403WebShell

403Webshell
Server IP : 192.158.238.246 / Your IP : 18.117.121.244
Web Server : LiteSpeed
System : Linux uniform.iwebfusion.net 4.18.0-553.27.1.lve.1.el8.x86_64 #1 SMP Wed Nov 20 15:58:00 UTC 2024 x86_64
User : jenniferflocom ( 1321)
PHP Version : 8.1.32
Disable Function : NONE
MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : OFF | Pkexec : OFF
Directory : /opt/imunify360/venv/lib/python3.11/site-packages/imav/wordpress/__pycache__/
Upload File :
[ Back ]
Current File : /opt/imunify360/venv/lib/python3.11/site-packages/imav/wordpress/__pycache__/plugin.cpython-311.pyc
�

��h�I���dZddlZddlZddlZddlZddlZddlZddlZddlm	Z	ddl
mZddlZddl
mZddlmZddlmZmZddlmZmZdd	lmZmZdd
lmZmZmZddlm Z m!Z!m"Z"m#Z#m$Z$ej%e&��Z'ed��Z(d
efd�Z)de*de+fd�Z,dej-fd�Z.d&de/fd�Z0de1e*fd�Z2d
efd�Z3d�Z4d�Z5d�Z6de/efd�Z7d
ede8fd �Z9d!e1efd"�Z:de+d!e/e*fd#�Z;d$e*d!e/efd%�Z<dS)'u

This program is free software: you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License,
or (at your option) any later version.


This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 
See the GNU General Public License for more details.


You should have received a copy of the GNU General Public License
 along with this program.  If not, see <https://www.gnu.org/licenses/>.

Copyright © 2019 Cloud Linux Software Inc.

