/** * Start Exploit Scanner scan. * * ## OPTIONS * * [--show-suspicious-styles] * : Search for suspicious styles - (display:none and visibility:hidden can be used to hide spam, but may cause many false positives) * * [--file-size=<size-in-kb>] * : Upper file size limit in KB - (files larger than this are skipped and will be listed at the end of scan) * * [--files-per-block=<no-of-files>] * : Number of files per batch - (to help reduce memory limit errors the scan processes a series of file batches) * * [--report_all_unknown_files] * : Reports also unkown files outside of wp-includes, wp-admin and wp root directory * * [--export-csv=<file-name>] * : It will export result to specified csv file * * ## EXAMPLES * * wp exploit-scanner scan * * @synopsis */ function scan($args, $assoc_args) { $default = array('show-suspicious-styles' => true, 'file-size' => 400, 'files-per-block' => 250, 'report_all_unknown_files' => false, 'export-csv' => false); $assoc_args = wp_parse_args($assoc_args, $default); if (!is_numeric($assoc_args['file-size'])) { WP_CLI::error("--file-size : Upper file size limit should be numeric"); return; } if (!is_numeric($assoc_args['files-per-block'])) { WP_CLI::error("--files-per-block : Number of files per batch should be numeric"); return; } $fes_args = array('start' => 0, 'fsl' => intval($assoc_args['file-size']), 'max' => intval($assoc_args['files-per-block']), 'report_all_unknown_files' => $assoc_args['report_all_unknown_files'], 'display_pattern' => $assoc_args['show-suspicious-styles']); WP_CLI::warning("Star File Scanning..."); $scan_flag = true; $scanner = new File_Exploit_Scanner(ABSPATH, $fes_args); // Fix for save transient error delete_transient('exploitscanner_results_trans'); delete_transient('exploitscanner_files'); $file_progress = new \cli\progress\Bar('Progress', 1000); $file_progress->tick(); while ($scan_flag) { $result = $scanner->run(); if (is_wp_error($result)) { $file_progress->finish(); WP_CLI::error('Files list not properly saved as a transient'); $scan_flag = false; } else { if ($result) { $scan_flag = false; $file_progress->finish(); WP_CLI::success('All files scanned'); } else { $file_progress->tick($scanner->max_batch_size); $scanner->start = $scanner->start + $scanner->max_batch_size; } } } WP_CLI::warning("Star Database Scanning..."); $db_scanner = new DB_Exploit_Scanner(); $db_scanner->run(); WP_CLI::success('Database scanned'); $this->result($args, $assoc_args); }
function exploitscanner_ajax_db_scan() { check_ajax_referer('exploit-scanner_scan'); $scanner = new DB_Exploit_Scanner(); $scanner->run(); echo 'Done'; exit; }