = sixscan_common_get_site_id(); $expected_token = md5(SIXSCAN_SIGNATURE_SCHEDULER_SALT . $oracle_nonce . $api_token); $received_token = $_REQUEST['token']; if ($expected_token != $received_token) { header("HTTP/1.1 418 I'm a teapot"); //as defined in RFC2324: http://tools.ietf.org/html/rfc2324 exit(0); } $error_list = ""; /* From now on, all errors will be caught and shown */ sixscan_common_show_all_errors(); /* Mark this nonce as already used */ update_option(SIXSCAN_OPTION_COMM_LAST_SIG_UPDATE_NONCE, $oracle_nonce); /* Requested backup */ if (isset($_REQUEST[SIXSCAN_NOTICE_BCKP_REQUEST]) && $_REQUEST[SIXSCAN_NOTICE_BCKP_REQUEST] == '1') { require_once '../backup/backup_func.php';
function sixscan_common_is_regdata_present() { if (sixscan_common_get_site_id() == FALSE || sixscan_common_get_api_token() == FALSE || sixscan_common_get_verification_token() == FALSE || sixscan_common_get_dashboard_token() == FALSE) { return FALSE; } return TRUE; }
function sixscan_installation_uninstall() { try { /* Notify the server, to disable account */ sixscan_communication_oracle_reg_uninstall(sixscan_common_get_site_id(), sixscan_common_get_api_token()); /* Remove verification file, if exists */ sixscan_communication_oracle_reg_remove_verification_file(); /* Remove lines from htaccess */ sixscan_htaccess_uninstall(); /* Clear the database */ delete_option(SIXSCAN_OPTIONS_SETUP_ACCOUNT); delete_option(SIXSCAN_OPTION_MENU_IS_BLOG_VERIFIED); delete_option(SIXSCAN_OPTION_MENU_SITE_ID); delete_option(SIXSCAN_OPTION_MENU_API_TOKEN); delete_option(SIXSCAN_OPTION_MENU_VERIFICATION_TOKEN); delete_option(SIXSCAN_OPTION_MENU_DASHBOARD_TOKEN); delete_option(SIXSCAN_OPTION_MENU_IS_ACCOUNT_OPERATIONAL); delete_option(SIXSCAN_OPTION_COMM_ORACLE_NONCE); delete_option(SIXSCAN_OPTION_COMM_LAST_SIG_UPDATE_NONCE); delete_option(SIXSCAN_OPTION_VULNERABITILY_COUNT); delete_option(SIXSCAN_OPTION_LOGIN_SETTINGS); delete_option(SIXSCAN_LOGIN_LOGS); delete_option(SIXSCAN_OPTION_WPFS_CONFIG); delete_option(SIXSCAN_OPTION_WAF_REQUESTED); delete_option(SIXSCAN_OPTION_STAT_SUSPICIOUS_REQ_COUNT); delete_option(SIXSCAN_OPTION_STAT_OK_REQ_COUNT); delete_option(SIXSCAN_BACKUP_LAST_FS_NAME); delete_option(SIXSCAN_BACKUP_LAST_DB_NAME); delete_option(SIXSCAN_VULN_MESSAGE_DISMISSED); } catch (Exception $e) { die($e); } }
function sixscan_communication_oracle_reg_create_verification_file() { global $wp_filesystem; /* Create verification url */ $verification_file_name = ABSPATH . "/" . SIXSCAN_VERIFICATION_FILE_PREFIX . sixscan_common_get_verification_token() . ".gif"; $verificiation_data = SIXSCAN_VERIFICATION_DELIMITER . sixscan_common_get_site_id() . SIXSCAN_VERIFICATION_DELIMITER; if ($wp_filesystem->put_contents($verification_file_name, $verificiation_data) === FALSE) { return "Failed creating file " . $verification_file_name . " for verification purposes"; } if ($wp_filesystem->chmod($verification_file_name, 0755) === FALSE) { return "Failed setting 755 mode on verification file"; } return TRUE; }