diff options
| author | Harald Eilertsen <haraldei@anduin.net> | 2024-07-06 11:59:47 +0200 |
|---|---|---|
| committer | Harald Eilertsen <haraldei@anduin.net> | 2024-07-06 11:59:47 +0200 |
| commit | a11f2ef1e01cfd26b8c8515c1f348e2cfb791d97 (patch) | |
| tree | d4ba43c0af8376caff06d2fc0000f7ac8d10b553 | |
| parent | 6d91832dd4234e28e9786ab958e8dec2ac19b97c (diff) | |
| download | volse-webtrap-a11f2ef1e01cfd26b8c8515c1f348e2cfb791d97.tar.gz volse-webtrap-a11f2ef1e01cfd26b8c8515c1f348e2cfb791d97.tar.bz2 volse-webtrap-a11f2ef1e01cfd26b8c8515c1f348e2cfb791d97.zip | |
Refactoring, make function to save credentials.
| -rw-r--r-- | src/process-request.php | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/src/process-request.php b/src/process-request.php index fd290ce..bbc1e4b 100644 --- a/src/process-request.php +++ b/src/process-request.php @@ -7,6 +7,13 @@ use VolseNet\Webtrap\XmlRpcMethod; +function save_credentials(string $user, string $pass): void +{ + $file_name = dirname(__DIR__) . '/payloads/credentials.txt'; + $file = new SplFileObject($file_name, 'a'); + $file->fwrite("{$user}: {$pass}\n"); +} + $data = [ 'SERVER_NAME' => $_SERVER['SERVER_NAME'], 'REMOTE_ADDR' => $_SERVER['REMOTE_ADDR'], @@ -24,10 +31,8 @@ $data = [ if (preg_match('/xmlrpc\.php/i', $data['REQUEST_URI']) && $data['REQUEST_METHOD'] === 'POST') { $method = XmlRpcMethod::parse($data['BODY']); if ($method->name === 'wp.getUsersBlogs') { - $file_name = dirname(__DIR__) . '/payloads/credentials.txt'; - $file = new SplFileObject($file_name, 'a'); - $file->fwrite("{$method->params[0]}: {$method->params[1]}\n"); - error_log("Trapped XML-RPC request, saving credentials to {$file_name}"); + save_credentials($method->params[0], $method->params[1]); + error_log("Trapped XML-RPC request: saved credentials"); header("HTTP/1.1 404 Not Found"); die(); |