This software is also available under ImunifyAV commercial license,
see <https://www.imunify360.com/legal/eula>
�N)�defaultdict)�Path)�SqliteDatabase)�
inactivity)�MalwareScanSchedule�MalwareScanScheduleInterval)�atomic_rewrite�	check_run)�
WordpressSite�WPSite)�cli�PLUGIN_SLUG�	telemetry)�build_command_for_user�calculate_next_scan_timestamp�$clear_get_cagefs_enabled_users_cache�
get_last_scan�get_malware_historyzD/var/lib/cloudlinux-app-version-detector/components_versions.sqlite3�sitec�6�t|j��dzdzS)Nz
wp-contentzimunify-security)r�docroot�rs �J/opt/imunify360/venv/lib/python3.11/site-packages/imav/wordpress/plugin.py�get_data_dirr:s��������,�/A�A�A��username�uidc��K�t||���d{V��}|�dd��}d}tjtjkrt
��}t|��}t|��}tt��}|D]K}	|	ddkr=|D]:}
|	d�|
��r||
�|	��n�;�L|||fS)N�	scan_date�
resource_type�file)
r�getr�INTERVAL�Interval�NONEr�get_sites_for_userrr�list�
startswith�append)�sinkrr�	last_scan�last_scan_time�next_scan_time�all_users_sites�malware_history�malware_by_site�item�	site_paths           r�_get_scan_data_for_userr3>s����#�D�(�3�3�3�3�3�3�3�3�I��]�]�;��5�5�N��N��#�x�}�4�4�6�8�8��)��-�-�O�*�(�3�3�O�"�$�'�'�O������� �F�*�*�,�
�
�	���<�*�*�9�5�5��#�I�.�5�5�d�;�;�;��E����>�?�:�:r�	semaphorec���K�|4�d{V��	|�d{V��n4#t$r'}t�d|����Yd}~nd}~wwxYwddd���d{V��dS#1�d{V��swxYwYdS)NzTelemetry task failed: )�	Exception�logger�error)�coror4�es   r�_send_telemetry_taskr;\s+�����8�8�8�8�8�8�8�8�	8��J�J�J�J�J�J�J�J���	8�	8�	8��L�L�6�1�6�6�7�7�7�7�7�7�7�7�����	8����8�8�8�8�8�8�8�8�8�8�8�8�8�8�8�8�8�8�8�8�8�8�8�8����8�8�8�8�8�8s5�A��A�
A�A�A�A�A�
A'�*A'�
�
coroutinesc����K�tj|����fd�|D��}	tj|��d{V��dS#t$r(}t�d|����Yd}~dSd}~wwxYw)Nc�T��g|]$}tjt|�������%S�)�asyncio�create_taskr;)�.0r9r4s  �r�
<listcomp>z+process_telemetry_tasks.<locals>.<listcomp>fs?���
�
�
��	��0��y�A�A�B�B�
�
�
rzSome telemetry tasks failed: )rA�	Semaphore�gatherr6r7r8)r=�concurrency�tasksr:r4s    @r�process_telemetry_tasksrIds�������!�+�.�.�I�
�
�
�
��
�
�
�E�
:��n�e�$�$�$�$�$�$�$�$�$�$���:�:�:����8�Q�8�8�9�9�9�9�9�9�9�9�9�����:���s�=�
A/�A*�*A/�usersc
��(K�t�d��t��}g}tj�d��5	t
��t��td�tj	��D����z
}|sS	tj
d�|D�������t|���d{V��ddd��dStt��}|D]"}||j�|���#|���D�]�\}}	t%j|��j}	nP#t*$rC}
t-jd�t3|��||
���d�	��Yd}
~
�id}
~
wwxYw|	|vr�vt5||	|���d{V��\}}}
|D�]}	t7j|���d{V��}|s+t-jd
�|���d�	���K|||
�|jg��d�}t?||���d{V��t7j |���d{V��|�!|��|�tEj#|d
|�������#t*$r'}
t�$d||
��Yd}
~
��d}
~
wwxYw���t�dt3|����nf#tJj&$r+t�dt3|����Yn-t*$r!}
t�$d|
���d}
~
wwxYwtj
d�|D�������t|���d{V��nJ#tj
d�|D�������t|���d{V��wxYw	ddd��dS#1swxYwYdS)zLInstall the imunify-security plugin for all sites where it is not installed.z%Installing imunify-security wp pluginzwp-plugin-installationc3�VK�|]$}t|j|j|j��V��%dS�N�rr�domainr�rC�rs  r�	<genexpr>z$install_for_users.<locals>.<genexpr>|sH����;�;���q�y�!�(�A�E�2�2�;�;�;�;�;�;rc�:�g|]}|j|j|jdd���S)N)rOrr�manually_deleted_at)rOrr)rCrs  rrDz%install_for_users.<locals>.<listcomp>�sC������#'�+�#'�<�#�x�/3�	����rNz�Skipping installation of WordPress plugin on {count} site(s) because they belong to user {user} and it is not possible to retrieve username for this user. Reason: {reason})�count�user�reason�warning)�levelz:WordPress site is not accessible using WP CLI. site={site}r��lastScanTimestamp�nextScanTimestamp�malware�installed_by_imunify�r*�eventrz,Failed to install plugin to site=%s error=%sz0Installed imunify-security wp plugin on %d siteszXInstallation imunify-security wp plugin was cancelled. Plugin was installed for %d sitesz3Error occurred during plugin installation. error=%s)'r7�info�setr�track�taskr�_get_sites_without_pluginr�select�insert_many�executerIrr'rr)�items�pwd�getpwuid�pw_namer6�
sentry_sdk�capture_message�format�lenr3r
�is_wordpress_installedr"r�update_scan_data_file�plugin_install�addr�
send_eventr8rA�CancelledError)rJr*�	installed�telemetry_coros�
to_install�
sites_by_userrr�sitesrr8r,r-r0rq�	json_datas                r�install_for_usersr}qs�����
�K�K�7�8�8�8����I��O�	�	�	�	�7�	8�	8�t;�t;�s	;�0�2�2�2�2�4�4�s�;�;�&�-�/�/�;�;�;�8�8��J�
�
��|
�%���!*����

�

��g�i�i�i�)�/�:�:�:�:�:�:�:�:�:�it;�t;�t;�t;�t;�t;�t;�t;�(��-�-�M�"�
5�
5���d�h�'�.�.�t�4�4�4�4�,�1�1�3�3�D
�D
�
��U��"�|�C�0�0�8�H�H�� �����.�D�EK�F�"%�e�*�*�!$�#(�EK�E�E�
(�
�
�
�
��H�H�H�H����������5�(�(��2�$��#�F�F�F�F�F�F�F�F�	�"�"�#�"�)�)�D�(�#&�"<�T�"B�"B�B�B�B�B�B�B�/� 6�%�&�6�!4�4:�F��F�4E�4E�&/�����
%�2@�1?�'6�':�':�4�<��'L�'L�%�%�	�4�D�)�D�D�D�D�D�D�D�D�D�"�0��6�6�6�6�6�6�6�6�6�!�
�
�d�+�+�+�(�.�.�%�0�%)�&<�%)���������%�������J� �!�����������������I)�V
�K�K�B��I���
�
�
�
���%�	�	�	��K�K�.��I���
�
�
�
�
�
�	�	�	��L�L�E�u�
�
�
�
�����		����
�%���!*����

