Sumber Kode

Vulnerable Scan Web

  • anonymous
  • Dec 18' 13
  • PHP
  • 1102
  • 5
  • United States

be carefull use this source code, put in root folder and run it, this source code can search vulnerable srcipt of your website .

 

Carefull !

 

<?php
 


//if($_SERVER['REMOTE_ADDR'] !== '127.0.0.1') exit('Forbidden');  // 

$StartPath = './';


# TRUE  = report shows full file paths such as /home/userid/public_html/blog/...
# FALSE = report shows relative file paths such as ./blog/...

$UseAbsoluteFilePaths = TRUE;


# These set maximum execution time, in seconds. The script can take a while.
# These have no effect if you run PHP in "safe mode" (safe mode is usually undesirable). 
# Set to '0' for unlimited.

ini_set('max_execution_time', '300');
ini_set('set_time_limit', '300');

ini_set('display_errors', '1');		# 1=TRUE, ensure that you see errors such as time-outs.


/*
The timezone must be given a value (any legal value) to avoid a PHP 
warning 
every time the date() function is called.
Ideally, you should enter in the line below the correct timezone 
that your server uses for its file timestamps.
The PHP manual at http://www.php.net/manual/en/timezones.php 
has list of supported timezone strings.
*/

date_default_timezone_set('Asia/Jakarta');


/*
The program can optionally search for files with suspicious 
last-modified timestamps.
To use that feature, define here the time window you consider 
suspicious,
such as the period during which you know files were being modified by a 
hack.
The search for suspicious timestamps is not performed 
unless you define a more recent time window here than the examples 
shown.

REQUIRED FORMAT is "YYYY-MM-DD HH:MM:SS" 
*/

$TimeRangeStart = '1980-04-09 05:01:05';
$TimeRangeEnd   = '1980-04-10 23:59:59';


# TEXT COLORS IN AN ARRAY, TO MAKE IT EASIER TO CHANGE THEM.

$Colors = array
(
	'timestamp'  => '#808080',	# FILE TIMESTAMPS
	'filename'   => 'blue',		# FILE PATHS AND NAMES
	'suspicious' => 'red',		# WARNINGS, AND REGULAR EXPRESSIONS
	'status'     => 'green',	# STATUS MESSAGES
	'snippet'    => 'black'		# TEXT OF SUSPICIOUS SNIPPETS
);

# ================================================================================
# GLOBAL VARIABLES
# ================================================================================

# Besides being useful, reporting the counts helps ensure that 
# new recursion methods work the same as the old.

$FilesCount = 0;
$FilesMatchedCount = 0;
$DirectoriesCount = 0;
$DirectoriesMatchedCount = 0;

# This array must be global because the function that builds it is re-entrant.

$AllFilesToProcess = array();	


?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" 
"http://www.w3.org/TR/html4/loose.dtd">
<head> 
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> 
<meta http-equiv="Content-Language" content="en-us">
<title>Check Vurnerable Script - Pasar Kode</title> 
</head> 

<body> 
<p>Check Vurnerable Script - Pasar Kode </p> 
<p>This script looks for traces of malicious code including code 
injections,modified .htaccess that makes images executable, and so on.</p> 
<p>

<?php 

$RealPath = GetCanonicalPath($StartPath);
if($RealPath === FALSE)
	exit(CleanColorText("Cannot continue. The starting directory is 
inaccessible to PHP.", $Colors['suspicious']) . "<br>");
if($UseAbsoluteFilePaths)
	$StartPath = $RealPath;


# ================================================================================
# START OF SEARCH ROUTINES. 
# ================================================================================
/*
This
 program does two things: 1) finds files, and 2) does something with 
each one.

When designing a search, the two questions to ask are: 

1) Which types of files (by their names) do I want to find or perform an
 action on?
2) What action do I want to do on each one?

Each search requires these data items to be defined:

1) An array that is a list of Perl-Compatible Regular Expressions (PCRE)
 of filenames to match. 
   The program searches directories for all the filenames that match any
 of the regexes.

2) Another array that is a list of PCREs of fullpaths NOT to match. 
   This allows excluding files in certain directories.
   If a file's NAME matches any regex in list 1) 
   and its PATH+NAME does NOT match any regexes list 2) (the 
exclusions), 
   its name gets passed to the handler function.

3) The handler function. It can perform any action you want on the file 
whose name is given to it.
   Some of the handler functions below merely report that the filename 
is suspicious, but do nothing else.
   Another handler searches the file extensively for malicious snippets 
and reports each one found.
   You could write a handler that automatically cleans the snippet out 
of the file, 
   or even deletes the file automatically. The handler can do anything.

*/

# ================================================================================
# 1) SUSPICIOUS FILENAMES.
# Files with these strings in their *names* will be reported as suspicious.
# There is currently no method provided to check for suspiciously named folders.
# ================================================================================
# FILENAMES TO MATCH

$FileMatchRegexes = array
(
	'/root/i',
	'/kit/i',
	'/c(99|100)/i',
	'/r57/i',
	'/gifimg/i'
);
# AND FULLPATHS TO EXCLUDE FROM EXAMINATION

$FullpathExcludeRegexes = array
(
	'#lookforbadguys.php$#i'
);

# --------------------------------------------------------------------------------
# HANDLER FUNCTION - THIS IS THE ACTION PERFORMED ON A FILE WHOSE NAME IS A MATCH.

function badnames($filename) 
{ 
	global $Colors;
	
	echo 
		CleanColorText(date('Y-m-d H:i:s ', filemtime($filename)), $Colors['timestamp']) . 
		CleanColorText($filename, $Colors['filename']) . 
		" is a " . 
		CleanColorText('suspicious file name', $Colors['suspicious']) . 
".<br>"; 
}   

# --------------------------------------------------------------------------------
# THIS CODE ACTUALLY DOES THE SEARCH.

echo CleanColorText("Searching for files with suspicious names...",$Colors['status']) . "<br>";

FindAndProcessFiles($StartPath, $FileMatchRegexes, $FullpathExcludeRegexes, 'badnames'); 


# ================================================================================
# 2) WORDPRESS PHARMA HACK SUSPICIOUS FILENAMES.
# Files matching these names will be reported as possible pharma hack files.
# Regexes are based on the naming conventions described at 
# http://www.pearsonified.com/2010/04/wordpress-pharma-hack.php
# ================================================================================
# FILENAMES TO MATCH

$FileMatchRegexes = array
(
	'/^..*(cache|bak|old).php/i',	# HIDDEN FILES WITH PSEUDO-EXTENSIONS IN THE MIDDLE OF THE FILENAME
	'/^db-.*.php/i',

	# Permit the standard WordPress files that start with class-, but flag all others as suspicious.	
	# The (?!) is called a negative lookahead assertion. It means "not followed by..."

	
'/^class-(?!snoopy|smtp|feed|pop3|IXR|phpmailer|json|simplepie|phpass|http|oembed|ftp-pure|wp-filesystem-ssh2|wp-filesystem-ftpsockets|ftp|wp-filesystem-ftpext|pclzip|wp-importer|wp-upgrader|wp-filesystem-base|ftp-sockets|wp-filesystem-direct).php/i'
);
# AND FULLPATHS TO EXCLUDE FROM EXAMINATION

$FullpathExcludeRegexes = array
(
	'#lookforbadguys.php$#i'
);

# --------------------------------------------------------------------------------
# HANDLER FUNCTION - THIS IS THE ACTION PERFORMED ON A FILE WHOSE NAME IS A MATCH.
function pharma($filename) 
{ 
	global $Colors;

	echo 
		CleanColorText(date('Y-m-d H:i:s ', filemtime($filename)),$Colors['timestamp']) . 
		CleanColorText($filename, $Colors['filename']) . 
		" is most likely a " . 
		CleanColorText('pharma hack', $Colors['suspicious']) . ".<br>"; 
} 

# --------------------------------------------------------------------------------
# THIS CODE ACTUALLY DOES THE SEARCH.

echo 
	"<br>" . 
	CleanColorText("Searching for files with names related to Wordpress pharma hack...", $Colors['status']) . 
	"<br>";

FindAndProcessFiles($StartPath, $FileMatchRegexes,$FullpathExcludeRegexes, 'pharma'); 

# ================================================================================
# 3) MALICIOUS CODE SNIPPETS.
# Search text files for snippets of malicious code and report all that are found.
# ================================================================================
# FILENAMES TO MATCH
# Ideally, this list should contain all common extensions of text files
# that can become hazardous when malicious text is injected into them.

$FileMatchRegexes = array
(
	'/.htaccess$/i',
	'/.php[45]?$/i',
	'/.html?$/i',
	'/.aspx?$/i',
	'/.inc$/i',
	'/.cfm$/i',
	'/.js$/i',
	'/.txt$/i',
	'/.css$/i'
);
# AND FULLPATHS TO EXCLUDE FROM EXAMINATION

$FullpathExcludeRegexes = array
(
	'#lookforbadguys.php$#i'
);

# --------------------------------------------------------------------------------
# HANDLER FUNCTION - THIS IS THE ACTION PERFORMED ON A FILE WHOSE NAME IS A MATCH.

function FindMaliciousCodeSnippets($filename) 
{ 
	global $Colors;

	if(!is_readable($filename))
	{
		echo "Warning: Unable to read " . CleanColorText($filename, $Colors['filename']) . 
		". Check it manually and check its access permissions.<br>";
		return;
	}

	# READ THE FILE INTO A STRING, WITH LINE ENDS REMOVED AND WHITESPACE COMPRESSED.
	$file = file_get_contents($filename);  
	$file = preg_replace('/s+/', ' ', $file);  

	# The file is searched for each of these snippets of suspicious text.
	# These are regular expressions with the required /DELIMITERS/ and with metachars escaped.
	# /i at the end means case insensitive. 
	# PHP function names are case-insensitive.
	# If your regex itself contains / chars, you can use a different 
	# char as a delimiter like this: '#delimited#i' to avoid confusion.
	
	$SuspiciousSnippets = array
	(
		# POTENTIALLY SUSPICIOUS CODE

		'/edoced_46esab/i',
		'/passthrus*(/i',
		'/shell_execs*(/i',
		'/document.writes*(unescapes*(/i',

		# THESE CAN GIVE MANY FALSE POSITIVES WHEN CHECKING WORDPRESS AND OTHER CMS.
		# NONETHELESS, THEY CAN BE IMPORTANT TO FIND, ESPECIALLY BASE64_DECODE.

		# THIS IS MUCH MORE SUSPICIOUS IF THE MATCHED TEXT CONTAINS THE EVAL() CODE.

		'/(evals*(.{0,40})?base64_decodes*(/i',

		'/systems*(/i',		

		# --------------------		
		# OCCURRENCES OF POSSIBLE PCRE PATTERNS WITH
		# THE -e (EVAL) PATTERN MODIFIER THAT IS USED BY PREG_REPLACE.

		# (1) VARIABLE DEFINITIONS CONTAINING PCRE PATTERNS USING THE 'e' OPTION,
		# FOLLOWED FAIRLY CLOSELY BY A CALL TO PREG_REPLACE.
		# THE 2 VARIATIONS ALLOW FOR SINGLE AND DOUBLE-QUOTES IN THE VARIABLE DECLARATION.

		
'#$S+s*=s*[x22]([^A-Za-z0-9[:space:]x5Cx22])[^x22]{0,75}1[imsxADSUXJu]*e.{0,75}[pP][rR][eE][gG]_[rR][eE][pP][lL][aA][cC][eE]s*(#',
	# CASE-SENSITIVE REQUIRED

		
'#$S+s*=s*[x27]([^A-Za-z0-9[:space:]x5Cx27])[^x27]{0,75}1[imsxADSUXJu]*e.{0,75}[pP][rR][eE][gG]_[rR][eE][pP][lL][aA][cC][eE]s*(#',
	# CASE-SENSITIVE REQUIRED

		# (2) PREG_REPLACE CALLS THAT USE THE -e OPTION.
		# THE 2 VARIATIONS ALLOW FOR SINGLE AND DOUBLE-QUOTES AROUND THE PCRE PATTERN.

		
'#[pP][rR][eE][gG]_[rR][eE][pP][lL][aA][cC][eE]s*(s*[x22]([^A-Za-z0-9[:space:]x5C])[^x22]{0,75}1[imsxADSUXJu]*e#',
	# CASE-SENSITIVE REQUIRED

		
'#[pP][rR][eE][gG]_[rR][eE][pP][lL][aA][cC][eE]s*(s*[x27]([^A-Za-z0-9[:space:]x5C])[^x27]{0,75}1[imsxADSUXJu]*e#',
	# CASE-SENSITIVE REQUIRED
		# --------------------		

		# PHP BACKTICK OPERATOR INVOKES SYSTEM FUNCTIONS, SAME AS system(),
		# BUT THIS TEST CAN PRODUCE MANY FALSE POSITIVES BECAUSE 
		# BACKTICKS ARE ALSO DATABASE,TABLE,FIELD NAME DELIMITERS IN SQL QUERIES.
		# MATCHED TEXT IS SUSPICIOUS IF IT CONTAINS OPERATING SYSTEM COMMANDS.
		# USUALLY NOT SUSPICIOUS IF IT CONTAINS DATABASE TABLE OR FIELD NAMES.

		'/`[^`]+`/',		

		'/phpinfos*(/i',

								# THIS SET GENERATES MANY FALSE POSITIVES
		'/chmods*(/i',
		'/mkdirs*(/i',
		'/fopens*(/i',
		'/fcloses*(/i',
		'/readfiles*(/i',

								# THESE WERE PREVIOUSLY SPECIAL CASES; NOW MOVED INTO THIS ARRAY.
		'/RewriteRules/i',		# SUSPICIOUS IF THE DESTINATION IS A DIFFERENT SITE OR SUSPICIOUS FILE.
		'/AddHandlers/i',		# THIS CAN MAKE IMAGE OR OTHER FILES EXECUTABLE.


		# JAVASCRIPT SNIPPETS WHOSE SRC= REFERENCES AN HTTP:// SOURCE OTHER THAN ONES KNOWN TO BE SAFE.
		# EVEN WITH EXCEPTIONS, THIS CAN GIVE MANY FALSE POSITIVES.
		
'@<script[^>]+src=[x22x27]?http://(?!(www.(google-analytics|gmodules).com|pagead2.googlesyndication.com/pagead/|(ws.|((www|cls).assoc-))amazon.com/))[^>]*>@i',
			


		# IFRAMES, WITH A KNOWN-HARMLESS EXCLUSION. 
		# IFRAME SEARCH CAN GIVE MANY FALSE POSITIVES IN SOME WEBSITES.

		
'@<iframe[^>]+src=[x22x27]?http://(?!(rcm.amazon.com/))[^>]*>@i',
			


		# SUSPICIOUS NAMES. SOME HACKERS SIGN THEIR SCRIPTS. MANY NAMES COULD BE PUT INTO THIS LIST.
		# HERE IS A GENERIC EXAMPLE OF TEXT FROM A DEFACED WEB PAGE.

		'/hacked bys/i',

		# OTHER SUSPICIOUS TEXT STRINGS

		'/web[s-]*shell/i',	# TO FIND BACKDOOR WEB SHELL SCRIPTS.
		'/c(99|100)/i',			# THE NAMES OF SOME POPULAR WEB SHELLS.
		'/r57/i',
		
		# YOU COULD/SHOULD ADD TO THIS LIST SOME REGULAR EXPRESSIONS TO MATCH THE NAMES OF 
		# MALICIOUS DOMAINS AND IP ADDRESSES MENTIONED IN YOUR 
		# GOOGLE SAFE BROWSING DIAGNOSTIC REPORT. 
		# SOME EXAMPLES:

		'/gumblar.cn/i',
		'/martuz.cn/i',
		'/beladen.net/i',
		'/gooqle/i',			# NOTE THIS HAS A Q IN IT.
#		'/127.0.0.1/',		# COMMENTED-OUT EXAMPLE OF AN IP ADDRESS REGEX

		# THESE 2 ARE THE WORDPRESS CODE INJECTION IN FRONT OF EVERY INDEX.PHP AND SOME OTHERS 

		'/_analist/i',			# EACH LIST ENTRY MUST BE TERMINATED WITH A COMMA...
		'/anaiytics/i'			# EXCEPT THE LAST ENTRY MUST NOT HAVE A COMMA.

		
	);

	# ACCUMULATES ALL THE WARNING MESSAGES FOR THIS FILE.
	$OutputText = array
	(
		
		CleanColorText(date('Y-m-d H:i:s ', filemtime($filename)), $Colors['timestamp']). 
		CleanColorText($filename, $Colors['filename'])
		
	);

	# SEARCH THE FILE FOR EACH OF THE ABOVE SNIPPETS.
	foreach($SuspiciousSnippets as $snippet) 
	{
		$matches = array();
		if($matchcount = preg_match_all($snippet, $file, $matches, PREG_PATTERN_ORDER | PREG_OFFSET_CAPTURE))	
		{
			$i = 0;
			foreach($matches[0] as $occurrence)	# $occurrence is an array itself 0=>string, 1=>offset
			{
				$i++;
				# THE 80 CHARACTERS AFTER START OF MATCH INSTANCE
				$s = substr($file, $occurrence[1], 80);	
				$newline = (($i === 1) ? '<br><br>' : '<br>');
				$OutputText[] = $newline . 
								CleanColorText("Regex ($i of $matchcount): ",$Colors['snippet']) . 
								CleanColorText($snippet, $Colors['suspicious']) . 
								CleanColorText(": " . $s, $Colors['snippet']); 
			}
		}
	}
	
	# REPORT ALL THREAT MESSAGES AT ONCE, IF THERE WERE ANY.
	# TO PRINT EVERY FILENAME EXAMINED, MAKE THE THRESHOLD 0.
	


	if(count($OutputText) > 1)
	{$file = fopen("pasarkode.html", "a");
    
        
		foreach($OutputText as $s)
		echo $s;
		echo '<br><br>';fwrite($file, $s);

	}
	
} 

# --------------------------------------------------------------------------------
# THIS CODE ACTUALLY DOES THE SEARCH.

echo 
	"<br>" . 
	CleanColorText("Searching for files containing suspicious code or other text...", $Colors['status']) . 
	"<br>";

FindAndProcessFiles($StartPath, $FileMatchRegexes, $FullpathExcludeRegexes, 'FindMaliciousCodeSnippets');
































# ================================================================================
# 4) SUSPICIOUS TIMESTAMPS.
# If you have found hacked files with timestamps showing that they were all modified
# at about the same date and time, you can use this routine to locate other files 
# that were modified at about the same time. 
# Define the suspicious time range in the User Configuration section near top of this script.
# Files with timestamps within that date/time range will be reported as suspicious.
# ================================================================================
# FILENAMES TO MATCH

$FileMatchRegexes = array
(
	'/.htaccess$/i',
	'/.php[45]?$/i',
	'/.html?$/i',
	'/.aspx?$/i',
	'/.inc$/i',
	'/.cfm$/i',
	'/.js$/i',
	'/.txt$/i',
	'/.pl$/i',
	'/.cgi$/i',
	'/.css$/i'
);
# AND FULLPATHS TO EXCLUDE FROM EXAMINATION

$FullpathExcludeRegexes = array
(
	'#lookforbadguys.php$#i'
);

# --------------------------------------------------------------------------------
# HANDLER FUNCTION - THIS IS THE ACTION PERFORMED ON A FILE WHOSE NAME IS A MATCH.

function SuspiciousTimestamp($filename) 
{ 
	global $TimeRangeStart, $TimeRangeEnd, $Colors;

	$lastmod = date('Y-m-d H:i:s', filemtime($filename)); 
	if(($lastmod >= $TimeRangeStart) && ($lastmod <= $TimeRangeEnd))
	{
		echo 
			CleanColorText($lastmod . ' ', $Colors['timestamp']) . 
			CleanColorText($filename, $Colors['filename']) . 
			" has a " . 
			CleanColorText('suspicious timestamp', $Colors['suspicious']) . 
".<br>"; 
	}
}   

# --------------------------------------------------------------------------------
# THIS CODE ACTUALLY DOES THE SEARCH.

# TO AVOID WASTING TIME WHEN A TIMESTAMP SEARCH ISN'T NEEDED,
# THIS CODE DOES NOT RUN UNTIL A MORE RECENT TIME WINDOW HAS BEEN DEFINED 
# IN THE USER CONFIGURATION SECTION NEAR THE TOP OF THE SCRIPT.

if(substr($TimeRangeStart, 0, 4) > '1980')
{
	echo 
		"<br>" . 
		CleanColorText("Searching for files with timestamps in the suspicious 
date/time range...", 
			$Colors['status']) .
		"<br>";

	FindAndProcessFiles($StartPath, $FileMatchRegexes, $FullpathExcludeRegexes, 'SuspiciousTimestamp'); 
}

# ================================================================================
# END OF THE SEARCH ROUTINES
# ================================================================================
# ================================================================================
# FUNCTION LIBRARY
# -------------------------------------------------------------------------------
# Output text in specified color, cleaning it with htmlentities().
# Malicious text snippets could by definition be hazardous, so 
# always use this to put text on the web page  
# unless it is going into a text (input) box or textarea.

function CleanColorText($text, $color)
{
	$outputcolor = 'black';
	$color = trim($color);
	if(preg_match('/^(red|blue|green|black|#[0-9A-F]{6})$/i', $color))
		$outputcolor = $color;
	return '<span style="color:' . $outputcolor . ';">' . 
htmlentities($text, ENT_QUOTES) . '</span>';
}

# --------------------------------------------------------------------------------

function
 ResetCounts()
{
	global $FilesCount, $FilesMatchedCount, 
			$DirectoriesCount, $DirectoriesMatchedCount, $AllFilesToProcess, 
$Colors;

	$FilesCount = $FilesMatchedCount = $DirectoriesCount = 
$DirectoriesMatchedCount = 0;
	$AllFilesToProcess = array();
}

# --------------------------------------------------------------------------------

function
 ShowCounts()
{
	global $FilesCount, $FilesMatchedCount, 
			$DirectoriesCount, $DirectoriesMatchedCount, $Colors;

	$s =	"Files encountered = $FilesCount" . ', ' . 
			"Matching regex and processed = $FilesMatchedCount" . '; ' . 
			"Directories encountered = $DirectoriesCount" . ', ' . 
			"Matched and processed = $DirectoriesMatchedCount";

	echo CleanColorText($s, $Colors['status']) . "<br>";
}

# --------------------------------------------------------------------------------
# Returns path translated to canonical absolute filesystem path,
# or FALSE if it fails (path does not exist or PHP cannot enter/read it).

function GetCanonicalPath($path)
{
	# CLEAN IT UP AND CONVERT TO STANDARD PHP FORMAT (/)
	$path = str_replace('\', '/', $path); 
	$path = rtrim($path, '/'); 
	$path .= '/'; 

	$RealPath = realpath($path);	# FALSE IF PHP CANNOT READ ANY DIR IN HIERARCHY
	if($RealPath === FALSE)
		return FALSE;

	$RealPath = str_replace('\', '/', $RealPath); 
	$RealPath = rtrim($RealPath, '/'); 
	$RealPath .= '/'; 

	return $RealPath;
}

# --------------------------------------------------------------------------------
/*
Recursively
 search the starting directory and all below it to find files whose 
names 
match the given regex(es).

Since this performs no action on the files found, it is now a generic 
file-finder 
like the Linux "find" command. You can do whatever you want with the 
list once it's built. 

$FileMatchRegexes can be either a string or an array. Passing them all 
at once 
allows the filesystem to be traversed only once to find all matches 
(20+% faster).
*/

function BuildFileList($StartDir, $FileMatchRegexes,$FullpathExcludeRegexes) 
{
	# NOTE THAT THIS FUNCTION REQUIRES THE GLOBAL VARIABLES DECLARED EARLIER.
	global $FilesCount, $FilesMatchedCount, 
			$DirectoriesCount, $DirectoriesMatchedCount, 
			$AllFilesToProcess, $Colors;

	# CHANGE BACKSLASHES TO FORWARD, WHICH IS OK IN PHP, EVEN IN WINDOWS.
	# THEN REMOVE ANY TRAILING SLASHES AND ADD EXACTLY ONE.
	$StartDir = str_replace('\', '/', $StartDir); 
	$StartDir = rtrim($StartDir, '/'); 
	$StartDir .= '/'; 

	# ENSURE THAT THE CURRENT DIRECTORY EXISTS AND IS READABLE BY PHP.
	if(!is_dir($StartDir))
	{
		echo "Warning: Directory does not exist: " . CleanColorText($StartDir, $Colors['filename']) . "<br>";
		return;
	}
	$DirectoriesCount++;		# COUNT IT AS A DIRECTORY (READABLE OR NOT)
	if(!is_readable($StartDir))
	{
		echo    CleanColorText("Warning: Directory is not readable by PHP: ", $Colors['suspicious']) . 
				CleanColorText($StartDir, $Colors['filename']) . 
				". Check its owner/group permissions.<br>";
		return;
	}

