hPf(dZddlZddlZddlZddlZddlZddlZddlZddlZddl m Z ddl m Z ddl mZddlmZddlmZmZddlmZmZdd lmZdd lmZmZmZdd lmZm Z m!Z!m"Z"m#Z#m$Z$m%Z%dd l&m'Z'm(Z(m)Z)m*Z*m+Z+m,Z,m-Z-m.Z.m/Z/dd l0m1Z1ej2e3Z4edZ5de6dej7de6fdZ8dej7fdZ9dej:fdZ;d(dede?fdZ@dZAdefdZBdedeCfdZDdZEd ZFd!e. Copyright © 2019 Cloud Linux Software Inc. This software is also available under ImunifyAV commercial license, see N) defaultdict) LooseVersion)Path) inactivity)MalwareScanScheduleMalwareScanScheduleInterval)atomic_rewrite check_run)WPSite)cli telemetryPLUGIN_VERSION_FILE)build_command_for_usercalculate_next_scan_timestamp$clear_get_cagefs_enabled_users_cache get_last_scanget_malware_historyprepare_scan_data get_data_dir) delete_siteget_outdated_sitesget_sites_for_userget_sites_to_install%get_sites_to_mark_as_manually_deletedget_sites_to_uninstallinsert_installed_sitesmark_site_as_manually_deletedupdate_site_version)setup_site_authenticationzD/var/lib/cloudlinux-app-version-detector/components_versions.sqlite3items user_inforeturnct|}d|D}|D]Dfd|D}|r1t|t}||E|S)Nci|]}|gSr%).0paths J/opt/imunify360/venv/lib/python3.11/site-packages/imav/wordpress/plugin.py zsite_search..Ks . . .4dB . . .c,g|]}||Sr%r%)r&r'itemmatchers r( zsite_search..Ns*MMM4t9L9LM$MMMr*)key)rmaxlenappend)r r!r- user_sitesresultmatching_sitesmost_specific_siter,s ` @r( site_searchr7Hs#I..J . .: . . .F44MMMMM:MMM  4!$^!=!=!=  % & - -d 3 3 3 Mr*cKt||jd{V}|dd}d}tjt jkrt}t|j}t||d}|||fS)N scan_datecP|ddko|d|S)N resource_typefile) startswith)r,r's r(z)_get_scan_data_for_user..ks-40F:* L # #D ) )r*) rpw_namegetrINTERVALIntervalNONErrr7)sinkr! last_scanlast_scan_timenext_scan_timemalware_historymalware_by_sites r(_get_scan_data_for_userrJXs#D)*;<<<<<<<? ::r* semaphorecK|4d{V |d{Vn4#t$r'}td|Yd}~nd}~wwxYwdddd{VdS#1d{VswxYwYdS)NzTelemetry task failed: ) Exceptionloggererror)cororKes r(_send_telemetry_taskrRrs+88888888 8JJJJJJJJ 8 8 8 LL6166 7 7 7 7 7 7 7 7 8888888888888888888888888888888s5AA AAAAA A'*A' coroutinescK|sdStj|fd|D} tj|d{VdS#t$r(}td|Yd}~dSd}~wwxYw)zK Process a list of telemetry coroutines with a concurrency limit.s NcTg|]$}tjt|%Sr%)asyncio create_taskrR)r&rPrKs r(r.z+process_telemetry_tasks..s?     0yAABB   r*zSome telemetry tasks failed: )rW SemaphoregatherrMrNrO)rT concurrencytasksrQrKs @r(process_telemetry_tasksr]zs !+..I       E :ne$$$$$$$$$$ ::: 8Q88999999999:sA A3 A..A3c dKtdt}t}t}g}tjd5 t t}|s2 t|t|d{VddddStt}|D]"}||j  |#|D]\}} tj|} | j} nP#t$$rC} t'jdt-| || dYd} ~ kd} ~ wwxYwt/|| d{V\} }}| D]v}t1||d{Vr t3j|d{V}|s+t'jd| dbt7| || ||}t9||d{Vt;|| ||d{Vt3j|d{Vt3j|d{V}|s| |n(| tCj"||| tGj$|d || D#t$$r'} t%d || Yd} ~ pd} ~ wwxYw td t-||r(t&dt-|nf#tNj($r+tdt-|Yn-t$$r!} t%d| d} ~ wwxYwt|t|d{Vn)#t|t|d{VwxYw ddddS#1swxYwYdS)zLInstall the imunify-security plugin for all sites where it is not installed.z%Installing imunify-security wp pluginzwp-plugin-installationNzSkipping installation of WordPress plugin on {count} site(s) because they belong to user {user} and it is not possible to retrieve username for this user. Reason: {reason}countuserreasonwarninglevelz:WordPress site is not accessible using WP CLI. site={site})siteinstalled_by_imunifyrDeventrfversionz,Failed to install plugin to site=%s error=%rz0Installed imunify-security wp plugin on %d siteszFailed to authenticate %d siteszXInstallation imunify-security wp plugin was cancelled. Plugin was installed for %d sitesz3Error occurred during plugin installation. error=%r))rNinfosetrtracktaskrrrr]rlistuidr2r