Home Article PHP WebShell Check Shell for PHP

WebShell Check Shell for PHP

Posted under Article PHP on Tuesday, 6 October 2009 by

WebShell Check Shell for PHP


#!/bin/sh
#************************************************************
#WebShell Check Shell for PHP
#************************************************************
HOSTIP=`ifconfig eth0 |grep 'inet addr'|awk '{print $2;}'|cut -d: -f2`
#STR=`expr index $HOSTIP "192.168"`
#if [ ${STR} -eq 1 ] 
#         then
#                 HOSTIP=`ifconfig eth1 |grep 'inet addr'|awk '{print $2;}'|cut -d: -f2`
#fi
echo $HOSTIP LogFile=/tmp/$HOSTIP.log rm -rf $LogFile date +%Y-%m-%d/%H:%M >> $LogFile 
echo -e "n" >> $LogFile 
echo " ---------------------------------------------------------------------------------------------------" >> $LogFile 
echo "|Executive Order function:exec(|system(|passthru(|shell_exec(|popen(|proc_open(|pcntl_exec(   |" >> $LogFile 
echo " ---------------------------------------------------------------------------------------------------" >> $LogFile 
echo -e "n" >> $LogFile grep -in 'exec(|system(|passthru(|shell_exec(|popen(|proc_open(|pcntl_exec(' -R * | grep -iv '_exec' >> $LogFile
echo -e "n" >> $LogFile
echo " -------------------------------------------------------------------------------------------" >> $LogFile
echo "|Deformation of the back door coding:eval(|base64_decode(|gzinflate(|gzuncompress(|chr( |" >> $LogFile
echo " --------------------------------------------------------------------------------------------" >> $LogFile
echo -e "n" >> $LogFile grep -in "eval(|base64_decode(|gzinflate(|gzuncompress(|chr(" -R * >> $LogFile echo -e "n" >> $LogFile
echo " -----------------------------------------------------------------------------------------------------------------" >> $LogFile  
echo "|File operations function:dl(|fopen(|readfile(|file(|file_get_contents(|opendir(|chdir(|fwrite(|unlink(|glob(|" >> $LogFile  
echo " -----------------------------------------------------------------------------------------------------------------" >> $LogFile  
echo -e "n" >> $LogFile grep -in "dl(|fopen(|readfile(|file(|file_get_contents(|opendir(|chdir(|fwrite(|unlink(|glob(" -R * >> $LogFile
echo -e "n" >> $LogFile echo "----------------------------------" >> $LogFile echo "|Files inculde bug:include|require|" >> $LogFile
echo "----------------------------------" >> $LogFile echo -e "n" >> $LogFile grep -in "include.*$.|require.*$." -R * >> $LogFile
echo -e "n" >> $LogFile echo "---------------------------------------------------------" >> $LogFile
echo "|Risk code Keyword:SQLyog|phpAdsNew|huansuan|fckeditor|" >> $LogFile
echo "--------------------------------------------------------" >> $LogFile
echo -e "n" >> $LogFile grep -in "SQLyog|phpAdsNew|huansuan|fckeditor" -R * >> $LogFile
cd /tmp
tar -zcvf $HOSTIP.tar.gz $HOSTIP.log
Digg Google Bookmarks reddit Mixx StumbleUpon Technorati Yahoo! Buzz DesignFloat Delicious BlinkList Furl
Tagged with:

No Responses to “WebShell Check Shell for PHP”

Leave a Reply

Name:
Email:
Website:
Comment:
XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>