Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ---------------------------
- - dangerousfunctions.list -
- ---------------------------
- eval
- exec
- passthru
- system
- apache_child_terminate
- apache_setenv
- define_syslog_variables
- escapeshellarg
- escapeshellcmd
- fp
- fput
- ftp_connect
- ftp_exec
- ftp_get
- ftp_login
- ftp_nb_fput
- ftp_put
- ftp_raw
- ftp_rawlist
- highlight_file
- ini_alter
- ini_get_all
- ini_restore
- inject_code
- mysql_pconnect
- openlog
- php_uname
- phpAds_remoteInfo
- phpAds_XmlRpc
- phpAds_xmlrpcDecode
- phpAds_xmlrpcEncode
- popen
- posix_getpwuid
- posix_kill
- posix_mkfifo
- posix_setpgid
- posix_setsid
- posix_setuid
- posix_setuid
- posix_uname
- proc_close
- proc_get_status
- proc_nice
- proc_open
- proc_terminate
- shell_exec
- syslog
- xmlrpc_entity_decode
- -------------------------------
- - searchdangerousfunctinos.sh -
- -------------------------------
- #!/bin/bash
- # This script search for dangerous functions of PHP code listed in "dangerousfunctions.list"
- searchpath=$1
- if [[ ! -d $searchpath && ! -f $searchpath ]];then
- echo "Wrong search path specified ($searchpath)"
- echo "Usage: $0 <searchpath>"
- exit 1
- fi
- for df in `cat dangerousfunctions.list`; do
- # find $searchpath -name "*.php" -type f -exec ls -l {} \;
- filelist=$(find $searchpath -name "*.php" -exec grep -l -e "$df\(.*\$.*\)" {} \; )
- echo "================================="
- echo "== Files using function $df =="
- echo "================================="
- for file in $filelist; do
- echo "- $file" | tee -a $df.files.list
- done
- done
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement