123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256 |
- <?php
-
- $_W['page']['title'] = '工具 - 系统管理';
- $dos = array('bom', 'scan');
- $do = in_array($do, $dos) ? $do : 'bom';
-
- if($do == 'bom') {
- if(checksubmit('submit')) {
- set_time_limit(0);
- load()->func('file');
- $path = IA_ROOT;
- $trees = file_tree($path);
- $bomtree = array();
- foreach($trees as $tree) {
- $tree = str_replace($path, '', $tree);
- $tree = str_replace('\\', '/', $tree);
- if(strexists($tree, '.php')) {
- $fname = $path . $tree;
- $fp = fopen($fname, 'r');
- if(!empty($fp)) {
- $bom = fread($fp, 3);
- fclose($fp);
- if($bom == "\xEF\xBB\xBF") {
- $bomtree[] = $tree;
- }
- }
- }
- }
- cache_write('bomtree', $bomtree);
- }
- if (checksubmit('dispose')) {
- $trees = cache_load('bomtree');
- $path = IA_ROOT;
- foreach($trees as $tree) {
- $fname = $path . $tree;
- $string = file_get_contents($fname);
- $string = substr($string, 3);
- file_put_contents($fname, $string);
- fclose($fp);
- }
- cache_delete('bomtree');
- }
- template('system/bom');
- }
-
- if($do == 'scan') {
- $op = trim($_GPC['op']) ? trim($_GPC['op']) : 'post';
- if($op == 'post') {
- $config = iunserializer(cache_read('scan:config'));
- $list = glob(IA_ROOT.'/*', GLOB_NOSORT);
- $ignore = array();
- foreach($list as $key => $li) {
- if(in_array(basename($li), $ignore)) {
- unset($list[$key]);
- }
- }
-
- $safe = array (
- 'file_type' => 'php|js',
- 'code' => 'weidongli|sinaapp|safedog',
- 'func' => 'com|system|exec|eval|escapeshell|cmd|passthru|base64_decode|gzuncompress',
- 'dir' => '',
- );
-
- if(checksubmit('submit')) {
- if(empty($_GPC['dir'])) {
- message('请选择要扫描的目录', referer(), 'success');
- }
- foreach($_GPC['dir'] as $k => $v) {
- if(in_array(basename($v), $ignore)) {
- unset($_GPC['dir'][$k]);
- }
- }
- $info['file_type'] = 'php|js';
- $info['func'] = trim($_GPC['func']) ? trim($_GPC['func']) : 'com|system|exec|eval|escapeshell|cmd|passthru|base64_decode|gzuncompress';
- $info['code'] = trim($_GPC['code']) ? trim($_GPC['code']) : 'weidongli|sinaapp';
- $info['md5_file'] = trim($_GPC['md5_file']);
- $info['dir'] = $_GPC['dir'];
- cache_delete('scan:config');
- cache_delete('scan:file');
- cache_delete('scan:badfile');
- cache_write('scan:config', iserializer($info));
- message("配置保存完成,开始文件统计。。。", url('system/tools/scan', array('op' => 'count')), 'success');
- }
- }
-
- if($op == 'count') {
- load()->func('file');
- set_time_limit(0);
- $files = array();
- $config = iunserializer(cache_read('scan:config'));
- if(empty($config)) {
- message('获取扫描配置失败', url('system/tools/scan'), 'error');
- }
- $config['file_type'] = explode('|', $config['file_type']);
- $list_arr = array();
- foreach($config['dir'] as $v) {
- if(is_dir($v)) {
- if(!empty($config['file_type'])) {
- foreach ($config['file_type'] as $k) {
- $list_arr = array_merge($list_arr, file_lists($v . '/', 1, $k, 0, 1, 1));
- }
- }
- } else {
- $list_arr = array_merge($list_arr, array(str_replace(IA_ROOT . '/', '', $v) => md5_file($v)));
- }
- }
- unset($list_arr['data/config.php']);
- $list_arr = iserializer($list_arr);
- cache_write('scan:file', $list_arr);
- message("文件统计完成,进行特征函数过滤。。。", url('system/tools/scan', array('op' => 'filter_func')), 'success');
- }
-
- if($op == 'filter_func') {
- @set_time_limit(0);
- $config = iunserializer(cache_read('scan:config'));
- $file = iunserializer(cache_read('scan:file'));
- if (isset($config['func']) && !empty($config['func'])) {
- foreach ($file as $key => $val) {
- $html = file_get_contents(IA_ROOT . '/' . $key);
- if(stristr($key, '.php.') != false || preg_match_all('/[^a-z]?('.$config['func'].')\s*\(/i', $html, $state, PREG_SET_ORDER)) {
- $badfiles[$key]['func'] = $state;
- }
- }
- }
- if(!isset($badfiles)) $badfiles = array();
