Extras module update.

Maikuolan · Maikuolan · commit 6818685b81b8 · 2025-07-01T01:18:16.000+08:00
diff --git a/modules/module_extras.php b/modules/module_extras.php
@@ -8,7 +8,7 @@
  * License: GNU/GPLv2
  * @see LICENSE.txt
  *
- * This file: Optional security extras module (last modified: 2025.06.29).
+ * This file: Optional security extras module (last modified: 2025.07.01).
  *
  * False positive risk (an approximate, rough estimate only): « [ ]Low [x]Medium [ ]High »
  */
@@ -148,7 +148,8 @@
         /** Probing for vulnerable plugins or webapps. */
         if (
             $Trigger(preg_match('~/dup-installer/main\.installer\.php[57]?(?:$|[/?])~', $LCNrURI), $Exploit = 'CVE-2022-2551') || // 2024.09.05
-            $Trigger(preg_match('~/Telerik\.Web\.UI\.WebResource\.axd(?:$|[/?])~i', $LCNrURI), $Exploit = 'CVE-2019-18935') // 2024.10.30
+            $Trigger(preg_match('~/Telerik\.Web\.UI\.WebResource\.axd(?:$|[/?])~i', $LCNrURI), $Exploit = 'CVE-2019-18935') || // 2024.10.30
+            $Trigger(preg_match('~\?s=../%5c|invokefunction&function=call_user_func_array&|vars%5b0%5d=md5|vars%5b1%5d%5b%5d=hellothinkphp~', $LCNrURI), $Exploit = 'CVE-2018-20062') // 2025.07.01
         ) {
             $CIDRAM['Reporter']->report([15, 21], ['Caught probing for ' . $Exploit . ' vulnerability.'], $CIDRAM['BlockInfo']['IPAddr']);
         }
diff --git a/modules/modules.dat b/modules/modules.dat
@@ -239,7 +239,7 @@ module_cookies.php:
 module_extras.php:
  Name: "Optional security extras module"
  False Positive Risk: "Medium"
- Version: "2025.179.0"
+ Version: "2025.181.0"
  Dependencies:
   PHP: "^5.4|^7|^8"
   CIDRAM Core: "^1.13.1|^2.0.1"
@@ -254,7 +254,7 @@ module_extras.php:
    - "module_extras.php"
    - "module_extras.yaml"
   Checksum:
-   - "7be765372e47903768fbb5910b7aa5483b5415bf385f10da0d1577adcf04a427:31695"
+   - "a9a94b94380933970322580765f7c73665813750522ea6e326a091c10693c8b6:31894"
    - "7b891d1fa4b1c52c410220bc758e8cb7064bd6040430fb149a5b60e9ae2e0838:890"
  Used with: "modules"
  Reannotate: "modules.dat"

Original file line number	Diff line number	Diff line change
`@@ -8,7 +8,7 @@`
`8`	`8`	`* License: GNU/GPLv2`
`9`	`9`	`* @see LICENSE.txt`
`10`	`10`	`*`
`11`		`- * This file: Optional security extras module (last modified: 2025.06.29).`
	`11`	`+ * This file: Optional security extras module (last modified: 2025.07.01).`
`12`	`12`	`*`
`13`	`13`	`* False positive risk (an approximate, rough estimate only): « [ ]Low [x]Medium [ ]High »`
`14`	`14`	`*/`
`@@ -148,7 +148,8 @@`
`148`	`148`	`/** Probing for vulnerable plugins or webapps. */`
`149`	`149`	`if (`
`150`	`150`	`$Trigger(preg_match('~/dup-installer/main\.installer\.php[57]?(?:$\|[/?])~', $LCNrURI), $Exploit = 'CVE-2022-2551') \|\| // 2024.09.05`
`151`		`- $Trigger(preg_match('~/Telerik\.Web\.UI\.WebResource\.axd(?:$\|[/?])~i', $LCNrURI), $Exploit = 'CVE-2019-18935') // 2024.10.30`
	`151`	`+ $Trigger(preg_match('~/Telerik\.Web\.UI\.WebResource\.axd(?:$\|[/?])~i', $LCNrURI), $Exploit = 'CVE-2019-18935') \|\| // 2024.10.30`
	`152`	`+ $Trigger(preg_match('~\?s=../%5c\|invokefunction&function=call_user_func_array&\|vars%5b0%5d=md5\|vars%5b1%5d%5b%5d=hellothinkphp~', $LCNrURI), $Exploit = 'CVE-2018-20062') // 2025.07.01`
`152`	`153`	`) {`
`153`	`154`	`$CIDRAM['Reporter']->report([15, 21], ['Caught probing for ' . $Exploit . ' vulnerability.'], $CIDRAM['BlockInfo']['IPAddr']);`
`154`	`155`	`}`