	# THE DIR IS READABLE, SO IT WILL BE PROCESSED.
	# A DIR IS NEVER ACTUALLY EXCLUDED FROM PROCESSING UNLESS IT CAN'T BE READ. 
	# ONLY FILES ARE AFFECTED BY THE EXCLUSION RULES.
	$DirectoriesMatchedCount++;	

	# IF THESE ARE NOT ARRAYS, TURN THEM INTO ARRAYS.
	if(!is_array($FileMatchRegexes))
		$FileMatchRegexes = array($FileMatchRegexes);
	if(!is_array($FullpathExcludeRegexes))
		$FullpathExcludeRegexes = array($FullpathExcludeRegexes);

	# DETERMINE IF EACH ENTRY IN THE CURRENT DIRECTORY IS A CANDIDATE FOR INCLUSION IN THE FILE LIST.
	$dir = dir($StartDir); 
	while(($filename = $dir->read()) !== FALSE) 
	{
		$fullname = $dir->path . $filename; 
		if(is_file($fullname))
		{
			$FilesCount++;	# ADD IT TO THE COUNT OF *ALL* FILES, PROCESSED OR NOT.

			# IF ITS NAME MATCHES ANY OF THE REGEXES, IT MIGHT GO INTO THE LIST...
			$matches = 0;
			foreach($FileMatchRegexes as $regex)
			{
				if(preg_match($regex, $filename))
				{
					$matches = 1;
					# UNLESS ITS FULLPATH MATCHES ANY OF THE EXCLUSION REGEXES.
					foreach($FullpathExcludeRegexes as $exclude)
					{
						if(preg_match($exclude, $fullname))
						{
							$matches = 0;
							break;
						}
					}
					break;
				}
			}
			if($matches)
			{ 
				$FilesMatchedCount++;
				$AllFilesToProcess[] = $fullname;
			}
		}
		else if(is_dir($fullname))
		{
			# ELSE IF IT IS A DIRECTORY AND NOT THE CURRENT ONE OR ITS PARENT,
			# RECURSIVELY CALL THIS FUNCTION TO PROCESS ALL *ITS* ENTRIES 
			# BEFORE CONTINUING WITH THE CURRENT DIRECTORY.

			if(($filename !== '.') && ($filename !== '..'))
				BuildFileList($fullname, $FileMatchRegexes, $FullpathExcludeRegexes); 
		}
	}
	$dir->close(); 
} 

# --------------------------------------------------------------------------------
# BUILD A MASTER LIST OF ALL THE FILES TO PROCESS,
# THEN SORT THE ARRAY AND PROCESS ALL ITS ENTRIES AT ONCE.

function FindAndProcessFiles($StartDir, $FileMatchRegexes,$FullpathExcludeRegexes, $FileHandlerFunction) 
{
	
	global $AllFilesToProcess;

	ResetCounts();	

	BuildFileList($StartDir, $FileMatchRegexes, $FullpathExcludeRegexes); 
	sort($AllFilesToProcess, SORT_STRING);
	foreach($AllFilesToProcess as $filename)
	{
		$cek=substr($_SERVER['REQUEST_URI'],-10);
		$hasilcek=substr($filename,-11);
		if (substr($filename,-10)<>$cek or substr($filename,-11)<>'koding.html') {
	  	call_user_func($FileHandlerFunction, $filename); 
        }
	} 
	ShowCounts(); 
}

# --------------------------------------------------------------------------------
# END FUNCTION LIBRARY
# ================================================================================

echo
 "<br>" . CleanColorText("Done!", $Colors['status']) . 
"<br>"; 

# --------------------------------------------------------------------------------
# BE CAREFULL USE THIS SCRIPT
# it can be crash your server
# rep-09-11xx-35n
# www.pasarkode.com - ano van maximuz
# ================================================================================

?> 

</p> 
</body> 
</html>

Share

  • Tags : php, vurnerable, web, script, danger
comments powered by Disqus

Kode Terkait

CSS Pop UP with Javascript

Color Picker

Proteksi Server Web dari serangan DOS/DDOS/BruteForce



Kategori

Tag Terhubung