pwdgetpwuidr?rM sentry_sdkcapture_messageformatr1rJremove_site_if_missingr is_wordpress_installedrupdate_scan_data_fileupdate_site_authplugin_installget_plugin_versionaddr build_with_versionr send_eventrOrcrWCancelledError)rD installed authenticatedfailedtelemetry_coros to_install sites_by_userrfrpsitesr!usernamerOrFrGrIrw scan_datarjs r(install_everywherers KK7888IEEM UUFO    7 8 8z;z;y ; 0 2 2 2-//J b #9 - - -)/:: : : : : : : :uz;z;z;z;z;z;z;z;(--M" 5 5dh'..t4444,1133R R  U # S 1 1I(0HH   .DEKF"%e**!$#(EKEE (    HHHH $2$ BBBBBBBB ""#"::D3D$????????! 7#&"t(D(D"D"D"D"D"D"D&%MM$////%MM & 9$ H H (..%0%)&<%)(/ % J !k:v KKBI    5KK%    KK.I          LLEu       #9 - - -)/:: : : : : : : : : #9 - - -)/:: : : : : : : : : :uz;z;z;z;z;z;z;z;z;z;z;z;z;z;z;z;z;z;s(P%*M# $P%:AM#D*)M#* E749E2-M#2E779M#1AK7M#8C KM# L $L M#L AM#"O.#7OO. O%OOO. %P%.&PP%%P),P)c tjs"tdtdStjS#t $r&}td|Yd}~dSd}~wwxYw)zLGet the latest version of the imunify-security plugin from the version file.z&Plugin version file does not exist: %sNz&Failed to read plugin version file: %s)rexistsrNrO read_textstriprM)rQs r(get_latest_plugin_versionrs ")++  LL8:M   4",..44666  =qAAAttttts3A$A B &BB c Kt}|stddStd|t }g}t jd5 t|}tdt|d|s# t|d{VddddStt}|D]"}||j |#|D]\}} t!j|} | j} n3#t&$r&} td|| Yd} ~ Nd} ~ wwxYwt)|| d{V\} } }|D]t}t+||d{Vr t-j|d{Vstd|Qt1| | | ||}t3||d{Vt-j|d{V||t-j|d{V}|r{|j}t=||||}tA|tA|k}|tCj"||rd nd || B#t&$r'} td || Yd} ~ nd} ~ wwxYwtd t|nf#tFj$$r+tdt|Yn-t&$r!} td| d} ~ wwxYwt|d{Vn#t|d{VwxYw ddddS#1swxYwYdS)zFUpdate the imunify-security plugin on all sites where it is installed.z)Could not determine latest plugin versionNzt(D(D"D"D"D"D"D"D"/3|,0g>>>$(#:#:7#C#CD,8 ',, ,-= > >,?L ,22 ) 4)-'3+>*A*A)=)-,3 !"!"!"   % I !q=~ KK@G     %    KK+G           LL?      */:: : : : : : : : :)/:: : : : : : : : : :er;r;r;r;r;r;r;r;r;r;r;r;r;r;r;r;r;r;s9O;>=  0 2 2 2566O"  @AAA>>>>>>>>(--M' 5 5dh'..t4444E+1133   U # S 1 1I %++/ )Wf   T**** + !   .DEKF"%e**!$#(EKEE (    HHHH   N1c%jj.99 E Ea!n"445neDtDDDDDDDDDD KKJG F      %    KK(G           LLF N N N  y>>>>>>>>>>>>>>>>>>suI78H AH5AD65H6 F9E>9H>FBHI77I';I7= I'I""I''I77I;>I;cK t||d{V||dS#t$r<}||td||Yd}~dSd}~wwxYw)z/Process authentication setup for a single site.Nz*Failed to update auth for site=%s error=%s)rr|rMrNrO)rfr!rrrOs r(ryrys  'i888888888 D     4 8            s+1 A71A22A7cKtj|jrdSt j|d||jd{Vt|dS)a Checks if the site directory exists. If not, sends a 'site_removed' telemetry event and removes the site from the local database. Returns True if the site was removed (directory missing), False otherwise. Parameters: sink: The telemetry/event sink. site: The WPSite object to check and potentially remove. Side effect: If the site is missing, it will be removed from the database and a telemetry event will be sent. F site_removedrhNT)rr'isdirdocrootr r~rjr)rDrfs r(rvrvs} w}}T\""u   dDL    4r*)rS)M__doc__rWrloggingrrqrsrr collectionsrdistutils.versionrpathlibrdefence360agent.apir defence360agent.contracts.configrrrBdefence360agent.utilsr r imav.model.wordpressr imav.wordpressr r rimav.wordpress.utilsrrrrrrrimav.wordpress.site_repositoryrrrrrrrrrimav.wordpress.proxy_authr getLogger__name__rNCOMPONENTS_DB_PATHdict struct_passwdr7rJrYrRror]rrrrrintrrrrrxrryboolrvr%r*r(rs*   ######************<;;;;;;;''''''>>>>>>>>>>                      @?????  8 $ $TJ t (9 t     ;33D;;;;480A8888::d::::&C;C;C;L 3    @;@;@;F9F9999 11#1111h ; ; ;F;;;60DL0000f=f=====@EEEP    Vr*