Location: PHPKode > scripts > Malware Finder > malware-finder/mwfinder.php
<?php


/*
Plugin Name: Malware Finder
Plugin URI: http://http://www.sillysaver.com
Description: Malware is a huge challenge in managing a Wordpress blog, not to mention that it can take hours to find where malicious code is hiding. The "Malware Finder" Plugin enables you to look inside all your Wordpress files at once to find the culprit. Say "good-bye" to hours of searching with no results!

Version: 1.1
Author: Rob Myrick

Author URI: http://www.studio88design.com

License: A "Slug" license name e.g. GPL2
*/




/*  Copyright 2012 Rob Myrick

    

This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License, version 2, as 
    published by the Free Software Foundation.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program; if not, write to the Free Software
    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
*/

 



if (!class_exists("MalwareFinder")) {
	class MalwareFinder {
		var $adminOptionsName = "MalwareFinderAdminOptions";

		function DevloungePluginSeries() { //constructor
			
		}



		function init() {
			$this->getAdminOptions();
		}
		//Returns an array of admin options
		function getAdminOptions() {
			$MalwareFinderAdminOptions = array('show_header' => 'true',
				'add_content' => 'true', 
				'comment_author' => 'true', 
				'content' => '');
			$devOptions = get_option($this->adminOptionsName);
			if (!empty($devOptions)) {
				foreach ($devOptions as $key => $option)
					$MalwareFinderAdminOptions[$key] = $option;
			}				
			update_option($this->adminOptionsName, $MalwareFinderAdminOptions);
			return $MalwareFinderAdminOptions;
		}
		
		function addHeaderCode() {
			$devOptions = $this->getAdminOptions();
			if ($devOptions['show_header'] == "false") { return; }
			?>


			<?php
		
		}
		function addContent($content = '') {
			$devOptions = $this->getAdminOptions();
			if ($devOptions['add_content'] == "true") {
				$content .= $devOptions['content'];
			}
			return $content;
		}
		function authorUpperCase($author = '') {
			$devOptions = $this->getAdminOptions();
			if ($devOptions['comment_author'] == "true") {
				$author = strtoupper($author);
			}
			return $author;
		}
		//Prints out the admin page
		function printAdminPage() {
					$devOptions = $this->getAdminOptions();
										
					if (isset($_POST['update_MalwareFinderSettings'])) { 
						if (isset($_POST['MalwareFinderHeader'])) {
							$devOptions['show_header'] = $_POST['devloungeHeader'];
						}	
						if (isset($_POST['MalwareFinderAddContent'])) {
							$devOptions['add_content'] = $_POST['devloungeAddContent'];
						}	
						if (isset($_POST['MalwareFinderAuthor'])) {
							$devOptions['comment_author'] = $_POST['devloungeAuthor'];
						}	
						if (isset($_POST['MalwareFinderContent'])) {
							$devOptions['content'] = apply_filters('content_save_pre', $_POST['MalwareFinderContent']);
						}
						update_option($this->adminOptionsName, $devOptions);



?>
	

<div class="updated"><p><strong><?php _e("Settings Updated.", "MalwareFinder");?></strong></p></div>

<?php } 


function destpath() 
{ 
    $base = dirname(__FILE__); 
    $path = false; 
 
    if (@file_exists(dirname(dirname($base))."/wp-config.php")) 
    { 
        $path = dirname(dirname($base))."/process.php"; 
    } 
    else 
    if (@file_exists(dirname(dirname(dirname($base)))."/wp-config.php")) 
    { 
        $path = dirname(dirname(dirname($base)))."/process.php"; 
    } 
    else 
    $path = false; 
 
    if ($path != false) 
    { 
        $path = str_replace("\\", "/", $path); 
    } 
    return $path; 
} 


function pluginpath() 
{ 
    $base = dirname(__FILE__); 
    $path = false; 
 
    if (@file_exists(dirname(dirname($base))."/wp-content/plugins/malware-finder/process.php")) 
    { 
        $path = dirname(dirname($base))."/wp-content/plugins/malware-finder/process.php"; 
    } 
    else 
    if (@file_exists(dirname(dirname(dirname($base)))."/wp-content/plugins/malware-finder/process.php")) 
    { 
        $path = dirname(dirname(dirname($base)))."/wp-content/plugins/malware-finder/process.php"; 
    } 
    else 
    $path = false; 
 
    if ($path != false) 
    { 
        $path = str_replace("\\", "/", $path); 
    } 
    return $path; 
} 

copy(pluginpath(), destpath()); 


?>


<div class="wrap">

<!--Begin Instructions-->


<form method="post" target="iframe" action="<?php echo home_url()."/process.php";?>">
   <h2>Malware Finder</h2>

<p>Thank you for downloading <em>Malware Finder</em>. &nbsp;This plugin will save you hours of time by locating malicious code that's hidden in your Wordpress installation. &nbsp;Most likely you have access to at least one file (i.e. your homepage) that has been infected with malicious code. &nbsp;Just paste a small piece of that code below and the plugin will search through your entire Wordpress installation, providing the EXACT locations of the infected files! &nbsp;Please note that you WILL NOT be able to use this plugin if you are UNABLE to access your Wordpress Dashboard.</p>

<h3>Step 1: Locate AT LEAST ONE file that contains the malicious code (in most cases, this could be found right on your homepage). View the source code of that file, then copy/paste a SMALL PIECE OF THE MALICIOUS CODE below (15 characters or less recommended).</h3>
      <input type="text" name="query" style="width:40%; height:30px"/><br/>
      <input type="submit" value="Submit"/>
</form>

<div style="height:200px; padding-bottom:100px">


<!--Begin Search Results Box-->
<h3>Step 2: Click "Submit" to view your search results below:</h3>
   <div style="width:40%; height:200px; border:0px solid lightgray">
      <html>
         <head></head>
            <body>
               <div style="border:1px solid lightgray; height:200px">
                  <iframe name="iframe" src="<?php echo home_url()."/process.php";?>" width="467" height="200"></iframe>
               </div>
<br>

<h3>Step 3: Locate the files found and delete the malicious code!</h3>

</div>

            </body>
      </html>
   

 </div>
					<?php
				}//End function printAdminPage()
	
	}

} //End Class DevloungePluginSeries

if (class_exists("MalwareFinder")) {
	$dl_pluginSeries = new MalwareFinder();
}

//Initialize the admin panel
if (!function_exists("MalwareFinder_ap")) {
	function MalwareFinder_ap() {
		global $dl_pluginSeries;
		if (!isset($dl_pluginSeries)) {
			return;
		}
		if (function_exists('add_options_page')) {
	add_options_page('Malware Finder', 'Malware Finder', 9, basename(__FILE__), array(&$dl_pluginSeries, 'printAdminPage'));
		}
	}	
}

//Actions and Filters	
if (isset($dl_pluginSeries)) {
	//Actions
	add_action('admin_menu', 'MalwareFinder_ap');
	add_action('wp_head', array(&$dl_pluginSeries, 'addHeaderCode'), 1);
	add_action('activate_devlounge-plugin-series/devlounge-plugin-series.php',  array(&$dl_pluginSeries, 'init'));
	//Filters
	add_filter('the_content', array(&$dl_pluginSeries, 'addContent'),1); 
	add_filter('get_comment_author', array(&$dl_pluginSeries, 'authorUpperCase'));
}

?>
Return current item: Malware Finder