diff options
author | Harald Eilertsen <haraldei@anduin.net> | 2024-07-06 12:12:02 +0200 |
---|---|---|
committer | Harald Eilertsen <haraldei@anduin.net> | 2024-07-06 12:14:43 +0200 |
commit | 0387da273779bd16bba74da4ac4384cbe78ca484 (patch) | |
tree | 9f817da2d978aca0b67d02151cbd29efb1edda30 | |
parent | a11f2ef1e01cfd26b8c8515c1f348e2cfb791d97 (diff) | |
download | volse-webtrap-0387da273779bd16bba74da4ac4384cbe78ca484.tar.gz volse-webtrap-0387da273779bd16bba74da4ac4384cbe78ca484.tar.bz2 volse-webtrap-0387da273779bd16bba74da4ac4384cbe78ca484.zip |
Also include originating IP address and timestamp in creds list.
-rw-r--r-- | src/process-request.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/process-request.php b/src/process-request.php index bbc1e4b..d0af0b5 100644 --- a/src/process-request.php +++ b/src/process-request.php @@ -7,11 +7,11 @@ use VolseNet\Webtrap\XmlRpcMethod; -function save_credentials(string $user, string $pass): void +function save_credentials(string $ts, string $addr, string $user, string $pass): void { $file_name = dirname(__DIR__) . '/payloads/credentials.txt'; $file = new SplFileObject($file_name, 'a'); - $file->fwrite("{$user}: {$pass}\n"); + $file->fwrite("{$ts}|{$addr}|{$user}|{$pass}\n"); } $data = [ @@ -31,7 +31,7 @@ $data = [ if (preg_match('/xmlrpc\.php/i', $data['REQUEST_URI']) && $data['REQUEST_METHOD'] === 'POST') { $method = XmlRpcMethod::parse($data['BODY']); if ($method->name === 'wp.getUsersBlogs') { - save_credentials($method->params[0], $method->params[1]); + save_credentials($data['REQUEST_TIME'], $data['REMOTE_ADDR'], $method->params[0], $method->params[1]); error_log("Trapped XML-RPC request: saved credentials"); header("HTTP/1.1 404 Not Found"); |