[Plugin: Secure WordPress] Code injection Scanner

  • Resolved danka

    (@danka)


    13 years, 5 months ago

    Would be cool if you make a scanner to check for code injection in all code files [php, js, css] and database, I mean code injection like this ones, but not limited to:
    eval(gzinflate(base64_decode(‘Code’)))
    eval(gzinflate(str_rot13(base64_decode(‘Code’))))
    eval(gzinflate(base64_decode(str_rot13(‘Code’))))
    eval(gzinflate(base64_decode(base64_decode(str_rot13(‘Code’)))))
    eval(gzuncompress(base64_decode(‘Code’)))
    eval(gzuncompress(str_rot13(base64_decode(‘Code’))))
    eval(gzuncompress(base64_decode(str_rot13(‘Code’))))
    eval(base64_decode(‘Code’))
    eval(str_rot13(gzinflate(base64_decode(‘Code’))))
    eval(gzinflate(base64_decode(strrev(str_rot13(‘Code’)))))
    eval(gzinflate(base64_decode(strrev(‘Code’))))
    eval(gzinflate(base64_decode(str_rot13(‘Code’))))
    eval(gzinflate(base64_decode(str_rot13(strrev(‘Code’)))))

    There are also some injections that some guys do in Free themes ans some free plugins… for example, they try to include a URL in many places as possible, including external image links to get who is using their theme/plugin verifying by link reference, this could be solved hiding the referer in external links, or just removing the link. I think this feature is desired to avoid being target.

    Thanks.

    http://wordpress.org/extend/plugins/secure-wordpress/

Viewing 2 replies - 1 through 2 (of 2 total)
  • Frank Bueltge

    (@bueltge)

    13 years, 5 months ago

    yes, this plugin use bas64_decode for view very fast images via base64 string and not a http-request. The scanner scna only for the function, not what to do the function.

    Thread Starter danka

    (@danka)

    13 years, 5 months ago

    Sorry, I think I was not clear enough…

    I was referring to people that offer Themes and plugins for free, and some times they hide codes using some of the techniques I told in my first post… and such hided code could represent a problem… for example, say that the hided code inject things on DB or in other files or do something worst… so, the propose is to add a scanner in this plugin to check for encoded hided codes in the Themes and plugins and maybe in all other WP files…

    If someone cant understand yet what I am saying… take a look on the plugin TAC… this plugin is limited only to scan Themes, and it dont check for all types of code injection…

    Thanks.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘[Plugin: Secure WordPress] Code injection Scanner’ is closed to new replies.