Community
Learn
Tools Library
AI Tools
Leisure
search
English
Home php教程 PHP源码 PHP Web Trojan Scanner

PHP Web Trojan Scanner

大家讲道理
大家讲道理
Nov 09, 2016 pm 02:32 PM 

<!--?php 
header(&#39;content-type:text/html;charset=gbk&#39;); 
set_time_limit(0);//防止超时 
/**
*
* php目录扫描监控增强版
*
* @version 1.0
*
下面几个变量使用前需要手动设置
*
**/
/*===================== 程序配置 =====================*/
$pass="test";//设置密码 
$jkdir="."; //设置监控扫描的目录,当前目录为&#39;.&#39;,上一级目录为&#39;..&#39;,也可以设置绝对路径,后面不要加斜杠,默认为当前目录 
$logfilename="./m.log";//设置存储log的路径,可以放置在任意位置 
$exclude=array(&#39;data&#39;,&#39;images&#39;);//排除目录 
$danger=&#39;eval|cmd|passthru|gzuncompress&#39;;//设置要查找的危险的函数 以确定是否木马文件 
$suffix=&#39;php|inc&#39;;//设置要扫描文件的后缀 
/*===================== 配置结束 =====================*/
    
$filename=$_GET[&#39;filename&#39;]; 
$check=$_GET[&#39;check&#39;]; 
$jumpoff=false; 
$url = $_SERVER[&#39;PHP_SELF&#39;]; 
$thisfile = end(explode(&#39;/&#39;,$url)); 
$jump="{$thisfile}|".implode(&#39;|&#39;,$exclude); 
$jkdir_num=$file_num=$danger_num=0; 
define(&#39;M_PATH&#39;,$jkdir); 
define(&#39;M_LOG&#39;,$logfilename); 
if ($check==&#39;check&#39;) 
{ 
$safearr = explode("|",$jump); 
$start_time=microtime(true); 
safe_check($jkdir); 
$end_time=microtime(true); 
$total=$end_time-$start_time; 
$file_num=$file_num-$jkdir_num; 
$message= " 文件数:".$file_num; 
$message.= " 文件夹数:".$jkdir_num; 
$message.= " 可疑文件数:".$danger_num; 
$message.= " 执行时间:".$total; 
echo $message; 
}else{ 
if ($_GET[&#39;m&#39;]=="del") Delete();//处理文件删除 
//读取文件内容 
if(isset($_GET[&#39;readfile&#39;])){ 
//输出查看密码,密码校验正确以后输出文件内容 
if(empty($_POST[&#39;passchack&#39;])){ 
   echo"<form id=\"form1\" name=\"form1\" method=\"post\"-->"
    . " <label>pass"
    . " <input type="\"text\"" name="\"passchack\"">"
    . " </label>"
    . " <input type="\"submit\"" name="\"Submit\"" value="\"提交\"">"
    . ""
   .""; 
   exit; 
}elseif(isset($_POST[&#39;passchack&#39;])&&$_POST[&#39;passchack&#39;]==$pass){ 
   $code=file_get_contents($_GET[&#39;readfile&#39;]); 
   echo"<textarea name="\"code\"" cols="\"150\"" rows="\"30\"" id="\"code\"" style="&#39;width:100%;height:450px;background:#cccccc;&#39;">{$code}</textarea>"; 
   exit; 
}else{ 
   exit; 
} 
    
}else{ 
record_md5(M_PATH); 
if(file_exists(M_LOG)){ 
        $log = unserialize(file_get_contents(M_LOG)); 
}else{ 
        $log = array(); 
} 
    
if($_GET[&#39;savethis&#39;]==1){ 
//保存当前文件md5到日志文件 
@unlink(M_LOG); 
file_put_contents(M_LOG,serialize($file_list)); 
echo "<a href="&#39;scandir.php&#39;">保存成功!点击返回</a>"; 
exit; 
} 
if(empty($log)){ 
echo "当前还没有创建日志文件!点击[保存当前]创建日志文件!"; 
}else{ 
if($file_list==$log){ 
   echo "本文件夹没有做过任何改动!"; 
}else{ 
   if(count($file_list) > 0 ){ 
    foreach($file_list as $file => $md5){ 
    if(!isset($log[$file])){ 
     echo "新增文件:<a href="{$file}" target="&#39;_blank&#39;">".$file."</a>"." 创建时间:".date("Y-m-d H:i:s",filectime($file))." 修改时间:".date("Y-m-d H:i:s",filemtime($file))." <a href="?readfile={$file}" target="&#39;_blank&#39;">源码</a><a href="&#39;?m=del&filename={$file}&#39;" target="&#39;_blank&#39;">删除</a><br>"; 
    }else{ 
     if($log[$file] != $md5){ 
     echo "修改文件:<a href="{$file}" target="&#39;_blank&#39;">".$file."</a>"." 创建时间:".date("Y-m-d H:i:s",filectime($file))." 修改时间:".date("Y-m-d H:i:s",filemtime($file))." <a href="?readfile={$file}" target="&#39;_blank&#39;">源码</a><br>"; 
    
     unset($log[$file]); 
     }else{ 
     unset($log[$file]); 
     } 
    } 
    } 
   } 
   if(count($log)>0){ 
    foreach($log as $file => $md5){ 
    echo "删除文件:<a href="{$file}" target="&#39;_blank&#39;">".$file."</a><br>"; 
    } 
   } 
    } 
} 
} 
} 
    
