aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHarald Eilertsen <haraldei@anduin.net>2024-07-06 12:12:02 +0200
committerHarald Eilertsen <haraldei@anduin.net>2024-07-06 12:14:43 +0200
commit0387da273779bd16bba74da4ac4384cbe78ca484 (patch)
tree9f817da2d978aca0b67d02151cbd29efb1edda30
parenta11f2ef1e01cfd26b8c8515c1f348e2cfb791d97 (diff)
downloadvolse-webtrap-0387da273779bd16bba74da4ac4384cbe78ca484.tar.gz
volse-webtrap-0387da273779bd16bba74da4ac4384cbe78ca484.tar.bz2
volse-webtrap-0387da273779bd16bba74da4ac4384cbe78ca484.zip
Also include originating IP address and timestamp in creds list.
-rw-r--r--src/process-request.php6
1 files changed, 3 insertions, 3 deletions
diff --git a/src/process-request.php b/src/process-request.php
index bbc1e4b..d0af0b5 100644
--- a/src/process-request.php
+++ b/src/process-request.php
@@ -7,11 +7,11 @@
use VolseNet\Webtrap\XmlRpcMethod;
-function save_credentials(string $user, string $pass): void
+function save_credentials(string $ts, string $addr, string $user, string $pass): void
{
$file_name = dirname(__DIR__) . '/payloads/credentials.txt';
$file = new SplFileObject($file_name, 'a');
- $file->fwrite("{$user}: {$pass}\n");
+ $file->fwrite("{$ts}|{$addr}|{$user}|{$pass}\n");
}
$data = [
@@ -31,7 +31,7 @@ $data = [
if (preg_match('/xmlrpc\.php/i', $data['REQUEST_URI']) && $data['REQUEST_METHOD'] === 'POST') {
$method = XmlRpcMethod::parse($data['BODY']);
if ($method->name === 'wp.getUsersBlogs') {
- save_credentials($method->params[0], $method->params[1]);
+ save_credentials($data['REQUEST_TIME'], $data['REMOTE_ADDR'], $method->params[0], $method->params[1]);
error_log("Trapped XML-RPC request: saved credentials");
header("HTTP/1.1 404 Not Found");