forked from alekseykorzun/php-audit
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathphpAudit
executable file
·59 lines (55 loc) · 1.35 KB
/
phpAudit
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
#!/bin/bash
echo "=========================================================================="
echo " phpAudit <www.alekseykorzun.com> "
echo "=========================================================================="
path=`echo "$1"`
if [ "$path" == '' ]; then
echo "Syntax: ./phpAudit </path/to/directory/>";
exit;
fi
echo ""
echo "[:)] Scanning '$path'...";
files=`find $path -name '*.php' -print`;
if [ "$files" == '' ]; then
echo " [!] No valid PHP files were found, aborting!";
exit;
fi
echo ""
echo ""
echo "[+] Checking for PHP configuration modifications"
for file in $files
do
result=`cat "$file" | grep -E -i -f database/escalation.re`
if [ -n "$result" ]
then
echo " [!] Warning: $file";
echo " "$result;
echo ""
fi
done
echo ""
echo ""
echo "[+] Checking for network operations"
for file in $files
do
result=`cat "$file" | grep -E -i -f database/network.re`
if [ -n "$result" ]
then
echo " [!] Warning: $file";
echo " "$result;
echo ""
fi
done
echo ""
echo ""
echo "[+] Checking for system operations"
for file in $files
do
result=`cat "$file" | grep -E -i -f database/system.re`
if [ -n "$result" ]
then
echo " [!] Warning: $file";
echo " "$result;
echo ""
fi
done