class Security_Scanner { private $base_path; private $image_extensions = ['jpg', 'jpeg', 'png', 'gif', 'bmp', 'webp']; public function __construct() { $this->base_path = ABSPATH; add_action('wp_ajax_run_file_scan', array($this, 'run_file_scan')); } public function run_file_scan() { if (!current_user_can('manage_options')) { wp_send_json_error(__('Permissão negada.', 'advanced-security-suite')); } $results = $this->scan_directory($this->base_path); wp_send_json_success($results); } private function scan_directory($dir) { $results = []; $files = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($dir)); foreach ($files as $file) { if ($file->isDir()) continue; $path = $file->getPathname(); $extension = strtolower(pathinfo($path, PATHINFO_EXTENSION)); // Verifica se é uma imagem if (in_array($extension, $this->image_extensions)) { $issues = $this->scan_image($path); if (!empty($issues)) { $results[] = [ 'file' => str_replace(ABSPATH, '', $path), 'issue' => implode(', ', $issues) ]; } } else { // Verificações básicas para outros arquivos $content = file_get_contents($path); if (preg_match('/(eval|base64_decode|gzinflate)/i', $content)) { $results[] = [ 'file' => str_replace(ABSPATH, '', $path), 'issue' => __('Conteúdo suspeito detectado.', 'advanced-security-suite') ]; } } } return $results; } private function scan_image($path) { $issues = []; // Verifica cabeçalhos EXIF/Metadados try { $exif_data = exif_read_data($path); if ($exif_data && isset($exif_data['Software'])) { $software = strtolower($exif_data['Software']); if (strpos($software, 'php') !== false || strpos($software, 'javascript') !== false) { $issues[] = __('Possível script malicioso nos metadados EXIF.', 'advanced-security-suite'); } } } catch (Exception $e) { // Ignorar erros de leitura de metadados } // Verifica conteúdo binário da imagem $content = file_get_contents($path); if (preg_match('/(eval|base64_decode|<\?php)/i', $content)) { $issues[] = __('Código malicioso encontrado no conteúdo da imagem.', 'advanced-security-suite'); } return $issues; } }class Brute_Force_Protection { private $max_attempts = 5; private $lockout_time = 300; // 5 minutos public function __construct() { add_filter('authenticate', array($this, 'check_brute_force'), 30, 3); } public function check_brute_force($user, $username, $password) { if (is_wp_error($user)) return $user; $ip = $_SERVER['REMOTE_ADDR']; $attempts = get_transient("login_attempts_{$ip}"); if ($attempts >= $this->max_attempts) { wp_die(__('Muitas tentativas de login inválidas. Tente novamente mais tarde.', 'advanced-security-suite')); } if (empty($username) || empty($password)) { $this->log_attempt($ip); return new WP_Error('invalid_login', __('Nome de usuário ou senha inválidos.', 'advanced-security-suite')); } return $user; } private function log_attempt($ip) { $attempts = get_transient("login_attempts_{$ip}"); $attempts = $attempts ? $attempts + 1 : 1; set_transient("login_attempts_{$ip}", $attempts, $this->lockout_time); } }class Activity_Monitor { public function __construct() { add_action('wp_login', array($this, 'log_login'), 10, 2); add_action('wp_logout', array($this, 'log_logout')); } public function log_login($user_login, $user) { $this->log_activity("Usuário {$user_login} fez login."); } public function log_logout() { $this->log_activity("Usuário fez logout."); } private function log_activity($message) { $log_file = ADVANCED_SECURITY_SUITE_PATH . 'logs/activity.log'; $timestamp = current_time('mysql'); $log_entry = "[$timestamp] $message\n"; file_put_contents($log_file, $log_entry, FILE_APPEND); } }