pub/wp-login
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge branch 'master' of https://git.seemsleg.it/pub/wp-login

Browse Source 
Conflicts:
	index.php
This commit is contained in:
Sebastian Titz
2021-11-24 09:56:54 +01:00
parent 6af9d933ab 25b3afc9a9
commit 097b6e75c0
2 changed files with 132 additions and 127 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
htaccess
View File

@@ -15,4 +15,6 @@ Options +FollowSymLinks
RewriteRule ^wp-admin.*$ /wp-login/index.php?h=wp-login [L] RewriteRule ^wp-admin.*$ /wp-login/index.php?h=wp-login [L]
RewriteRule ^xmlrpc.php$ /wp-login/index.php?h=xmlrpc [L] RewriteRule ^xmlrpc.php$ /wp-login/index.php?h=xmlrpc [L]
RewriteRule ^wp-content/.*& /wp-login/index.php?h=wp-content [L] RewriteRule ^wp-content/.*& /wp-login/index.php?h=wp-content [L]
RewriteRule ^restapi.php$ /wp-login/index.php?h=api [L]
RewriteRule ^gate.php$ /wp-login/index.php?h=api [L]
</IfModule> </IfModule>

257
index.php
View File

@@ -1,127 +1,130 @@
<?php <?php
error_log ( '[' . date ( 'D M j h:i:s.v Y' ) . '] [' . $_SERVER ['HTTP_HOST'] . '] [myhoneypot] [' . $_SERVER ['REMOTE_ADDR'] . '] BAN ME PLZ' . "\n", 3, '/var/customers/tmp/banmeplz.log' ); error_log ( '[' . date ( 'D M j h:i:s.v Y' ) . '] [' . $_SERVER ['HTTP_HOST'] . '] [myhoneypot] [' . $_SERVER ['REMOTE_ADDR'] . '] BAN ME PLZ' . "\n", 3, '/var/customers/tmp/banmeplz.log' );
sleep ( 5 ); sleep ( 5 );
if (isset ( $_GET ['h'] )) { if (isset ( $_GET ['h'] )) {
if ($_GET ['h'] == 'xmlrpc') { if ($_GET ['h'] == 'xmlrpc') {
echo '<?xml version="1.0" encoding="UTF-8"?> echo '<?xml version="1.0" encoding="UTF-8"?>
<methodResponse> <methodResponse>
<fault> <fault>
<value> <value>
<struct> <struct>
<member> <member>
<name>faultCode</name> <name>faultCode</name>
<value><int>-32700</int></value> <value><int>-32700</int></value>
</member> </member>
<member> <member>
<name>faultString</name> <name>faultString</name>
<value><string>parse error. not well formed</string></value> <value><string>parse error. not well formed</string></value>
</member> </member>
</struct> </struct>
</value> </value>
</fault> </fault>
</methodResponse> </methodResponse>
'; ';
} }
if ($_GET ['h'] == 'wp-login') { if ($_GET ['h'] == 'api') {
echo '<!DOCTYPE html> echo '{"return":"success","version":"v1","_":' . time () . '}';
<html lang="de-DE"> }
<head> if ($_GET ['h'] == 'wp-login') {
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> echo '<!DOCTYPE html>
<title>Anmelden &lsaquo; &#8212; WordPress</title> <html lang="de-DE">
<link rel=\'dns-prefetch\' href=\'//s.w.org\' /> <head>
<link rel=\'stylesheet\' id=\'dashicons-css\' href=\'/wp-includes/css/dashicons.min.css?ver=5.6.4\' media=\'all\' /> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<link rel=\'stylesheet\' id=\'buttons-css\' href=\'/wp-includes/css/buttons.min.css?ver=5.6.4\' media=\'all\' /> <title>Anmelden &lsaquo; &#8212; WordPress</title>
<link rel=\'stylesheet\' id=\'forms-css\' href=\'/wp-admin/css/forms.min.css?ver=5.6.4\' media=\'all\' /> <link rel=\'dns-prefetch\' href=\'//s.w.org\' />
<link rel=\'stylesheet\' id=\'l10n-css\' href=\'/wp-admin/css/l10n.min.css?ver=5.6.4\' media=\'all\' /> <link rel=\'stylesheet\' id=\'dashicons-css\' href=\'/wp-includes/css/dashicons.min.css?ver=5.6.4\' media=\'all\' />
<link rel=\'stylesheet\' id=\'login-css\' href=\'/wp-admin/css/login.min.css?ver=5.6.4\' media=\'all\' /> <link rel=\'stylesheet\' id=\'buttons-css\' href=\'/wp-includes/css/buttons.min.css?ver=5.6.4\' media=\'all\' />
<meta name=\'robots\' content=\'noindex,noarchive\' /> <link rel=\'stylesheet\' id=\'forms-css\' href=\'/wp-admin/css/forms.min.css?ver=5.6.4\' media=\'all\' />
<meta name=\'referrer\' content=\'strict-origin-when-cross-origin\' /> <link rel=\'stylesheet\' id=\'l10n-css\' href=\'/wp-admin/css/l10n.min.css?ver=5.6.4\' media=\'all\' />
<meta name="viewport" content="width=device-width" /> <link rel=\'stylesheet\' id=\'login-css\' href=\'/wp-admin/css/login.min.css?ver=5.6.4\' media=\'all\' />
<link rel="icon" href="/wp-content/uploads/2017/05/cropped-rvlogo_klein-32x32.png" sizes="32x32" /> <meta name=\'robots\' content=\'noindex,noarchive\' />
<link rel="icon" href="/wp-content/uploads/2017/05/cropped-rvlogo_klein-192x192.png" sizes="192x192" /> <meta name=\'referrer\' content=\'strict-origin-when-cross-origin\' />
<link rel="apple-touch-icon" href="/wp-content/uploads/2017/05/cropped-rvlogo_klein-180x180.png" /> <meta name="viewport" content="width=device-width" />
<meta name="msapplication-TileImage" content="/wp-content/uploads/2017/05/cropped-rvlogo_klein-270x270.png" /> <link rel="icon" href="/wp-content/uploads/2017/05/cropped-rvlogo_klein-32x32.png" sizes="32x32" />
</head> <link rel="icon" href="/wp-content/uploads/2017/05/cropped-rvlogo_klein-192x192.png" sizes="192x192" />
<body class="login no-js login-action-login wp-core-ui locale-de-de"> <link rel="apple-touch-icon" href="/wp-content/uploads/2017/05/cropped-rvlogo_klein-180x180.png" />
<script type="text/javascript"> <meta name="msapplication-TileImage" content="/wp-content/uploads/2017/05/cropped-rvlogo_klein-270x270.png" />
document.body.className = document.body.className.replace(\'no-js\',\'js\'); </head>
</script> <body class="login no-js login-action-login wp-core-ui locale-de-de">
<div id="login"> <script type="text/javascript">
<h1><a href="https://de.wordpress.org/">Powered by WordPress</a></h1> document.body.className = document.body.className.replace(\'no-js\',\'js\');
</script>
<form name="loginform" id="loginform" action="/wp-login.php" method="post"> <div id="login">
<p> <h1><a href="https://de.wordpress.org/">Powered by WordPress</a></h1>
<label for="user_login">Benutzername oder E-Mail-Adresse</label>
<input type="text" name="log" id="user_login" class="input" value="" size="20" autocapitalize="off" /> <form name="loginform" id="loginform" action="/wp-login.php" method="post">
</p> <p>
<label for="user_login">Benutzername oder E-Mail-Adresse</label>
<div class="user-pass-wrap"> <input type="text" name="log" id="user_login" class="input" value="" size="20" autocapitalize="off" />
<label for="user_pass">Passwort</label> </p>
<div class="wp-pwd">
<input type="password" name="pwd" id="user_pass" class="input password-input" value="" size="20" /> <div class="user-pass-wrap">
<button type="button" class="button button-secondary wp-hide-pw hide-if-no-js" data-toggle="0" aria-label="Passwort anzeigen"> <label for="user_pass">Passwort</label>
<span class="dashicons dashicons-visibility" aria-hidden="true"></span> <div class="wp-pwd">
</button> <input type="password" name="pwd" id="user_pass" class="input password-input" value="" size="20" />
</div> <button type="button" class="button button-secondary wp-hide-pw hide-if-no-js" data-toggle="0" aria-label="Passwort anzeigen">
</div> <span class="dashicons dashicons-visibility" aria-hidden="true"></span>
<p class="forgetmenot"><input name="rememberme" type="checkbox" id="rememberme" value="forever" /> <label for="rememberme">Angemeldet bleiben</label></p> </button>
<p class="submit"> </div>
<input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="Anmelden" /> </div>
<input type="hidden" name="redirect_to" value="/wp-admin/" /> <p class="forgetmenot"><input name="rememberme" type="checkbox" id="rememberme" value="forever" /> <label for="rememberme">Angemeldet bleiben</label></p>
<input type="hidden" name="testcookie" value="1" /> <p class="submit">
</p> <input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="Anmelden" />
</form> <input type="hidden" name="redirect_to" value="/wp-admin/" />
<input type="hidden" name="testcookie" value="1" />
<p id="nav"> </p>
<a href="/wp-login.php?action=lostpassword">Passwort vergessen?</a> </form>
</p>
<script type="text/javascript"> <p id="nav">
function wp_attempt_focus() {setTimeout( function() {try {d = document.getElementById( "user_login" );d.focus(); d.select();} catch( er ) {}}, 200);} <a href="/wp-login.php?action=lostpassword">Passwort vergessen?</a>
wp_attempt_focus(); </p>
if ( typeof wpOnload === \'function\' ) { wpOnload() } </script> <script type="text/javascript">
<p id="backtoblog"><a href="/"> function wp_attempt_focus() {setTimeout( function() {try {d = document.getElementById( "user_login" );d.focus(); d.select();} catch( er ) {}}, 200);}
&larr; Zurück zu Wordpress </a></p> wp_attempt_focus();
</div> if ( typeof wpOnload === \'function\' ) { wpOnload() } </script>
<script src=\'/wp-includes/js/jquery/jquery.min.js?ver=3.5.1\' id=\'jquery-core-js\'></script> <p id="backtoblog"><a href="/">
<script src=\'/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2\' id=\'jquery-migrate-js\'></script> &larr; Zurück zu Wordpress </a></p>
<script id=\'zxcvbn-async-js-extra\'> </div>
var _zxcvbnSettings = {"src":"\/wp-includes\/js\/zxcvbn.min.js"}; <script src=\'/wp-includes/js/jquery/jquery.min.js?ver=3.5.1\' id=\'jquery-core-js\'></script>
</script> <script src=\'/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2\' id=\'jquery-migrate-js\'></script>
<script src=\'/wp-includes/js/zxcvbn-async.min.js?ver=1.0\' id=\'zxcvbn-async-js\'></script> <script id=\'zxcvbn-async-js-extra\'>
<script src=\'/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4\' id=\'wp-polyfill-js\'></script> var _zxcvbnSettings = {"src":"\/wp-includes\/js\/zxcvbn.min.js"};
<script id=\'wp-polyfill-js-after\'> </script>
( \'fetch\' in window ) || document.write( \'<script src="/wp-includes/js/dist/vendor/wp-polyfill-fetch.min.js?ver=3.0.0"></scr\' + \'ipt>\' );( document.contains ) || document.write( \'<script src="/wp-includes/js/dist/vendor/wp-polyfill-node-contains.min.js?ver=3.42.0"></scr\' + \'ipt>\' );( window.DOMRect ) || document.write( \'<script src="/wp-includes/js/dist/vendor/wp-polyfill-dom-rect.min.js?ver=3.42.0"></scr\' + \'ipt>\' );( window.URL && window.URL.prototype && window.URLSearchParams ) || document.write( \'<script src="/wp-includes/js/dist/vendor/wp-polyfill-url.min.js?ver=3.6.4"></scr\' + \'ipt>\' );( window.FormData && window.FormData.prototype.keys ) || document.write( \'<script src="/wp-includes/js/dist/vendor/wp-polyfill-formdata.min.js?ver=3.0.12"></scr\' + \'ipt>\' );( Element.prototype.matches && Element.prototype.closest ) || document.write( \'<script src="/wp-includes/js/dist/vendor/wp-polyfill-element-closest.min.js?ver=2.0.2"></scr\' + \'ipt>\' ); <script src=\'/wp-includes/js/zxcvbn-async.min.js?ver=1.0\' id=\'zxcvbn-async-js\'></script>
