网站地图
【www.gdgbn.com--php函数】
import os
import sys
import re
import time
def listdir(dirs,liston="0"):
flog = open(os.getcwd()+"/check_php教程_shell.log","a+")
if not os.path.isdir(dirs):
print "directory %s is not exist"% (dirs)
return
lists = os.listdir(dirs)
for list in lists:
filepath = os.path.join(dirs,list)
if os.path.isdir(filepath):
if liston == "1":
listdir(filepath,"1")
elif os.path.isfile(filepath):
filename = os.path.basename(filepath)
if re.search(r".(?:php|inc|html?)$", filename, re.ignorecase):
i = 0
iname = 0
f = open(filepath)
while f:
file_contents = f.readline()
if not file_contents:
break
i += 1
match = re.search(r"""(?pb(?:include|require)(?:_once)?b)s*(?s*[""](?p [^;]*(? if match:
function = match.group("function")
filename = match.group("filename")
if iname == 0:
info = "n[%s] :n"% (filepath)
else:
info = ""
info += "t|-- [%s] - [%s] line [%d] n"% (function,filename,i)
flog.write(info)
print info
iname += 1
match = re.search(r"b(?peval|proc_open|popen|shell_exec|exec|passthru|system|assert|fwrite|create_function)bs*(", file_contents, re.ignorecase| re.multiline)
if match:
function = match.group("function")
if iname == 0:
info = "n[%s] :n"% (filepath)
else:
info = ""
info += "t|-- [%s] line [%d] n"% (function,i)
flog.write(info)
print info
iname += 1
match = re.search(r"(^|(?<=;))s*`(?p[^`]+)`s*;", file_contents, re.ignorecase)
if match:
shell = match.group("shell")
if iname == 0:
info = "n[%s] :n"% (filepath)
else:
info = ""
info += "t|-- [``] command is [%s] in line [%d] n"% (shell,i)
flog.write(info)
print info
iname += 1
match = re.search(r"(?p$_(?:pos|ge|reques)t)s*[[^]]+]s*(", file_contents, re.ignorecase)
if match:
shell = match.group("shell")
if iname == 0:
info = "n[%s] :n"% (filepath)
else:
info = ""
info += "t|-- [``] command is [%s] in line [%d] n"% (shell,i)
flog.write(info)
print info
iname += 1
f.close()
flog.close()
if "__main__" == __name__:
argvnum = len(sys.argv)
liston = "0"
if argvnum == 1:
action = os.path.basename(sys.argv[0])
print "command is like:n %s d:wwwroot n %s d:wwwroot 1 -- recurse subfolders"% (action,action)
quit()
elif argvnum == 2:
path = os.path.realpath(sys.argv[1])
listdir(path,liston)
else:
liston = sys.argv[2]
path = os.path.realpath(sys.argv[1])
listdir(path,liston)
flog = open(os.getcwd()+"/check_php_shell.log","a+")
isotimeformat="%y-%m-%d %x"
now_time = time.strftime(isotimeformat,time.localtime())
flog.write("n----------------------%s checked ---------------------n"% (now_time))
flog.close()