//计算md5 
function record_md5($jkdir){ 
        global $file_list,$exclude; 
        if(is_dir($jkdir)){ 
                $file=scandir($jkdir); 
                foreach($file as $f){ 
                        if($f!=&#39;.&#39; && $f!=&#39;..&#39; && !in_array($f, $exclude)){ 
                                $path = $jkdir.&#39;/&#39;.$f; 
                                if(is_dir($path)){ 
                                        record_md5($path); 
                                }else{ 
                                        $file_list[$path]=md5_file($path); 
                                } 
                        } 
                } 
        } 
} 
    
function Safe_Check($jkdir)//遍历文件 
{ 
global $danger ,$suffix ,$jkdir_num ,$file_num ,$danger_num; 
    
) or die(&#39;文件夹不存在&#39;) ; 
while ($file=$hand->read()) 
{ 
    $filename=$jkdir.&#39;/&#39;.$file; 
    if (!$jumpoff) { 
   if(Jump($filename))continue; 
    } 
    if(@is_dir($filename) && $file != &#39;.&#39; && $file!= &#39;..&#39;&& $file!=&#39;./..&#39;) 
    {   $jkdir_num++; 
    Safe_Check($filename); 
    } 
    if (preg_match_all ("/\.($suffix)/i",$filename,$out)) 
    { 
    
   $str=^^ `; 
   $fp = @fopen($filename,&#39;r&#39;)or die(&#39;没有权限&#39;); 
   while(!feof($fp)) 
   { 
   $str .= fgets($fp,1024); 
   } 
   fclose($fp); 
   if( preg_match_all ("/($danger)[ \r\n\t]{0,}([\[\(])/i",$str,$out)) 
   { 
   echo "<font color="&#39;green&#39;" style="&#39;font-size:14px&#39;">可疑文件:{$filename}</font>"." 创建时间:".date("Y-m-d H:i:s",filectime($filename))." 修改时间:".date("Y-m-d H:i:s",filemtime($filename))." <a href="&#39;?readfile={$filename}&#39;" target="&#39;_blank&#39;"><u>查看代码</u></a> <a href="&#39;?m=del&filename=$filename&#39;" target="&#39;_blank&#39;">删除</a><br>"; 
   $danger_num++; 
   } 
    } 
    $file_num++; 
} 
} 
function Edit()//查看可疑文件 
{ 
global $filename; 
$filename = str_replace("..","",$filename); 
$file = $filename; 
$content = ""; 
if(is_file($file)) 
{ 
    $fp = fopen($file,"r")or die(&#39;没有权限&#39;); 
    $content = fread($fp,filesize($file)); 
    fclose($fp); 
    $content = htmlspecialchars($content); 
    
} 
echo "<textarea name="&#39;str&#39;" style="&#39;width:100%;height:450px;background:#cccccc;&#39;">$content</textarea>\r\n"; 
exit(); 
} 
function Delete()//删除文件 
{ global $filename,$pass; 
if(empty($_POST[&#39;passchack&#39;])){ 
    echo"<form id="\"form1\"" name="\"form1\"" method="\"post\"">"
   . " <label>pass"
   . " <input type="\"text\"" name="\"passchack\"">"
   . " </label>"
   . " <input type="\"submit\"" name="\"Submit\"" value="\"提交\"">"
   . "</form>"
    .""; 
    exit; 
}elseif(isset($_POST[&#39;passchack&#39;])&&$_POST[&#39;passchack&#39;]==$pass){ 
   (is_file($filename))?($mes=unlink($filename)?&#39;删除成功&#39;:&#39;删除失败 查看权限&#39;):^^ `; 
   echo $mes; 
   exit(); 
}else{ 
   echo &#39;密码错误!&#39;; 
   exit; 
} 
} 
function Jump($file)//跳过文件 
{ 
global $jump,$safearr; 
if($jump != ^^ `) 
{ 
    foreach($safearr as $v) 
    { 
   if($v==^^ `) continue; 
   if( eregi($v,$file) ) return true ; 
    } 
} 
return false; 
} 
?> 
<a href="scandir.php">[查看文件改动]</a>|<a href="scandir.php?savethis=1">[保存当前文件指纹]</a>|<a href="scandir.php?check=check">[扫描可疑文件]</a>
Copy after login


Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

Video Face Swap

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Show More

Hot Article

Assassin's Creed Shadows: Seashell Riddle Solution
3 weeks ago By DDD
What's New in Windows 11 KB5054979 & How to Fix Update Issues
2 weeks ago By DDD
Where to find the Crane Control Keycard in Atomfall
3 weeks ago By DDD
Assassin's Creed Shadows - How To Find The Blacksmith And Unlock Weapon And Armour Customisation
1 months ago By DDD
Roblox: Dead Rails - How To Complete Every Challenge
3 weeks ago By DDD
Show More

Hot Tools

Notepad++7.3.1

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

SublimeText3 Mac version

God-level code editing software (SublimeText3)

Show More

Hot Topics

Where is the login entrance for gmail email?
7627
15
CakePHP Tutorial
1389
52
What is the format of the account name of steam
89
11
win11 activation key permanent
70
19
nyt connections hints and answers
31
140
Show More