File: /home/httpd/html/gaybareback.net/public_html/wpverify.py
try:
import json
except:
import simplejson as json
import os
import hashlib
import difflib
import urllib2
import sys
def hashfile(afile, hasher, blocksize=65536):
buf = afile.read(blocksize)
while len(buf) > 0:
hasher.update(buf)
buf = afile.read(blocksize)
return hasher.hexdigest()
class hashtable():
def __init__(self):
self.files = dict()
def addhash(self, filename, hash, version):
if filename not in self.files:
self.files[filename] = dict()
if hash not in self.files[filename]:
self.files[filename][hash] = []
self.files[filename][hash].append(version)
def dump(self):
print self.files
def replace_current_site():
searchandreplace = dict()
for i in open('/tmp/wpv.rpl').read().split('====\n'):
if "FROM:" in i:
(fromline,toline,junk) = i.split('\n')
print fromline
print toline
searchandreplace[fromline[6:].replace('\n','').replace('\r','')] = toline[4:].replace('\n','').replace('\r','')
for root, dir, files in os.walk('.'):
if len(root) > 2 and root[:2] == './':
root = root[2:]
else:
root = ""
for i in files:
try:
if i[-4:] == ".php" or i[-3:] == ".js":
if root != "":
current = root + '/' + i
else:
current = i
rewrite = False
lines = open(current).read().split('\n')
for i in searchandreplace:
j = 0
while j < len(lines):
while i in lines[j]:
lines[j] = lines[j].replace(i, searchandreplace[i])
rewrite = True
if rewrite:
outfile = open(current, 'w')
outfile.write("\n".join(lines))
outfile.close()
except:
pass
def check_current_site(returnbadlines = False, rootpath = ''):
for root, dir, files in os.walk('.'):
if len(root) > 2 and root[:2] == './':
root = root[2:]
else:
root = ""
for i in files:
if i[-4:] == ".php" or i[-3:] == ".js":
if root != "":
current = root + '/' + i
else:
current = i
if current in hashes.files:
currenthash = hashfile(open(current, 'rb'), hashlib.sha256())
if currenthash not in hashes.files[current]:
print "Bad File: " + rootpath + current,
answer = 0
closestresult = "NONE"
for j in hashes.files[current]:
k = max(hashes.files[current][j])
checkfile = urllib2.urlopen('http://wpv.as22384.net/wordpress/' + k + '/' + current).read()
diffratio = difflib.SequenceMatcher(None, open(current).read(), checkfile).ratio()
if diffratio >= answer:
answer = diffratio
closestresult = ", ".join(sorted(hashes.files[current][j]))
closestresultfordiff = k
print " Closest Match (" + str(answer) + "): " + str(closestresult)
for j in difflib.unified_diff(open(current).read().split('\n'), urllib2.urlopen('http://wpv.as22384.net/wordpress/' + closestresultfordiff + '/' + current).read().split('\n')):
print j
if j[0] == '-':
badlines.add(j[1:].replace("\n","").replace("\r",""))
if returnbadlines:
return badlines
else:
outfile = open('/tmp/wpv.rpl', 'a')
for i in sorted(badlines):
outfile.write('FROM: ')
outfile.write(i.replace("\n",'').replace("\r",''))
outfile.write("\n")
outfile.write("TO: \n====\n")
outfile.close()
if __name__ == "__main__":
hashes = hashtable()
# Workaround for python 2.5
temp = json.JsonReader()
hashes.files = temp.read(urllib2.urlopen('http://wpv.as22384.net/hashes.json').read())
badlines = set()
if '-x' in sys.argv:
replace_current_site()
else:
if '-a' in sys.argv:
badlines = set()
for root, dir, files in os.walk('/'):
for i in files:
if i == 'wp-config.php':
os.chdir(root)
for j in check_current_site(returnbadlines = True, rootpath = root + '/'):
badlines.add(j)
outfile = open('/tmp/wpv.rpl', 'a')
for i in sorted(badlines):
outfile.write('FROM: ')
outfile.write(i.replace("\n",'').replace("\r",''))
outfile.write("\n")
outfile.write("TO: \n====\n")
outfile.close()
else:
check_current_site()