- cache_write('scan:badfile', iserializer($badfiles));
- message("特征函数过滤完成,进行特征代码过滤。。。", url('system/tools/scan', array('op' => 'filter_code')), 'success');
- }
- if($op == 'filter_code') {
- @set_time_limit(0);
- $config = iunserializer(cache_read('scan:config'));
- $file = iunserializer(cache_read('scan:file'));
- $badfiles = unserialize(cache_read('scan:badfile'));
- if (isset($config['code']) && !empty($config['code'])) {
- foreach ($file as $key => $val) {
- if(!empty($config['code'])) {
- $html = file_get_contents(IA_ROOT . '/' . $key);
- if(stristr($key, '.php.') != false || preg_match_all('/[^a-z]?('.$config['code'].')/i', $html, $state, PREG_SET_ORDER)) {
- $badfiles[$key]['code'] = $state;
- }
- }
- if(strtolower(substr($key, -4)) == '.php' && function_exists('zend_loader_file_encoded') && zend_loader_file_encoded(IA_ROOT . '/' . $key)) {
- $badfiles[$key]['zend'] = 'zend encoded';
- }
- $html = '';
- }
- }
- cache_write('scan:badfile', iserializer($badfiles));
- message("特征代码过滤完成,进行加密文件过滤。。。", url('system/tools/scan', array('op' => 'encode')), 'success');
- }
-
- if($op == 'encode') {
- @set_time_limit(0);
- $file = iunserializer(cache_read('scan:file'));
- $badfiles = iunserializer(cache_read('scan:badfile'));
-
- foreach ($file as $key => $val) {
- if(strtolower(substr($key, -4)) == '.php') {
- $html = file_get_contents(IA_ROOT . '/' . $key);
- $token = token_get_all($html);
- $html = '';
- foreach($token as $to) {
- if(is_array($to) && $to[0] == T_VARIABLE) {
- $pre = preg_match("/([".chr(0xb0)."-".chr(0xf7)."])+/", $to[1]);
- if(!empty($pre)) {
- $badfiles[$key]['danger'] = 'danger';
- break;
- }
- }
- }
- }
- }
- cache_write('scan:badfile', iserializer($badfiles));
- message("扫描完成。。。", url('system/tools/scan', array('op' => 'display')), 'success');
- }
-
- if($op == 'display') {
- $badfiles = iunserializer(cache_read('scan:badfile'));
- if(empty($badfiles)) {
- message('没有找到扫描结果,请重新扫描', url('system/tools/scan'), 'error');
- }
- unset($badfiles['data/config.php']);
- foreach($badfiles as $k => &$v) {
- $v['func_count'] = 0;
- if(isset($v['func'])) {
- $v['func_count'] = count($v['func']);
- foreach ($v['func'] as $k1 => $v1) {
- $d[$k1] = strtolower($v1[1]);
- }
- $d = array_unique($d);
- $v['func_str'] = implode(', ', $d);
- }
- $v['code_count'] = 0;
- if(isset($v['code'])) {
- $v['code_count'] = count($v['code']);
- foreach ($v['code'] as $k2 => $v2) {
- $d1[$k2] = strtolower($v2[1]);
- }
- $d1 = array_unique($d1);
- $v['code_str'] = implode(', ', $d1);
- }
- }
- }
-
- if($op == 'view') {
- $file = authcode(trim($_GPC['file'], 'DECODE'));
- $file_tmp = $file;
- if(empty($file) || strexists($file, './') || strexists($file, '../') || $file == 'data/config.php') {
- message('文件不存在', referer(), 'error');
- }
- $file_arr = explode('/', $file);
- $ignore = array('payment');
-
- if(is_array($file_arr) && in_array($file_arr[0], $ignore)) {
- message('系统不允许查看当前文件', referer(), 'error');
- }
- $file = IA_ROOT . '/' . $file;
- if(!is_file($file)) {
- message('文件不存在', referer(), 'error');
- }
- $badfiles = iunserializer(cache_read('scan:badfile'));
- $info = $badfiles[$file_tmp];
- unset($badfiles);
-
- if(!empty($info)) {
- $info['func_count'] = 0;
- if(isset($info['func'])) {
- $info['func_count'] = count($info['func']);
- foreach ($info['func'] as $k1 => $v1) {
- $d[$k1] = strtolower($v1[1]);
- }
- $d = array_unique($d);
- $info['func_str'] = implode(', ', $d);
- }
- $info['code_count'] = 0;
- if(isset($info['code'])) {
- $info['code_count'] = count($info['code']);
- foreach ($info['code'] as $k2 => $v2) {
- $d1[$k2] = strtolower($v2[1]);
- }
- $d1 = array_unique($d1);
- $info['code_str'] = implode(', ', $d1);
- }
- }
- $data = file_get_contents($file);
- }
- template('system/scan');
- }
-
-
-
|