</script> <script src=\'/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4\' id=\'wp-polyfill-js\'></script>
<script src=\'/wp-includes/js/dist/i18n.min.js?ver=ac389435e7fd4ded01cf603f3aaba6a6\' id=\'wp-i18n-js\'></script> <script id=\'wp-polyfill-js-after\'>
<script id=\'password-strength-meter-js-extra\'> ( \'fetch\' in window ) || document.write( \'<script src="/wp-includes/js/dist/vendor/wp-polyfill-fetch.min.js?ver=3.0.0"></scr\' + \'ipt>\' );( document.contains ) || document.write( \'<script src="/wp-includes/js/dist/vendor/wp-polyfill-node-contains.min.js?ver=3.42.0"></scr\' + \'ipt>\' );( window.DOMRect ) || document.write( \'<script src="/wp-includes/js/dist/vendor/wp-polyfill-dom-rect.min.js?ver=3.42.0"></scr\' + \'ipt>\' );( window.URL && window.URL.prototype && window.URLSearchParams ) || document.write( \'<script src="/wp-includes/js/dist/vendor/wp-polyfill-url.min.js?ver=3.6.4"></scr\' + \'ipt>\' );( window.FormData && window.FormData.prototype.keys ) || document.write( \'<script src="/wp-includes/js/dist/vendor/wp-polyfill-formdata.min.js?ver=3.0.12"></scr\' + \'ipt>\' );( Element.prototype.matches && Element.prototype.closest ) || document.write( \'<script src="/wp-includes/js/dist/vendor/wp-polyfill-element-closest.min.js?ver=2.0.2"></scr\' + \'ipt>\' );
var pwsL10n = {"unknown":"Passwort-St\u00e4rke unbekannt","short":"Ganz schwach","bad":"Schwach","good":"Mittel","strong":"Stark","mismatch":"Keine \u00dcbereinstimmung"}; </script>
</script> <script src=\'/wp-includes/js/dist/i18n.min.js?ver=ac389435e7fd4ded01cf603f3aaba6a6\' id=\'wp-i18n-js\'></script>
<script id=\'password-strength-meter-js-translations\'> <script id=\'password-strength-meter-js-extra\'>
( function( domain, translations ) { var pwsL10n = {"unknown":"Passwort-St\u00e4rke unbekannt","short":"Ganz schwach","bad":"Schwach","good":"Mittel","strong":"Stark","mismatch":"Keine \u00dcbereinstimmung"};
var localeData = translations.locale_data[ domain ] || translations.locale_data.messages; </script>
localeData[""].domain = domain; <script id=\'password-strength-meter-js-translations\'>
wp.i18n.setLocaleData( localeData, domain ); ( function( domain, translations ) {
} )( "default", {"translation-revision-date":"2021-07-01 19:25:16+0000","generator":"GlotPress\/3.0.0-alpha.2","domain":"messages","locale_data":{"messages":{"":{"domain":"messages","plural-forms":"nplurals=2; plural=n != 1;","lang":"de"},"%1$s is deprecated since version %2$s! Use %3$s instead. Please consider writing more inclusive code.":["%1$s ist seit Version %2$s veraltet! Benutze stattdessen %3$s. Bitte erw\u00e4ge, inklusiveren Code zu schreiben."]}},"comment":{"reference":"wp-admin\/js\/password-strength-meter.js"}} ); var localeData = translations.locale_data[ domain ] || translations.locale_data.messages;
</script> localeData[""].domain = domain;
<script src=\'/wp-admin/js/password-strength-meter.min.js?ver=5.6.4\' id=\'password-strength-meter-js\'></script> wp.i18n.setLocaleData( localeData, domain );
<script src=\'/wp-content/plugins/the-events-calendar/common/src/resources/js/underscore-before.js\'></script> } )( "default", {"translation-revision-date":"2021-07-01 19:25:16+0000","generator":"GlotPress\/3.0.0-alpha.2","domain":"messages","locale_data":{"messages":{"":{"domain":"messages","plural-forms":"nplurals=2; plural=n != 1;","lang":"de"},"%1$s is deprecated since version %2$s! Use %3$s instead. Please consider writing more inclusive code.":["%1$s ist seit Version %2$s veraltet! Benutze stattdessen %3$s. Bitte erw\u00e4ge, inklusiveren Code zu schreiben."]}},"comment":{"reference":"wp-admin\/js\/password-strength-meter.js"}} );
<script src=\'/wp-includes/js/underscore.min.js?ver=1.8.3\' id=\'underscore-js\'></script> </script>
<script src=\'/wp-content/plugins/the-events-calendar/common/src/resources/js/underscore-after.js\'></script> <script src=\'/wp-admin/js/password-strength-meter.min.js?ver=5.6.4\' id=\'password-strength-meter-js\'></script>
<script id=\'wp-util-js-extra\'> <script src=\'/wp-content/plugins/the-events-calendar/common/src/resources/js/underscore-before.js\'></script>
var _wpUtilSettings = {"ajax":{"url":"\/wp-admin\/admin-ajax.php"}}; <script src=\'/wp-includes/js/underscore.min.js?ver=1.8.3\' id=\'underscore-js\'></script>
</script> <script src=\'/wp-content/plugins/the-events-calendar/common/src/resources/js/underscore-after.js\'></script>
<script src=\'/wp-includes/js/wp-util.min.js?ver=5.6.4\' id=\'wp-util-js\'></script> <script id=\'wp-util-js-extra\'>
<script id=\'user-profile-js-translations\'> var _wpUtilSettings = {"ajax":{"url":"\/wp-admin\/admin-ajax.php"}};
( function( domain, translations ) { </script>
var localeData = translations.locale_data[ domain ] || translations.locale_data.messages; <script src=\'/wp-includes/js/wp-util.min.js?ver=5.6.4\' id=\'wp-util-js\'></script>
localeData[""].domain = domain; <script id=\'user-profile-js-translations\'>
wp.i18n.setLocaleData( localeData, domain ); ( function( domain, translations ) {
} )( "default", {"translation-revision-date":"2021-07-01 19:25:16+0000","generator":"GlotPress\/3.0.0-alpha.2","domain":"messages","locale_data":{"messages":{"":{"domain":"messages","plural-forms":"nplurals=2; plural=n != 1;","lang":"de"},"Your new password has not been saved.":["Dein neues Passwort wurde nicht gespeichert."],"Hide":["Verstecken"],"Show":["Anzeigen"],"Show password":["Passwort anzeigen"],"Confirm use of weak password":["Best\u00e4tige die Verwendung eines schwachen Passworts."],"Hide password":["Passwort verbergen"]}},"comment":{"reference":"wp-admin\/js\/user-profile.js"}} ); var localeData = translations.locale_data[ domain ] || translations.locale_data.messages;
</script> localeData[""].domain = domain;
<script src=\'/wp-admin/js/user-profile.min.js?ver=5.6.4\' id=\'user-profile-js\'></script> wp.i18n.setLocaleData( localeData, domain );
<div class="clear"></div> } )( "default", {"translation-revision-date":"2021-07-01 19:25:16+0000","generator":"GlotPress\/3.0.0-alpha.2","domain":"messages","locale_data":{"messages":{"":{"domain":"messages","plural-forms":"nplurals=2; plural=n != 1;","lang":"de"},"Your new password has not been saved.":["Dein neues Passwort wurde nicht gespeichert."],"Hide":["Verstecken"],"Show":["Anzeigen"],"Show password":["Passwort anzeigen"],"Confirm use of weak password":["Best\u00e4tige die Verwendung eines schwachen Passworts."],"Hide password":["Passwort verbergen"]}},"comment":{"reference":"wp-admin\/js\/user-profile.js"}} );
</body> </script>
</html>'; <script src=\'/wp-admin/js/user-profile.min.js?ver=5.6.4\' id=\'user-profile-js\'></script>
} <div class="clear"></div>
} </body>
?> </html>';
}
}
?>