扫描目录下的php文件,是否含有木马特征
shell_checkl
#!/usr/bin/python#-*- encoding:UTF-8 -*-##### @package## @desc 扫描目录下的php文件,是否含有木马特征,注意,不是“木马扫描”## @useage python shell_check.py /your/web/path/ 1=是否递归###import osimport sysimport reimport timedef listdir(dirs,liston='0'): flog = open(os.getcwd()+"/check_php_shell.log","a+") if not os.path.isdir(dirs): print "directory %s is not exist"% (dirs) return lists = os.listdir(dirs) for list in lists: filepath = os.path.join(dirs,list) if os.path.isdir(filepath): if liston == '1': listdir(filepath,'1') elif os.path.isfile(filepath): filename = os.path.basename(filepath) if re.search(r"\.(?:php|inc|html?)$", filename, re.IGNORECASE): i = 0 iname = 0 f = open(filepath) while f: file_contents = f.readline() if not file_contents: break i += 1 match = re.search(r'''(?P<function>\b(?:include|require)(?:_once)?\b)\s*\(?\s*["'](?P<filename>.*?(?eval|proc_open|popen|shell_exec|exec|passthru|system)\b\s*\(', file_contents, re.IGNORECASE| re.MULTILINE) if match: function = match.group("function") if iname == 0: info = '\n[%s] :\n'% (filepath) else: info = '' info += '\t|-- [%s] line [%d] \n'% (function,i) flog.write(info) print info iname += 1 match = re.findall(r'(\$[a-z0-9_]*?\s*?\(.*?\))', file_contents, re.IGNORECASE) if match: if iname == 0: info = '\n[%s] :\n'% (filepath) else: info = '' info += '\t|-- [%s] line [%d] \n'% (match[0],i) flog.write(info) print info iname += 1 f.close() flog.close()if '__main__' == __name__: argvnum = len(sys.argv) liston = '0' if argvnum == 1: action = os.path.basename(sys.argv[0]) print "Command is like:\n %s D:\wwwroot\ \n %s D:\wwwroot\ 1 -- recurse subfolders"% (action,action) quit() elif argvnum == 2: path = os.path.realpath(sys.argv[1]) listdir(path,liston) else: liston = sys.argv[2] path = os.path.realpath(sys.argv[1]) listdir(path,liston) flog = open(os.getcwd()+"/check_php_shell.log","a+") ISOTIMEFORMAT='%Y-%m-%d %X' now_time = time.strftime(ISOTIMEFORMAT,time.localtime()) flog.write("\n----------------------%s checked ---------------------\n"% (now_time)) flog.close()</filename></function>
设置Linux系统的PATH环境变量步骤Feb 18, 2024 pm 05:40 PMLinux系统如何设置PATH环境变量在Linux系统中,PATH环境变量用于指定系统在命令行中搜索可执行文件的路径。正确设置PATH环境变量可以方便我们在任何位置执行系统命令和自定义命令。本文将介绍如何在Linux系统中设置PATH环境变量,并提供详细的代码示例。查看当前的PATH环境变量在终端中执行以下命令,可以查看当前的PATH环境变量:echo$P
function是什么意思Aug 04, 2023 am 10:33 AMfunction是函数的意思,是一段具有特定功能的可重复使用的代码块,是程序的基本组成单元之一,可以接受输入参数,执行特定的操作,并返回结果,其目的是封装一段可重复使用的代码,提高代码的可重用性和可维护性。
如何设置path环境变量Sep 04, 2023 am 11:53 AM设置path环境变量的方法:1、Windows系统,打开“系统属性”,点击“属性”选项,点击“高级系统设置”,在“系统属性”窗口中,选择“高级”标签,然后点击“环境变量”按钮,找到并点击“Path”编辑保存后即可;2、Linux系统,打开终端,打开你的bash配置文件,在文件末尾添加“export PATH=$PATH:文件路径”保存即可;3、MacOS系统,操作同上。
php提交表单通过后,弹出的对话框怎样在当前页弹出,该如何解决Jun 13, 2016 am 10:23 AMphp提交表单通过后,弹出的对话框怎样在当前页弹出php提交表单通过后,弹出的对话框怎样在当前页弹出而不是在空白页弹出?想实现这样的效果:而不是空白页弹出:------解决方案--------------------如果你的验证用PHP在后端,那么就用Ajax;仅供参考:HTML code<form name="myform"
如何解决 golang 中的 “undefined: filepath.Abs” 错误?Jun 24, 2023 pm 04:37 PM在golang中,filepath.Abs是一个非常常用的程序库,它的作用是获取一个相对路径的绝对路径。然而,在一些情况下,我们会发现在使用filepath.Abs时会遇到一个"undefined:filepath.Abs"的错误,这意味着我们没有正确地引入filepath库或者写出了错误的语法。本文将介绍如何解决这个错误。首先,我们需要理解
MySQL.proc表的作用和功能详解Mar 16, 2024 am 09:03 AMMySQL.proc表的作用和功能详解MySQL是一种流行的关系型数据库管理系统,开发者在使用MySQL时常常会涉及到存储过程(StoredProcedure)的创建和管理。而MySQL.proc表则是一个非常重要的系统表,它存储了数据库中所有的存储过程的相关信息,包括存储过程的名称、定义、参数等。在本文中,我们将详细解释MySQL.proc表的作用和功能
"enumerate()"函数在Python中的用途是什么?Sep 01, 2023 am 11:29 AM在本文中,我们将了解enumerate()函数以及Python中“enumerate()”函数的用途。什么是enumerate()函数?Python的enumerate()函数接受数据集合作为参数并返回一个枚举对象。枚举对象以键值对的形式返回。key是每个item对应的索引,value是items。语法enumerate(iterable,start)参数iterable-传入的数据集合可以作为枚举对象返回,称为iterablestart-顾名思义,枚举对象的起始索引由start定义。如果我们忽
如何正确设置Linux中的PATH环境变量Feb 22, 2024 pm 08:57 PM如何正确设置Linux中的PATH环境变量在Linux操作系统中,环境变量是用来存储系统级别的配置信息的重要机制之一。其中,PATH环境变量被用来指定系统在哪些目录中查找可执行文件。正确设置PATH环境变量是确保系统正常运行的关键一步。本文将介绍如何正确设置Linux中的PATH环境变量,并提供具体的代码示例。1.查看当前PATH环境变量在终端中输入以下命
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
DVWA
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
Atom editor mac version download
The most popular open source editor
ZendStudio 13.5.1 Mac
Powerful PHP integrated development environment
