Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[SITE-1500] remove probable exploits #160

Closed
wants to merge 4 commits into from
Closed

[SITE-1500] remove probable exploits #160

wants to merge 4 commits into from

Conversation

jazzsequence
Copy link
Contributor

@jazzsequence jazzsequence commented Jul 19, 2024
edited
Loading

This PR removes the exploited.php class (which runs the "Probable exploits" tests) and the associated behat tests for that check. It also removes documentation about the check in the CHECKS.md file.

@jazzsequence
Copy link
Contributor Author

Before

wp launchcheck all:

--------------------------------------------------------------------------------
CONFIG: (Checking for a properly-configured wp-config)
--------------------------------------------------------------------------------
Result: <ul class="check-list">
	<li class="severity-ok"><p class="result">WP_CACHE not found or is set to false.</p></li>
	<li class="severity-ok"><p class="result">Verified that $_SERVER['SERVER_NAME'] isn't being used to define WP_HOME or WP_SITE_URL.</p></li>
	<li class="severity-ok"><p class="result">DB_NAME, DB_USER, DB_PASSWORD, DB_HOST are set to their expected $_ENV values.</p></li>
</ul>

Recommendation: No action required


--------------------------------------------------------------------------------
PHP SESSIONS: (Sessions only work when sessions plugin is enabled)
--------------------------------------------------------------------------------
Result: No files referencing sessions found.
Recommendation: You should install the Native PHP Sessions plugin - https://wordpress.org/plugins/wp-native-php-sessions/


--------------------------------------------------------------------------------
RISKY PHP FUNCTIONS: (PHP files running eval or base64_decode on user input can be insecure.)
--------------------------------------------------------------------------------
Result: Found 4 files that reference risky function.
	->
<table class='table table-condensed'>
	<thead>
			<tr>
															<th>File</th>
											<th>Line</th>
											<th>Match</th>
												</tr>
	</thead>
	<tbody>
							<tr class="warning">
											<td>plugins/object-cache-pro/src/Connections/PhpRedisClusterConnection.php</td>
											<td>142</td>
											<td>eval(string $script, array $args = [], int $keys =</td>
									</tr>
							<tr class="warning">
											<td>plugins/object-cache-pro/src/Connections/PhpRedisClusterConnection.php</td>
											<td>142</td>
											<td>eval</td>
									</tr>
							<tr class="warning">
											<td>plugins/object-cache-pro/src/ObjectCaches/PhpRedisObjectCache.php</td>
											<td>1021</td>
											<td>eval($script, array_merge($patterns, [$command]), </td>
									</tr>
							<tr class="warning">
											<td>plugins/object-cache-pro/src/ObjectCaches/PhpRedisObjectCache.php</td>
											<td>1021</td>
											<td>eval</td>
									</tr>
				</tbody>
</table>
Recommendation: You do not need to deactivate these files, but please scrutinize them in the event of a security issue.


--------------------------------------------------------------------------------
PROBABLE EXPLOITS: (Looking for exploited files.)
--------------------------------------------------------------------------------
Result: No exploits found.
Recommendation: No exploits found.


--------------------------------------------------------------------------------
CONFIG: (Checking for a properly-configured wp-config)
--------------------------------------------------------------------------------
Result:
Recommendation: No action required


--------------------------------------------------------------------------------
PLUGINS: (Looking for plugin info ( active and inactive ))
--------------------------------------------------------------------------------
Result:
Found 2 plugins needing updates ...


<table class='table table-condensed'>
	<thead>
			<tr>
															<th>Plugin</th>
											<th>Current</th>
											<th>Available</th>
											<th>Needs Update</th>
												</tr>
	</thead>
	<tbody>
							<tr class="warning">
											<td>akismet</td>
											<td>3.1.5</td>
											<td>5.3.3</td>
											<td>1</td>
									</tr>
							<tr class="warning">
											<td>hello.php</td>
											<td>1.6</td>
											<td>1.7.2</td>
											<td>1</td>
									</tr>
							<tr class="ok">
											<td>object-cache-pro</td>
											<td>1.20.2</td>
											<td>-</td>
											<td>0</td>
									</tr>
				</tbody>
</table>
Recommendation: You should update all out-of-date plugins


--------------------------------------------------------------------------------
THEMES: (Looking for theme info ( active and inactive ))
--------------------------------------------------------------------------------
Result:
Found 14 themes needing updates ...


<table class='table table-condensed'>
	<thead>
			<tr>
															<th>Theme</th>
											<th>Current</th>
											<th>Available</th>
											<th>Needs Update</th>
												</tr>
	</thead>
	<tbody>
							<tr class="warning">
											<td>twentyeleven</td>
											<td>2.3</td>
											<td>4.7</td>
											<td>1</td>
									</tr>
							<tr class="warning">
											<td>twentyfifteen</td>
											<td>1.4</td>
											<td>3.8</td>
											<td>1</td>
									</tr>
							<tr class="warning">
											<td>twentyfourteen</td>
											<td>1.6</td>
											<td>4.0</td>
											<td>1</td>
									</tr>
							<tr class="warning">
											<td>twentynineteen</td>
											<td>1.0</td>
											<td>2.9</td>
											<td>1</td>
									</tr>
							<tr class="warning">
											<td>twentyseventeen</td>
											<td>1.0</td>
											<td>3.7</td>
											<td>1</td>
									</tr>
							<tr class="warning">
											<td>twentysixteen</td>
											<td>1.0</td>
											<td>3.3</td>
											<td>1</td>
									</tr>
							<tr class="warning">
											<td>twentyten</td>
											<td>2.1</td>
											<td>4.2</td>
											<td>1</td>
									</tr>
							<tr class="warning">
											<td>twentythirteen</td>
											<td>1.7</td>
											<td>4.2</td>
											<td>1</td>
									</tr>
							<tr class="warning">
											<td>twentytwelve</td>
											<td>1.9</td>
											<td>4.3</td>
											<td>1</td>
									</tr>
							<tr class="warning">
											<td>twentytwenty</td>
											<td>1.0</td>
											<td>2.7</td>
											<td>1</td>
									</tr>
							<tr class="warning">
											<td>twentytwentyfour</td>
											<td>1.0</td>
											<td>1.2</td>
											<td>1</td>
									</tr>
							<tr class="warning">
											<td>twentytwentyone</td>
											<td>1.0</td>
											<td>2.3</td>
											<td>1</td>
									</tr>
							<tr class="warning">
											<td>twentytwentythree</td>
											<td>1.0</td>
											<td>1.5</td>
											<td>1</td>
									</tr>
							<tr class="warning">
											<td>twentytwentytwo</td>
											<td>1.0</td>
											<td>1.8</td>
											<td>1</td>
									</tr>
				</tbody>
</table>
Recommendation: You should update all out-of-date themes


--------------------------------------------------------------------------------
CRON: (Checking whether cron is enabled and what jobs are scheduled)
--------------------------------------------------------------------------------
Result: Checking whether cron is enabled and what jobs are scheduled
<ul class="check-list">
	<li class="severity-error"><p class="result">WP-Cron is disabled.  Pantheon is running `wp cron event run --due-now` once per hour.</p></li>
</ul>
<hr/>
<table class='table table-condensed'>
	<thead>
			<tr>
															<th>Job</th>
											<th>Frequency</th>
											<th>Next Run</th>
												</tr>
	</thead>
	<tbody>
							<tr class="error">
											<td>wp_privacy_delete_old_export_files</td>
											<td>hourly</td>
											<td>Jul 18, 2024 @ 00:40:30 (PAST DUE)</td>
									</tr>
							<tr class="error">
											<td>wp_version_check</td>
											<td>twicedaily</td>
											<td>Jul 18, 2024 @ 11:40:30 (PAST DUE)</td>
									</tr>
							<tr class="error">
											<td>wp_update_plugins</td>
											<td>twicedaily</td>
											<td>Jul 18, 2024 @ 11:40:30 (PAST DUE)</td>
									</tr>
							<tr class="error">
											<td>wp_update_themes</td>
											<td>twicedaily</td>
											<td>Jul 18, 2024 @ 11:40:30 (PAST DUE)</td>
									</tr>
							<tr class="error">
											<td>wp_site_health_scheduled_check</td>
											<td>weekly</td>
											<td>Jul 18, 2024 @ 23:40:30 (PAST DUE)</td>
									</tr>
							<tr class="error">
											<td>recovery_mode_clean_expired_keys</td>
											<td>daily</td>
											<td>Jul 18, 2024 @ 23:40:30 (PAST DUE)</td>
									</tr>
							<tr class="ok">
											<td>wp_delete_temp_updater_backups</td>
											<td>weekly</td>
											<td></td>
									</tr>
				</tbody>
</table>
Recommendation: No action required


--------------------------------------------------------------------------------
OBJECT CACHE: (Checking the object caching is on and responding.)
--------------------------------------------------------------------------------
Result: <ul class="check-list">
	<li class="severity-warning"><p class="result">object-cache.php exists</p></li>
	<li class="severity-warning"><p class="result">Object Cache Pro found</p></li>
</ul>

Recommendation: You should use Object Cache Pro


--------------------------------------------------------------------------------
DATABASE: (Checking the database for issues.)
--------------------------------------------------------------------------------
Result: <ul class="check-list">
	<li class="severity-ok"><p class="result">Found 19 rows in the options table.</p></li>
	<li class="severity-ok"><p class="result">Found 117 options being autoloaded.</p></li>
	<li class="severity-ok"><p class="result">All tables using InnoDB storage engine.</p></li>
	<li class="severity-ok"><p class="result">Found 5 transients.</p></li>
</ul>

Recommendation: No action required

wp launchcheck secure:

--------------------------------------------------------------------------------
RISKY PHP FUNCTIONS: (PHP files running eval or base64_decode on user input can be insecure.)
--------------------------------------------------------------------------------
Result: Found 4 files that reference risky function.
	->
<table class='table table-condensed'>
	<thead>
			<tr>
															<th>File</th>
											<th>Line</th>
											<th>Match</th>
												</tr>
	</thead>
	<tbody>
							<tr class="warning">
											<td>plugins/object-cache-pro/src/Connections/PhpRedisClusterConnection.php</td>
											<td>142</td>
											<td>eval(string $script, array $args = [], int $keys =</td>
									</tr>
							<tr class="warning">
											<td>plugins/object-cache-pro/src/Connections/PhpRedisClusterConnection.php</td>
											<td>142</td>
											<td>eval</td>
									</tr>
							<tr class="warning">
											<td>plugins/object-cache-pro/src/ObjectCaches/PhpRedisObjectCache.php</td>
											<td>1021</td>
											<td>eval($script, array_merge($patterns, [$command]), </td>
									</tr>
							<tr class="warning">
											<td>plugins/object-cache-pro/src/ObjectCaches/PhpRedisObjectCache.php</td>
											<td>1021</td>
											<td>eval</td>
									</tr>
				</tbody>
</table>
Recommendation: You do not need to deactivate these files, but please scrutinize them in the event of a security issue.


--------------------------------------------------------------------------------
PROBABLE EXPLOITS: (Looking for exploited files.)
--------------------------------------------------------------------------------
Result: No exploits found.
Recommendation: No exploits found.

After

wp launchcheck all:

Multisite detected. Running checks on launchcheck site.
--------------------------------------------------------------------------------
CONFIG: (Checking for a properly-configured wp-config)
--------------------------------------------------------------------------------
Result: <ul class="check-list">
	<li class="severity-ok"><p class="result">WP_CACHE not found or is set to false.</p></li>
	<li class="severity-ok"><p class="result">Verified that $_SERVER['SERVER_NAME'] isn't being used to define WP_HOME or WP_SITE_URL.</p></li>
</ul>

