PHPSecurity-ShellRFIScanner_PHP教程

/***************************************************************************
* PHP Security-Shell RFI Scanner *
* *
* Copyright (C) 2007 by pentest *
* *
* http://security-shell.uni.cc *
* *
* This program is free software; you can redistribute it and/or modify *
* it under the terms of the GNU General Public License as published by *
* the Free Software Foundation; either version 2 of the License, or *
* (at your option) any later version. *
* *
* This program is distributed in the hope that it will be useful, *
* but WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
* GNU General Public License for more details. *
* Test over by cnfjhh *
***************************************************************************/

$escan_inc_regex = array( /include(_once)?.$/ix, /require(_once)?.$/ix );
/* Regex to extract the names of variables */
$escan_var_regex = array( /Ainclude(_once)?./is, /Arequire(_once)?./is );
/* Array of file extensions to scan */
$escan_valid_ext = array( php );
/* Maximum size of a file to scan, scans all if 0 */
$escan_max_size = 0;
/* Counter crawled directory */
$escan_dir_count = 0;
/* Perpetual scanned files */
$escan_file_count = 0;
/* Perpetual potential rfi found */
$escan_match_count = 0;
/*Perpetual crawled total bytes */
$escan_byte_count = 0;

escan_banner();

if( $argc < 2 ){
escan_usage($argv[0]);
}
else{

$stime = escan_get_mtime();

escan_recurse_dir( realpath($argv[1]).DIRECTORY_SEPARATOR );

$etime = escan_get_mtime();

print " @ Scan report : " .
" $escan_dir_count directory . ".
" $escan_file_count file . ".
" " . escan_format_size($escan_byte_count) . " . ".
" $escan_match_count Potential RFI . ".
" ".($etime-$stime) . " Second Processing . ";
}

/* A string formats in a magnitude expressed in bytes */
function escan_format_size($bytes)
{
if( $bytes < 1024 ) return "$bytes bytes";
if( $bytes < 1048576 ) return ($bytes / 1024) . " Kb";
if( $bytes < 1073741824 ) return ($bytes / 1048576) . " Mb";

return ($bytes / 1073741824) . " Gb";
}

/* Returns the timestamp in seconds */
function escan_get_mtime()
{
list($usec, $sec) = explode(" ",microtime());
return ((float)$usec + (float)$sec);
}

/* Extracts line of code inclusion */
function escan_scan_line($content,$offset)
{
list( $line, $dummy ) = explode( ";" , substr($content,$offset,strlen($content)) );

http://www.bkjia.com/PHPjc/509166.htmlwww.bkjia.comtruehttp://www.bkjia.com/PHPjc/509166.htmlTechArticle?php /*************************************************************************** * PHP Security-Shell RFI Scanner * * * * Copyright (C) 2007 by pentest * * * * http://security-she...