search_dangerous_php_functions.sh

1. ---------------------------
2. - dangerousfunctions.list -
3. ---------------------------
4.  
5. eval
6. exec
7. passthru
8. system
9. apache_child_terminate
10. apache_setenv
11. define_syslog_variables
12. escapeshellarg
13. escapeshellcmd
14. fp
15. fput
16. ftp_connect
17. ftp_exec
18. ftp_get
19. ftp_login
20. ftp_nb_fput
21. ftp_put
22. ftp_raw
23. ftp_rawlist
24. highlight_file
25. ini_alter
26. ini_get_all
27. ini_restore
28. inject_code
29. mysql_pconnect
30. openlog
31. php_uname
32. phpAds_remoteInfo
33. phpAds_XmlRpc
34. phpAds_xmlrpcDecode
35. phpAds_xmlrpcEncode
36. popen
37. posix_getpwuid
38. posix_kill
39. posix_mkfifo
40. posix_setpgid
41. posix_setsid
42. posix_setuid
43. posix_setuid
44. posix_uname
45. proc_close
46. proc_get_status
47. proc_nice
48. proc_open
49. proc_terminate
50. shell_exec
51. syslog
52. xmlrpc_entity_decode
53.  
54. -------------------------------
55. - searchdangerousfunctinos.sh -
56. -------------------------------
57.  
58. #!/bin/bash
59.  
60. # This script search for dangerous functions of PHP code listed in "dangerousfunctions.list"
61.  
62. searchpath=$1
63. if [[ ! -d $searchpath && ! -f $searchpath ]];then
64.     echo "Wrong search path specified ($searchpath)"
65.     echo "Usage: $0 <searchpath>"
66.     exit 1
67. fi
68.  
69. for df in `cat dangerousfunctions.list`; do
70.     # find $searchpath -name "*.php" -type f -exec ls -l {}  \;
71.     filelist=$(find $searchpath -name "*.php" -exec grep -l -e "$df\(.*\$.*\)" {} \; )
72.     echo "================================="
73.     echo "== Files using function $df =="
74.     echo "================================="
75.  
76.     for file in $filelist; do
77.         echo "- $file" | tee -a $df.files.list
78.     done   
79. done