aboutsummaryrefslogtreecommitdiffstats
path: root/src/process-request.php
blob: d0af0b50f7d3322be92a38abed0916d90f57cb87 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
<?php

// SPDX-FileCopyrightText: 2024 Eilertsens Kodeknekkeri
// SPDX-FileCopyrightText: 2024 Harald Eilertsen
//
// SPDX-License-Identifier: AGPL-3.0-or-later

use VolseNet\Webtrap\XmlRpcMethod;

function save_credentials(string $ts, string $addr, string $user, string $pass): void
{
    $file_name = dirname(__DIR__) . '/payloads/credentials.txt';
    $file = new SplFileObject($file_name, 'a');
    $file->fwrite("{$ts}|{$addr}|{$user}|{$pass}\n");
}

$data = [
    'SERVER_NAME' => $_SERVER['SERVER_NAME'],
    'REMOTE_ADDR' => $_SERVER['REMOTE_ADDR'],
    'REMOTE_PORT' => $_SERVER['REMOTE_PORT'],
    'REQUEST_METHOD' => $_SERVER['REQUEST_METHOD'],
    'REQUEST_URI' => $_SERVER['REQUEST_URI'],
    'QUERY_STRING' => $_SERVER['QUERY_STRING'],
    'REQUEST_TIME' => $_SERVER['REQUEST_TIME'],
    'REQUEST_HEADERS' => getallheaders(),
    'POST' => $_POST,
    'COOKIES' => $_COOKIE,
    'BODY' => file_get_contents('php://input'),
];

if (preg_match('/xmlrpc\.php/i', $data['REQUEST_URI']) && $data['REQUEST_METHOD'] === 'POST') {
    $method = XmlRpcMethod::parse($data['BODY']);
    if ($method->name === 'wp.getUsersBlogs') {
        save_credentials($data['REQUEST_TIME'], $data['REMOTE_ADDR'], $method->params[0], $method->params[1]);
        error_log("Trapped XML-RPC request: saved credentials");

        header("HTTP/1.1 404 Not Found");
        die();
    }
}

$file_name = dirname(__DIR__) . "/payloads/{$data['REQUEST_TIME']}-{$data['SERVER_NAME']}.json";
error_log("Trapped request, saving to {$file_name}");
file_put_contents($file_name, json_encode($data));

header("HTTP/1.1 404 Not Found");