Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /******************************************************************
- *******************************************************************
- *******************************************************************
- ********************* SUSPICIOUS FUNCTIONS LIST *******************
- *******************************************************************
- *******************************************************************
- ******************************************************************/
- exec - Returns last line of commands output
- passthru - Passes commands output directly to the browser
- system - Passes commands output directly to the browser and returns last line
- shell_exec - Returns commands output
- `` (backticks) - Same as shell_exec()
- popen - Opens read or write pipe to process of a command
- proc_open - Similar to popen() but greater degree of control
- pcntl_exec - Executes a program
- eval()
- assert() - identical to eval()
- preg_replace('/.*/e',...) - /e does an eval() on the match
- create_function()
- include()
- include_once()
- require()
- require_once()
- ob_start
- array_diff_uassoc
- array_diff_ukey
- array_filter
- array_intersect_uassoc
- array_intersect_ukey
- array_map
- array_reduce
- array_udiff_assoc
- array_udiff_uassoc
- array_udiff
- array_uintersect_assoc
- array_uintersect_uassoc
- array_uintersect
- array_walk_recursive
- array_walk
- assert_options
- uasort
- uksort
- usort
- preg_replace_callback
- spl_autoload_register
- iterator_apply
- call_user_func
- call_user_func_array
- register_shutdown_function
- register_tick_function
- set_error_handler
- set_exception_handler
- session_set_save_handler
- sqlite_create_aggregate
- sqlite_create_function
- phpinfo
- posix_mkfifo
- posix_getlogin
- posix_ttyname
- getenv
- get_current_user
- proc_get_status
- get_cfg_var
- disk_free_space
- disk_total_space
- diskfreespace
- getcwd
- getlastmo
- getmygid
- getmyinode
- getmypid
- getmyuid
- extract - Opens the door for register_globals attacks (see study in scarlet).
- parse_str - works like extract if only one argument is given.
- putenv
- ini_set
- mail - has CRLF injection in the 3rd parameter, opens the door for spam.
- header - on old systems CRLF injection could be used for xss or other purposes, now it is still a problem if they do a header("location: ..."); and they do not die();. The script keeps executing after a call to header(), and will still print output normally. This is nasty if you are trying to protect an administrative area.
- proc_nice
- proc_terminate
- proc_close
- pfsockopen
- fsockopen
- apache_child_terminate
- posix_kill
- posix_mkfifo
- posix_setpgid
- posix_setsid
- posix_setuid
- // open filesystem handler
- fopen
- tmpfile
- bzopen
- gzopen
- SplFileObject->__construct
- // write to filesystem (partially in combination with reading)
- chgrp
- chmod
- chown
- copy
- file_put_contents
- lchgrp
- lchown
- link
- mkdir
- move_uploaded_file
- rename
- rmdir
- symlink
- tempnam
- touch
- unlink
- imagepng - 2nd parameter is a path.
- imagewbmp - 2nd parameter is a path.
- image2wbmp - 2nd parameter is a path.
- imagejpeg - 2nd parameter is a path.
- imagexbm - 2nd parameter is a path.
- imagegif - 2nd parameter is a path.
- imagegd - 2nd parameter is a path.
- imagegd2 - 2nd parameter is a path.
- iptcembed
- ftp_get
- ftp_nb_get
- // read from filesystem
- file_exists
- file_get_contents
- file
- fileatime
- filectime
- filegroup
- fileinode
- filemtime
- fileowner
- fileperms
- filesize
- filetype
- glob
- is_dir
- is_executable
- is_file
- is_link
- is_readable
- is_uploaded_file
- is_writable
- is_writeable
- linkinfo
- lstat
- parse_ini_file
- pathinfo
- readfile
- readlink
- realpath
- stat
- gzfile
- readgzfile
- getimagesize
- imagecreatefromgif
- imagecreatefromjpeg
- imagecreatefrompng
- imagecreatefromwbmp
- imagecreatefromxbm
- imagecreatefromxpm
- ftp_put
- ftp_nb_put
- exif_read_data
- read_exif_data
- exif_thumbnail
- exif_imagetype
- hash_file
- hash_hmac_file
- hash_update_file
- md5_file
- sha1_file
- highlight_file
- show_source
- php_strip_whitespace
- get_meta_tags
- /******************************************************************
- *******************************************************************
- ******************************************************************/
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement