.:: Blackc0de Forum ::.
Would you like to react to this message? Create an account in a few clicks or log in to continue.

-=Explore The World From Our Binary=-
 
HomeIndeksLatest imagesPendaftaranLogin

 

 Scan File-file Backdoor di situs anda

Go down 
+2
zer03s
BumiayuKita
6 posters
PengirimMessage
BumiayuKita
Administrator
Administrator
BumiayuKita


Jumlah posting : 2456
Points : 3020
Reputation : 85
Join date : 06.02.11
Age : 34
Lokasi : bumiayu

Scan File-file Backdoor di situs anda Empty
PostSubyek: Scan File-file Backdoor di situs anda   Scan File-file Backdoor di situs anda Icon_minitimeFri Apr 01, 2011 12:07 am

kembali lagi ketemu ama ane .... kali ini ane mau share tentang script php yang mungkin berguna buat pertahanan situs kita ...

script ini akan menscan file2 yang ada di root yang di curigai atau berpotensi sebagai shell

:p:p:p

Content





<table width="100%" bgcolor="#d3d3d3" height="100%">
<tr>
<td>
PHP Code:


#!/usr/bin/php

<?php

/*

* this script find some shell like

* c99, c100, r57, erne, Safe_Over

* and try to find some of unknow shell searching specific words this can be

* not safe

*

* how to use:

* the script don't need no-one of these parameter thay are facoltative

* -e Y/N enable disable eusristic mode (default is enable)

* -p a number 1-100 , it's the percentual of word that must be find into the file to warm the euristic mode

* -f check a single file

* -d check a single dir (normaly the program is recursive chek ALL file )

* powered by Dr. nefasto

*/

$euristic__ = array("fopen", "file(", "file_get_contents", "sql", "opendir", "perms", "port", "eval", "system", "exec", "rename", "copy", "delete", "hack", "($_", "phpinfo", "uname", "glob", "is_writable", "is_readable", "get_magic_quotes_gpc()", "move_uploaded_file", "$dir", "& 00", "get");

$word__ = array(

"c99" => array("c999shexit();", "setcookie("c999sh_surl");", "c999_buff_prepare();"),

"c100" => array("$back_connect_c="f0VMRgEBAQA", "function myshellexec($command) {", "tEY87ExcilDfgAMhwqM74s6o"),

"r57" => array("if(strpos(ex("echo abcr57"),"r57")!=3)", "function ex($cfe)", "$port_bind_bd_c="I2luY2x1ZGUg"),

"erne"=> array("function unix2DosTime($unixtime = 0)", "eh($errno, $er", "$mtime=@date("Y-m-d H:i:s",@filemti"),

"Safe_Over" => array("function walkArray($array){", "function printpagelink($a, $b, $link = "")", "if ($cmd != "downl")"),

"cmd_asp" => array(" ' -- Read th", "ll oFileSys.D", "Author: Maceo")

);

//the script work

$euristic_active = true;

$euristic_sens = 40;

for (
$i = 1; $i < $argc; $i++)

{

if (
$argv[$i] == "-h")

help($argv[0]);

elseif(
$argv[$i] == "-e")

{

if (
$argv[$i+1] == "Y") $euristic_active = true;

if (
$argv[$i+1] == "N") $euristic_active = false;

}

elseif(
$argv[$i] == "-p")

$euristic_sens = $argv[$i+1];

elseif(
$argv[$i] == "-d")

{

dir_scan($argv[$i+1]);

exit;

}

elseif(
$argv[$i] == "-f")

{

a($argv[$i+1]);

exit;

}

}

dir_scan(".");

function
dir_scan($name)

{

if (!
is_dir($name))

echo
"$name is not a dirn";

if (
$o = @opendir($name))

{

while(
false !== ($file = readdir($o)))

{

if (
$file == '.' or $file == '..' or $file == basename(__file__)){ continue;}

else if (
is_dir($name."/".$file)){dir_scan($name."/".$file);}

else

a($name."/".$file);

}

closedir($o);

}

else

echo
"i can't open $name dirn";

}

function
a($file)

{

global
$euristic_active;

global
$euristic_sens;

if (
$l = file_get_contents($file))

{

if (
$shell = check($l))

{

echo
"[DANGER] word_list > ".$file."tprobably ".$shell." shelln";

}

else if (
$euristic_active)

if (
$t = check_euristic($l) and $t > $euristic_sens)

{

echo
"[_ALERT] euristic $t%> ".$file."tprobably is a shelln";

}

}

else

{

echo
"i can't open $file filen";

}

}

function
check($string)

{

$check = 0;

global
$word__;

foreach(
$word__ as $shell => $code)

foreach(
$code as $microcode)

if (
stripos($string, $microcode) !== false)

{

$check ++;

if (
$check == 3) return $shell;

}

return
false;

}

function
check_euristic($string)

{

global
$euristic__;

$check = 0;

foreach(
$euristic__ as $code)

if (
stripos($string, $code) !== false)

$check++;

return
intval(($check * 100) / count($euristic__));

}

function
help($me)

{

echo
"indonesianhacker shell scannern".

"$me {-e [euristic method default = Y] Y/N -p [[0-100] euristic sensibility fewer == most feeble ] [-d [directory] / -f [file] ]}n".

"exemple: $me -e N -d /tmpn"

;

exit;

}

?>




</td>
</tr>
</table>






simpan dengan nama amankan.php ato serah ente dah
panggil url nah ... [You must be registered and logged in to see this link.]
ntar tinggal liat hasilnah....

NB :





TESTI gan .. ane pasang di halaman pertama...







semoga berguna gan ....

ditunggu cendolnya dan rate nya gan ....

:d:d:d
Kembali Ke Atas Go down
http://aljinet.blogspot.com
zer03s
Administrator
Administrator
zer03s


Jumlah posting : 2471
Points : 4119
Reputation : 113
Join date : 13.12.10
Age : 32
Lokasi : /home/root/blackc0de

Scan File-file Backdoor di situs anda Empty
PostSubyek: Re: Scan File-file Backdoor di situs anda   Scan File-file Backdoor di situs anda Icon_minitimeThu Apr 28, 2011 11:56 pm

Scan File-file Backdoor di situs anda 772168924
Kembali Ke Atas Go down
http://zer03s.blog.com/
BumiayuKita
Administrator
Administrator
BumiayuKita


Jumlah posting : 2456
Points : 3020
Reputation : 85
Join date : 06.02.11
Age : 34
Lokasi : bumiayu

Scan File-file Backdoor di situs anda Empty
PostSubyek: Re: Scan File-file Backdoor di situs anda   Scan File-file Backdoor di situs anda Icon_minitimeWed Aug 03, 2011 2:28 am

Scan File-file Backdoor di situs anda 3529815765 hanya share aja kak semoga berguna
Kembali Ke Atas Go down
http://aljinet.blogspot.com
Banditcode
Top Nubie
Top Nubie
Banditcode


Jumlah posting : 42
Points : 71
Reputation : 2
Join date : 12.08.11

Scan File-file Backdoor di situs anda Empty
PostSubyek: Re: Scan File-file Backdoor di situs anda   Scan File-file Backdoor di situs anda Icon_minitimeSat Aug 13, 2011 6:45 pm

ane praktekin dulu di web ane Scan File-file Backdoor di situs anda 772168924 thanks a lot Scan File-file Backdoor di situs anda 3402572103
Kembali Ke Atas Go down
BumiayuKita
Administrator
Administrator
BumiayuKita


Jumlah posting : 2456
Points : 3020
Reputation : 85
Join date : 06.02.11
Age : 34
Lokasi : bumiayu

Scan File-file Backdoor di situs anda Empty
PostSubyek: Re: Scan File-file Backdoor di situs anda   Scan File-file Backdoor di situs anda Icon_minitimeSun Aug 14, 2011 12:37 am

berbagi kk Scan File-file Backdoor di situs anda 3529815765
Kembali Ke Atas Go down
http://aljinet.blogspot.com
bumiayucyber
Newbie - Hack
Newbie - Hack
bumiayucyber


Jumlah posting : 379
Points : 422
Reputation : 9
Join date : 08.09.11

Scan File-file Backdoor di situs anda Empty
PostSubyek: Re: Scan File-file Backdoor di situs anda   Scan File-file Backdoor di situs anda Icon_minitimeSat Sep 10, 2011 9:32 pm

sikat dulu gan,mau coba di web ane
Kembali Ke Atas Go down
jenal
NuuBiiTooL
NuuBiiTooL



Jumlah posting : 2
Points : 2
Reputation : 0
Join date : 14.09.11

Scan File-file Backdoor di situs anda Empty
PostSubyek: Re: Scan File-file Backdoor di situs anda   Scan File-file Backdoor di situs anda Icon_minitimeWed Sep 14, 2011 6:52 pm

kalo ketemu file yang mencurigakan otomatis delete pa gmane actionnya?, sory ane newbie mas bero Scan File-file Backdoor di situs anda 3529815765
Kembali Ke Atas Go down
BumiayuKita
Administrator
Administrator
BumiayuKita


Jumlah posting : 2456
Points : 3020
Reputation : 85
Join date : 06.02.11
Age : 34
Lokasi : bumiayu

Scan File-file Backdoor di situs anda Empty
PostSubyek: Re: Scan File-file Backdoor di situs anda   Scan File-file Backdoor di situs anda Icon_minitimeWed Sep 14, 2011 7:58 pm

mending di del aje gan
Kembali Ke Atas Go down
http://aljinet.blogspot.com
Tuan DC
BC Security
BC Security
Tuan DC


Jumlah posting : 623
Points : 704
Reputation : 41
Join date : 11.08.11
Lokasi : in the Hell

Scan File-file Backdoor di situs anda Empty
PostSubyek: Re: Scan File-file Backdoor di situs anda   Scan File-file Backdoor di situs anda Icon_minitimeThu Sep 15, 2011 9:30 am

bocah cupu wrote:
mending di del aje gan

delete webnya ya oms... hehe :jempol
Kembali Ke Atas Go down
Sponsored content





Scan File-file Backdoor di situs anda Empty
PostSubyek: Re: Scan File-file Backdoor di situs anda   Scan File-file Backdoor di situs anda Icon_minitime

Kembali Ke Atas Go down
 
Scan File-file Backdoor di situs anda
Kembali Ke Atas 
Halaman 1 dari 1
 Similar topics
-
» Scan File-file Backdoor di situs anda
» Scan file-file Backdoor di situs sendiri
» Scan File Secara Online Dengan 19 Antivirus Sekaligus!
» sharing file
» File Temporary (.tmp)

Permissions in this forum:Anda tidak dapat menjawab topik
.:: Blackc0de Forum ::. :: Information Technology :: Security-
Navigasi: