Home > Backend Development > PHP Tutorial > PHP Security-Shell RFI Scanner_PHP Tutorial

PHP Security-Shell RFI Scanner_PHP Tutorial

WBOY
Release: 2016-07-13 17:30:41
Original
893 people have browsed it

/***************************************************************************
*   PHP Security-Shell RFI Scanner                                        *
*                                                                         *
*   Copyright (C) 2007 by pentest                                         *
*                                                                         *
*   http://security-shell.uni.cc                                          *
*                                                                         *
*   This program is free software; you can redistribute it and/or modify *
*   it under the terms of the GNU General Public License as published by *
*   the Free Software Foundation; either version 2 of the License, or     *
*   (at your option) any later version.                                   *
*                                                                         *
*   This program is distributed in the hope that it will be useful,       *
*   but WITHOUT ANY WARRANTY; without even the implied warranty of        *
*   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the         *
*   GNU General Public License for more details.                          *
*   Test over by cnfjhh                                                   *
***************************************************************************/
   
    $escan_inc_regex   = array( /include(_once)?.$/ix, /require(_once)?.$/ix );
    /* Regex to extract the names of variables */
    $escan_var_regex   = array( /Ainclude(_once)?./is, /Arequire(_once)?./is );
    /* Array of file extensions to scan */
    $escan_valid_ext   = array( php );
    /* Maximum size of a file to scan, scans all if 0 */
    $escan_max_size    = 0;
    /* Counter crawled directory */
    $escan_dir_count   = 0;
    /* Perpetual scanned files */
    $escan_file_count = 0;
    /* Perpetual potential rfi found */
    $escan_match_count = 0;
    /*Perpetual crawled total bytes */
    $escan_byte_count = 0;

    escan_banner();


    if( $argc < 2 ){
        escan_usage($argv[0]);
    }
    else{  

        $stime = escan_get_mtime();

        escan_recurse_dir( realpath($argv[1]).DIRECTORY_SEPARATOR );

        $etime = escan_get_mtime();

        print " @ Scan report : " .
              " $escan_dir_count directory . ".
              " $escan_file_count file . ".
              " " . escan_format_size($escan_byte_count) . " . ".
              " $escan_match_count Potential RFI . ".
              " ".($etime-$stime) . " Second Processing . ";
    }

    /* A string formats in a magnitude expressed in bytes */
    function escan_format_size($bytes)
    {
        if( $bytes < 1024       ) return "$bytes bytes";
        if( $bytes < 1048576    ) return ($bytes / 1024) . " Kb";
        if( $bytes < 1073741824 ) return ($bytes / 1048576) . " Mb";
       
        return ($bytes / 1073741824) . " Gb";
    }
   
    /* Returns the timestamp in seconds */
    function escan_get_mtime()
    {
        list($usec, $sec) = explode(" ",microtime());
        return ((float)$usec + (float)$sec);
    }

    /* Extracts line of code inclusion */
    function escan_scan_line($content,$offset)
    {
        list( $line, $dummy ) = explode( ";" , substr($content,$offset,strlen($content)) );
       
      

www.bkjia.comtruehttp://www.bkjia.com/PHPjc/509166.htmlTechArticle?php /*************************************************************************** * PHP Security-Shell RFI Scanner * * * * Copyright (C) 2007 by pentest * * * * http://security-she...
Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template