�

��g�i�i�i�)�/�:�:�:�:�:�:�:�:�:�:��
�%���!*����

�

��g�i�i�i�)�/�:�:�:�:�:�:�:�:�:�:����:�it;�t;�t;�t;�t;�t;�t;�t;�t;�t;�t;�t;����t;�t;�t;�t;�t;�t;s��P�A	L�AP�*AL�>E�L�
F%�"9F �L� F%�%(L�AJ$�L�BJ$�#L�$
K	�.K	�
L�K	�-L�N/�7M&�:N/�<	M&�M!�!M&�&N/�)AP�/AO6�6P�P�Pc��K�t|��}|���r'tjtj|���d{V��dSdSrM)r�existsrA�	to_thread�shutil�rmtree)r�data_dirs  r�delete_plugin_filesr��s\�����D�!�!�H������9����
�x�8�8�8�8�8�8�8�8�8�8�8�9�9rc	��K�t�d��g}d}tj�d��5	tj���t
j�	d����}|D]�}	tj|���d{V��t|���d{V��|tj
���t
j|jk�����z
}|�t#j|d|�������#t&$r&}t�d||��Yd}~��d}~wwxYwnf#t*j$r+t�d	t/|����Yn-t&$r!}t�d
|���d}~wwxYwt�d|��|dkrt1|���d{V��n<#t�d|��|dkrt1|���d{V��wwxYwddd��dS#1swxYwYdS)zHRemove the imunify-security plugin from all sites where it is installed.z#Deleting imunify-security wp pluginrzwp-plugin-removalTN�uninstalled_by_imunifyr_z"Failed to remove plugin from %s %szSDeleting imunify-security wp plugin was cancelled. Plugin was deleted from %d sitesz)Error occurred during plugin deleting. %sz0Removed imunify-security wp plugin from %s sites)r7rarrcrdrrf�whererT�is_nullr
�plugin_deactivater��deleterrhr)rrur6r8rArvrprI)r*rx�affected�	to_removerr8s      r�remove_all_installedr��s����
�K�K�5�6�6�6��O��H�	�	�	�	�2�	3�	3�0?�0?�/	?�%�,�.�.�4�4��1�9�9�$�?�?���I�"�
�
����/��5�5�5�5�5�5�5�5�5�-�d�3�3�3�3�3�3�3�3�3��%�,�.�.���}�4���D�E�E� �����H�$�*�*�!�,�!%�":�!%���������!�����L�L�<�d�E�����������������+
��4�%�	�	�	��K�K�)��I���
�
�
�
�
�
�	�	�	��L�L�D�e�L�L�L������	����
�K�K�B��
�
�
��!�|�|�-�o�>�>�>�>�>�>�>�>�>���

�K�K�B��
�
�
��!�|�|�-�o�>�>�>�>�>�>�>�>�>�>�����]0?�0?�0?�0?�0?�0?�0?�0?�0?�0?�0?�0?����0?�0?�0?�0?�0?�0?s��I�AE&�
B'D2�1E&�2
E"�<E�E&�E"�"E&�%H�&7G	�H�	G	�(G�G	�	H�7I�9H<�<I�I�Ic���K�t�d||��tj|����tj|jk�����dS)Nz:Mark site %s as manually deleted at %s (WP-Plugin removed))rT)r7rar�updater�rrh)r�nows  r�mark_site_as_manually_deletedr�.s\����
�K�K�D�d�C����	���5�5�5�	��}�$���4�	5�	5�	������rc��fK�g}	t��td�tj���tj�����D����z}|rXtj��}|D]B}t||���d{V��|�	tj|d|������Cn2#t$r%}t�d|��Yd}~nd}~wwxYw|rt|���d{V��dSdS#|rt|���d{V��wwxYw)Nc3�VK�|]$}t|j|j|j��V��%dSrMrNrPs  rrRz+tidy_up_manually_deleted.<locals>.<genexpr><sP����H
�H
��
�1�9�a�h���.�.�H
�H
�H
�H
�H
�H
r�removed_by_userr_z&Error occurred during site tidy up. %s)rerbrrfr�rTr��timer�r)rrur6r7r8rI)r*rx�to_mark_as_manually_removedr�rr8s      r�tidy_up_manually_deletedr�9s������O�;�&?�&A�&A�C�H
�H
�"�)�+�+�1�1��1�9�9�;�;���H
�H
�H
�E
�E
�'
�#�'�	��)�+�+�C�3�

�

��3�D�#�>�>�>�>�>�>�>�>�>� �&�&��(�!�/�!�����������F�F�F����=�u�E�E�E�E�E�E�E�E�����F�����	;�)�/�:�:�:�:�:�:�:�:�:�:�:�	;�	;��?�	;�)�/�:�:�:�:�:�:�:�:�:�:�	;���s0�CC	�D�	
C8�C3�.D�3C8�8D�D0r{c��fK�|sdStt��}|D]"}||j�|���#|���D]�\}}	tj|��j}n3#t$r&}t�
d||��Yd}~�Kd}~wwxYwt|||���d{V��\}}}	|D]k}	|||	�|j
g��d�}
t||
���d{V���9#t$r&}t�
d||��Yd}~�dd}~wwxYw��dS)Nz+Failed to get username for uid=%d. error=%srZz.Failed to update scan data on site=%s error=%s)rr'rr)rirjrkrlr6r7r8r3r"rrr)r*r{rzrrrr8r,r-r0r|s           r�update_data_on_sitesr�Xs��������� ��%�%�M��-�-���d�h��&�&�t�,�,�,�,�$�)�)�+�+�!�!�
��U�	��|�C�(�(�0�H�H���	�	�	��L�L�=���
�
�
�

�H�H�H�H�����
	����*�$��#�>�>�>�>�>�>�>�>�		
�����	�	�D�
�*8�)7�.�2�2�4�<��D�D���	�,�D�)�<�<�<�<�<�<�<�<�<�<���
�
�
����D���������������
����	�#!�!s0�A4�4
B$�>B�B$�5C=�=
D-�D(�(D-r|c��K�tj|j��}|j}t	|��}t
j�|��rtdt|�����|�
��s�t|jddt|��g��}t|���d{V��|�
��s#tdt|��|j���|�d��|dz}dtj|���dd	��zd
z}|�
��s|���t'||d|j|d�
��dS)Nz)Data directory %s is a symlink, skipping.�mkdirz-pz)Failed to create directory %s for user %si�z
scan_data.phpzB<?php
if ( ! defined( 'WPINC' ) ) {
	exit;
}
return json_decode( '�'z\'z
', true );F�)�backupr�gid�permissions)rjrkr�pw_gidr�os�path�islinkr6�strrrrlr
�chmod�json�dumps�replace�touchr	)rr|�	user_infor�r��command�scan_data_path�php_contents        rrrrr�s�������T�X�&�&�I�
�
�C��D�!�!�H�	�w�~�~�h���
��7��X���
�
�	
��?�?����(������H�
�
�
�
�
���� � � � � � � � � ���� � �	��;��H�
�
��!���
�	���u������/�N�	 �
�*�Y�
�
�
'�
'��U�
3�
3�	4��
	��� � �"�"�������������H���
�����r�returnc�b�t���s;t�dt	t����t��St
t���dtj	dd���d���}d�|�
��D��S)z�
    Get a set of wp sites where imunify-security plugin is not installed.

    The data is pulled from the app-version-detector database.
    �-App detector database '%s' couldn't be found.a�
            WITH latest_reports AS (
                SELECT id, uid, domain
                FROM report
                WHERE id IN (
                    SELECT MAX(id)
                    FROM report
                    WHERE domain IS NOT NULL
                    AND domain != ''
                    GROUP BY dir
                )
            )
            SELECT wp.real_path, lr.domain, lr.uid
            FROM apps AS wp
            INNER JOIN latest_reports AS lr
            ON wp.report_id = lr.id
            WHERE wp.title = 'wp_core'
            AND wp.parent_id IS NULL
            AND NOT EXISTS (
                SELECT 1
                FROM apps AS plugin
                WHERE plugin.parent_id = wp.id
                AND plugin.title = 'wp_plugin_�-�_z'
            )
        c
�p�h|]3}t|d|dt|d�������4S�r��)rrOr�r�int�rC�rows  r�	<setcomp>z,_get_sites_without_plugin.<locals>.<setcomp>��I������	�s�1�v�c�!�f�#�c�!�f�+�+�>�>�>���r)�COMPONENTS_DB_PATHrr7r8r�rbr�execute_sqlrr��fetchall)�cursors rrere�s����$�$�&�&�����;��"�#�#�	
�	
�	
��u�u��
�.�
/�
/�
;�
;�	�,0;�/B�3��/L�/L�-	�	�	���F�6���?�?�$�$����rc�<�t���s;t�dt	t����t��St
t���d|�d���}d�|���D��S)z�
    Get a set of paths to WordPress sites belonging to a particular user. Paths are sorted by their length to make sure
    that the main site is the last one in the list.

