Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Really dumb idea
<?php
/**
* A really dumb tool for ad-hoc PHP request logging - mostly useful to find malicious POST / cookie / etc payloads
*
* prepend with php.ini or .user.ini to cover all requests:
* auto_prepend_file = /[full-path-to-location]/dumb_sec.php
*
* @author : Peeter Marvet (peeter@zone.ee)
* @version 0.3
* @license https://www.gnu.org/licenses/gpl-3.0.html GPL
*
* v0.3 / 20.08.2019
* - include agent (if present)
* v0.2 / 04.02.2018
* - avoid logging pwds and wordpress auth cookies
* - destroy used variables (for OCD, mostly)
* v0.1 / 17.12.2017
* - initial version
*/
if ( ! empty( $_POST ) ) {
// request parameters that could contain password, must match exactly
$neuter_params = [ 'pwd', 'password', 'pass1', 'pass1-text', 'pass2' ];
// optionally: remove 'false &&' to allow storage of passwords for non-local IPs
if ( false && ! empty( $_ENV['MM_COUNTRY_CODE'] ) && $_ENV['MM_COUNTRY_CODE'] !== 'EE' ) {
$neuter_params = [];
}
// request cookies that could be mis-used, must begin with
$neuter_cookies = [ 'wordpress_' ];
$request_safe = $_REQUEST;
// mask sensitive parts
foreach ( $neuter_params as $param ) {
if ( ! empty( $request_safe[ $param ] ) ) {
$request_safe[ $param ] = str_repeat( '*', mb_strlen( $request_safe[ $param ] ) );
}
}
foreach ( $request_safe as $key => $value ) {
foreach ( $neuter_cookies as $cookie ) {
if ( strpos( $key, $cookie ) === 0 ) {
$request_safe[ $key ] = '**hidden**';
}
}
}
$log = [
date( 'c' ),
$_SERVER['REMOTE_ADDR'],
$_SERVER['REQUEST_URI'],
json_encode( $request_safe ),
];
file_put_contents( dirname( __FILE__ ) . '/dumb_sec.log', implode( " ", $log ) . PHP_EOL, FILE_APPEND );
// if present - sends data to Mallory
include 'dumb_agent.php';
// destroy used variables (free some memory + avoid problems if used in app without proper initialisation)
unset ( $request_safe, $log, $neuter_params, $neuter_cookies, $key, $value, $param, $cookie );
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment