SpareNet Servers Advertising & Link Exchange

اطلاعیه

بستن
هیچ اطلاعیه ای هنوز ایجاد نشده است .

RFI Scanner Perl

بستن
X
بستن
 
  • صفحه از 1
  • فیلتر
  • زمان
  • نمایش
پاک کردن همه
نوشته‌های جدید
قبلی template بعدی
  • #1

    RFI Scanner Perl

    اینم یکی از دوستای رومانی داد :67:
    [php]#!/usr/bin/perl -w

    #
    # Remote File Inclusion scanner created by Ironfist
    # This will check a directory (& subdirectories) for php scripts, containing an inclusion.
    # New in version 2: Code improved, you can set the amount of subdirs to scan, results considered critical displayed in red,
    # comments containing inclusion code displayed in grey, all errors filtered out, result file looks way nicer ^_^
    #



    $subdirstoscan = 20;
    $resultfile = "results.html"; #Dont forget to add .htm or .html

    if(-e "$resultfile"){
    unlink("$resultfile");
    }
    open(DAT,">>$resultfile") || die("Cannot Open File");
    print DAT "<html><head><title>Iron's Remote File Inclusion Scanner -> Results</title></head><body><table border=1><td>WHERE</td><td>Code</td><tr>";
    close(DAT);




    print "Directory to read? ";
    $input = <stdin>;
    chop ($input);
    $dir = "/*";
    $deep = 0;
    while($deep != $subdirstoscan){
    @files = <$input$dir>;

    foreach $file (@files) {
    if(-f $file){
    print "Checking: " .$file . "n";
    open(MYINPUTFILE, "$file");
    while(<MYINPUTFILE>)
    {

    my($line) = $_;

    chomp($line);
    if(($line =~ m/include_once $/i) || ($line =~ m/require_once $/i) || ($line =~ m/include_once($/i) || ($line =~ m/require_once($/i) || ($line =~ m/require $/i) || ($line =~ m/require($/i) || ($line =~ m/require $/i) || ($line =~ m/include $/i) || ($line =~ m/include($/i))
    {
    if(($line =~ /$_GET/) || ($line =~ /$_POST/) || ($line =~ /$_REQUEST/)){ #This could be critical

    open(DAT,">>$resultfile") || die("Cannot Open File");
    print DAT "<td>$file</td><td><font color=red>$line</font></td><tr>";
    close(DAT);
    } elsif($line =~ /^///){ #This is just a comment, but display it anyway Smile
    open(DAT,">>$resultfile") || die("Cannot Open File");
    print DAT "<td>$file</td><td><font color=grey>$line</font></td><tr>";
    close(DAT);
    }
    else {
    open(DAT,">>$resultfile") || die("Cannot Open File");
    print DAT "<td>$file</td><td>$line</td><tr>";
    close(DAT);
    }
    }
    }
    }
    }
    $deep++;
    $dir .= "/*";
    }
    open(DAT,">>$resultfile") || die("Cannot Open File");
    print DAT "</table>
    <center> [/php]
    برچسب ها: هیچ یک
قبلی template بعدی
صبر کنید ..
X