    The data is pulled from the app-version-detector database.
    r�z�
            WITH latest_reports AS (
                SELECT MAX(id) as id
                FROM report
                WHERE uid = a]
                GROUP BY dir
            )
            SELECT wp.real_path
            FROM apps AS wp
            INNER JOIN latest_reports AS lr
            ON wp.report_id = lr.id
            WHERE wp.title = 'wp_core'
            AND wp.parent_id IS NULL
            GROUP BY wp.real_path
            ORDER BY length(wp.real_path) DESC
        c��g|]
}|d��S)rr@r�s  rrDz&get_sites_for_user.<locals>.<listcomp>s��0�0�0�s�C��F�0�0�0r)	r�rr7r8r�r'rr�r�)rr�s  rr&r&�s����$�$�&�&�����;��"�#�#�	
�	
�	
��v�v�
�
�.�
/�
/�
;�
;�	�!�		�	�	���F�$1�0�f�o�o�/�/�0�0�0�0rr�c�p�t���s;t�dt	t����t��S|�d��s|dz
}tt���d|�d���}d�|�	��D��S)zn
    Get a set of wp sites by given path.

    The data is pulled from the app-version-detector database.
    r��*z/*ak
            WITH latest_reports AS (
                SELECT id, uid, domain
                FROM report
                WHERE id IN (
                    SELECT MAX(id)
                    FROM report
                    WHERE domain IS NOT NULL
                    AND domain != ''
                    GROUP BY dir
                )
            )
            SELECT wp.real_path, lr.domain, lr.uid
            FROM apps AS wp
            INNER JOIN latest_reports AS lr
            ON wp.report_id = lr.id
            WHERE wp.title = 'wp_core'
            AND wp.parent_id IS NULL
            AND wp.real_path GLOB 'z
'
        c
�p�g|]3}t|d|dt|d�������4Sr�r�r�s  rrDz%get_sites_by_path.<locals>.<listcomp>>r�r)
r�rr7r8r�r'�endswithrr�r�)r�r�s  r�get_sites_by_pathr�s����$�$�&�&�����;��"�#�#�	
�	
�	
��v�v�
��=�=���������
�.�
/�
/�
;�
;�	�$%)�%	�	�	���F�,���?�?�$�$����r)r<)=�__doc__rAr��loggingr�rjr�r��collectionsr�pathlibrrm�peeweer�defence360agent.apir� defence360agent.contracts.configrrr$�defence360agent.utilsr	r
�imav.model.wordpressrr�imav.wordpressr
rr�imav.wordpress.utilsrrrrr�	getLogger�__name__r7r�rr�r�r3rEr;r'rIrbr}r�r�r�r�r��dictrrrer&r�r@rr�<module>r�s3����*������������	�	�	�	�
�
�
�
�
�
�
�
�����#�#�#�#�#�#�����������!�!�!�!�!�!�*�*�*�*�*�*���������<�;�;�;�;�;�;�;�6�6�6�6�6�6�6�6�6�6�6�6�6�6�6�6�6�6���������������
��	�8�	$�	$���T�J����
B�v�B�B�B�B�;�#�;�C�;�;�;�;�<8��0A�8�8�8�8�
:�
:�d�
:�
:�
:�
:�{;�3�s�8�{;�{;�{;�{;�|9�F�9�9�9�9�6?�6?�6?�r���;�;�;�>+�D��L�+�+�+�+�\=�f�=��=�=�=�=�@+�3�v�;�+�+�+�+�\ 1�C� 1�D��I� 1� 1� 1� 1�F*�C�*�D��L�*�*�*�*�*�*r
Youez - 2016 - github.com/yon3zu
LinuXploit