Recommendation: No action required


--------------------------------------------------------------------------------
PHP SESSIONS: (Sessions only work when sessions plugin is enabled)
--------------------------------------------------------------------------------
Result: <ul class="check-list">
	<li class="severity-fail"><p class="result">Found 2 files that reference sessions. You should install the Native PHP Sessions plugin - https://wordpress.org/plugins/wp-native-php-sessions/ </p></li>
</ul>

<table class='table table-condensed'>
	<thead>
			<tr>
															<th>File</th>
											<th>Line</th>
											<th>Match</th>
												</tr>
	</thead>
	<tbody>
							<tr class="error">
											<td>plugins/wp-native-php-sessions/inc/class-session.php</td>
											<td>4920</td>
											<td>$_SESSION</td>
									</tr>
							<tr class="error">
											<td>plugins/wp-native-php-sessions/pantheon-sessions.php</td>
											<td>7867</td>
											<td>$_SESSION</td>
									</tr>
				</tbody>
</table>
Recommendation: You should install the Native PHP Sessions plugin - https://wordpress.org/plugins/wp-native-php-sessions/


--------------------------------------------------------------------------------
RISKY PHP FUNCTIONS: (PHP files running eval or base64_decode on user input can be insecure.)
--------------------------------------------------------------------------------
Result:
Recommendation: We did not find any files running risky functions.


--------------------------------------------------------------------------------
CONFIG: (Checking for a properly-configured wp-config)
--------------------------------------------------------------------------------
Result:
Recommendation: No action required


--------------------------------------------------------------------------------
PLUGINS: (Looking for plugin info ( active and inactive ))
--------------------------------------------------------------------------------
Result:
Found one plugin needing updates ...


<table class='table table-condensed'>
	<thead>
			<tr>
															<th>Plugin</th>
											<th>Current</th>
											<th>Available</th>
											<th>Needs Update</th>
												</tr>
	</thead>
	<tbody>
							<tr class="warning">
											<td>akismet</td>
											<td>5.3.2</td>
											<td>5.3.3</td>
											<td>1</td>
									</tr>
							<tr class="ok">
											<td>hello.php</td>
											<td>1.7.2</td>
											<td>-</td>
											<td>0</td>
									</tr>
							<tr class="ok">
											<td>wp-native-php-sessions</td>
											<td>1.4.3</td>
											<td>-</td>
											<td>0</td>
									</tr>
							<tr class="ok">
											<td>pantheon-advanced-page-cache</td>
											<td>2.0.0</td>
											<td>-</td>
											<td>0</td>
									</tr>
							<tr class="ok">
											<td>wp-redis</td>
											<td>1.4.4</td>
											<td>-</td>
											<td>0</td>
									</tr>
				</tbody>
</table>
Recommendation: You should update all out-of-date plugins


--------------------------------------------------------------------------------
THEMES: (Looking for theme info ( active and inactive ))
--------------------------------------------------------------------------------
Result:
Found 2 themes needing updates ...


<table class='table table-condensed'>
	<thead>
			<tr>
															<th>Theme</th>
											<th>Current</th>
											<th>Available</th>
											<th>Needs Update</th>
												</tr>
	</thead>
	<tbody>
							<tr class="warning">
											<td>twentytwentyfour</td>
											<td>1.1</td>
											<td>1.2</td>
											<td>1</td>
									</tr>
							<tr class="warning">
											<td>twentytwentythree</td>
											<td>1.4</td>
											<td>1.5</td>
											<td>1</td>
									</tr>
							<tr class="ok">
											<td>twentytwentytwo</td>
											<td>1.8</td>
											<td>-</td>
											<td>0</td>
									</tr>
				</tbody>
</table>
Recommendation: You should update all out-of-date themes


--------------------------------------------------------------------------------
CRON: (Checking whether cron is enabled and what jobs are scheduled)
--------------------------------------------------------------------------------
Result: Checking whether cron is enabled and what jobs are scheduled
<ul class="check-list">
	<li class="severity-error"><p class="result">WP-Cron is enabled.  Pantheon is also running `wp cron event run --due-now` once per hour.</p></li>
</ul>
<hr/>
<table class='table table-condensed'>
	<thead>
			<tr>
															<th>Job</th>
											<th>Frequency</th>
											<th>Next Run</th>
												</tr>
	</thead>
	<tbody>
							<tr class="error">
											<td>wp_delete_temp_updater_backups</td>
											<td></td>
											<td>Jul 19, 2024 @ 21:08:16 (PAST DUE)</td>
									</tr>
							<tr class="ok">
											<td>wp_privacy_delete_old_export_files</td>
											<td>hourly</td>
											<td></td>
									</tr>
							<tr class="ok">
											<td>wp_version_check</td>
											<td>twicedaily</td>
											<td></td>
									</tr>
							<tr class="ok">
											<td>wp_update_plugins</td>
											<td>twicedaily</td>
											<td></td>
									</tr>
							<tr class="ok">
											<td>wp_update_themes</td>
											<td>twicedaily</td>
											<td></td>
									</tr>
							<tr class="ok">
											<td>wp_update_user_counts</td>
											<td>twicedaily</td>
											<td></td>
									</tr>
							<tr class="ok">
											<td>update_network_counts</td>
											<td>twicedaily</td>
											<td></td>
									</tr>
							<tr class="ok">
											<td>recovery_mode_clean_expired_keys</td>
											<td>daily</td>
											<td></td>
									</tr>
							<tr class="ok">
											<td>wp_scheduled_delete</td>
											<td>daily</td>
											<td></td>
									</tr>
							<tr class="ok">
											<td>delete_expired_transients</td>
											<td>daily</td>
											<td></td>
									</tr>
							<tr class="ok">
											<td>wp_scheduled_auto_draft_delete</td>
											<td>daily</td>
											<td></td>
									</tr>
							<tr class="ok">
											<td>wp_delete_temp_updater_backups</td>
											<td>weekly</td>
											<td></td>
									</tr>
							<tr class="ok">
											<td>wp_site_health_scheduled_check</td>
											<td>weekly</td>
											<td></td>
									</tr>
				</tbody>
</table>
Recommendation: No action required


--------------------------------------------------------------------------------
OBJECT CACHE: (Checking the object caching is on and responding.)
--------------------------------------------------------------------------------
Result: <ul class="check-list">
	<li class="severity-warning"><p class="result">No object-cache.php exists</p></li>
	<li class="severity-warning"><p class="result">Use Object Cache Pro to speed up your backend. <a href="https://docs.pantheon.io/guides/object-cache-pro/installing-configuring/" target="_blank">Learn More</a></p></li>
</ul>

Recommendation: You should use Object Cache Pro


--------------------------------------------------------------------------------
DATABASE: (Checking the database for issues.)
--------------------------------------------------------------------------------
Result: <ul class="check-list">
	<li class="severity-ok"><p class="result">Found 138 rows in the options table.</p></li>
	<li class="severity-ok"><p class="result">Found 121 options being autoloaded.</p></li>
	<li class="severity-ok"><p class="result">All tables using InnoDB storage engine.</p></li>
	<li class="severity-ok"><p class="result">Found 13 transients.</p></li>
</ul>

Recommendation: No action required

wp launchcheck secure:

--------------------------------------------------------------------------------
RISKY PHP FUNCTIONS: (PHP files running eval or base64_decode on user input can be insecure.)
--------------------------------------------------------------------------------
Result:
Recommendation: We did not find any files running risky functions.

@jazzsequence jazzsequence changed the title Site-1500-remove-probable-exploits [SITE-1500] remove probable exploits Jul 19, 2024
@jazzsequence jazzsequence marked this pull request as ready for review July 19, 2024 21:29
@jazzsequence jazzsequence requested review from a team as code owners July 19, 2024 21:29
@pwtyler
Copy link
Member

pwtyler commented Aug 7, 2024

Will re-open new PR with broader scope.

@pwtyler pwtyler closed this Aug 7, 2024
@pwtyler pwtyler mentioned this pull request Aug 7, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jazzsequence @pwtyler