|
| Scan File-file Backdoor di situs anda | |
| | Pengirim | Message |
---|
BumiayuKita Administrator
Jumlah posting : 2456 Points : 3020 Reputation : 85 Join date : 06.02.11 Age : 34 Lokasi : bumiayu
| Subyek: Scan File-file Backdoor di situs anda Fri Apr 01, 2011 12:07 am | |
| kembali lagi ketemu ama ane .... kali ini ane mau share tentang script php yang mungkin berguna buat pertahanan situs kita ... script ini akan menscan file2 yang ada di root yang di curigai atau berpotensi sebagai shell :p:p:p Content
<table width="100%" bgcolor="#d3d3d3" height="100%"> <tr> <td> PHP Code:
#!/usr/bin/php
<?php
/*
* this script find some shell like
* c99, c100, r57, erne, Safe_Over
* and try to find some of unknow shell searching specific words this can be
* not safe
*
* how to use:
* the script don't need no-one of these parameter thay are facoltative
* -e Y/N enable disable eusristic mode (default is enable)
* -p a number 1-100 , it's the percentual of word that must be find into the file to warm the euristic mode
* -f check a single file
* -d check a single dir (normaly the program is recursive chek ALL file )
* powered by Dr. nefasto
*/
$euristic__ = array("fopen", "file(", "file_get_contents", "sql", "opendir", "perms", "port", "eval", "system", "exec", "rename", "copy", "delete", "hack", "($_", "phpinfo", "uname", "glob", "is_writable", "is_readable", "get_magic_quotes_gpc()", "move_uploaded_file", "$dir", "& 00", "get");
$word__ = array(
"c99" => array("c999shexit();", "setcookie("c999sh_surl");", "c999_buff_prepare();"),
"c100" => array("$back_connect_c="f0VMRgEBAQA", "function myshellexec($command) {", "tEY87ExcilDfgAMhwqM74s6o"),
"r57" => array("if(strpos(ex("echo abcr57"),"r57")!=3)", "function ex($cfe)", "$port_bind_bd_c="I2luY2x1ZGUg"),
"erne"=> array("function unix2DosTime($unixtime = 0)", "eh($errno, $er", "$mtime=@date("Y-m-d H:i:s",@filemti"),
"Safe_Over" => array("function walkArray($array){", "function printpagelink($a, $b, $link = "")", "if ($cmd != "downl")"),
"cmd_asp" => array(" ' -- Read th", "ll oFileSys.D", "Author: Maceo")
);
//the script work
$euristic_active = true;
$euristic_sens = 40;
for ($i = 1; $i < $argc; $i++)
{
if ($argv[$i] == "-h")
help($argv[0]);
elseif($argv[$i] == "-e")
{
if ($argv[$i+1] == "Y") $euristic_active = true;
if ($argv[$i+1] == "N") $euristic_active = false;
}
elseif($argv[$i] == "-p")
$euristic_sens = $argv[$i+1];
elseif($argv[$i] == "-d")
{
dir_scan($argv[$i+1]);
exit;
}
elseif($argv[$i] == "-f")
{
a($argv[$i+1]);
exit;
}
}
dir_scan(".");
function dir_scan($name)
{
if (!is_dir($name))
echo "$name is not a dirn";
if ($o = @opendir($name))
{
while(false !== ($file = readdir($o)))
{
if ($file == '.' or $file == '..' or $file == basename(__file__)){ continue;}
else if (is_dir($name."/".$file)){dir_scan($name."/".$file);}
else
a($name."/".$file);
}
closedir($o);
}
else
echo "i can't open $name dirn";
}
function a($file)
{
global $euristic_active;
global $euristic_sens;
if ($l = file_get_contents($file))
{
if ( $shell = check($l))
{
echo "[DANGER] word_list > ".$file."tprobably ".$shell." shelln";
}
else if ($euristic_active)
if ($t = check_euristic($l) and $t > $euristic_sens)
{
echo "[_ALERT] euristic $t%> ".$file."tprobably is a shelln";
}
}
else
{
echo "i can't open $file filen";
}
}
function check($string)
{
$check = 0;
global $word__;
foreach($word__ as $shell => $code)
foreach($code as $microcode)
if (stripos($string, $microcode) !== false)
{
$check ++;
if ($check == 3) return $shell;
}
return false;
}
function check_euristic($string)
{
global $euristic__;
$check = 0;
foreach($euristic__ as $code)
if (stripos($string, $code) !== false)
$check++;
return intval(($check * 100) / count($euristic__));
}
function help($me)
{
echo "indonesianhacker shell scannern".
"$me {-e [euristic method default = Y] Y/N -p [[0-100] euristic sensibility fewer == most feeble ] [-d [directory] / -f [file] ]}n".
"exemple: $me -e N -d /tmpn"
;
exit;
}
?>
</td> </tr> </table>
| simpan dengan nama amankan.php ato serah ente dah panggil url nah ... [You must be registered and logged in to see this link.] ntar tinggal liat hasilnah.... NB : TESTI gan .. ane pasang di halaman pertama... semoga berguna gan .... ditunggu cendolnya dan rate nya gan .... :d:d:d | |
| | | zer03s Administrator
Jumlah posting : 2471 Points : 4119 Reputation : 113 Join date : 13.12.10 Age : 32 Lokasi : /home/root/blackc0de
| Subyek: Re: Scan File-file Backdoor di situs anda Thu Apr 28, 2011 11:56 pm | |
| | |
| | | BumiayuKita Administrator
Jumlah posting : 2456 Points : 3020 Reputation : 85 Join date : 06.02.11 Age : 34 Lokasi : bumiayu
| Subyek: Re: Scan File-file Backdoor di situs anda Wed Aug 03, 2011 2:28 am | |
| hanya share aja kak semoga berguna | |
| | | Banditcode Top Nubie
Jumlah posting : 42 Points : 71 Reputation : 2 Join date : 12.08.11
| Subyek: Re: Scan File-file Backdoor di situs anda Sat Aug 13, 2011 6:45 pm | |
| ane praktekin dulu di web ane thanks a lot | |
| | | BumiayuKita Administrator
Jumlah posting : 2456 Points : 3020 Reputation : 85 Join date : 06.02.11 Age : 34 Lokasi : bumiayu
| Subyek: Re: Scan File-file Backdoor di situs anda Sun Aug 14, 2011 12:37 am | |
| berbagi kk | |
| | | bumiayucyber Newbie - Hack
Jumlah posting : 379 Points : 422 Reputation : 9 Join date : 08.09.11
| Subyek: Re: Scan File-file Backdoor di situs anda Sat Sep 10, 2011 9:32 pm | |
| sikat dulu gan,mau coba di web ane | |
| | | jenal NuuBiiTooL
Jumlah posting : 2 Points : 2 Reputation : 0 Join date : 14.09.11
| Subyek: Re: Scan File-file Backdoor di situs anda Wed Sep 14, 2011 6:52 pm | |
| kalo ketemu file yang mencurigakan otomatis delete pa gmane actionnya?, sory ane newbie mas bero | |
| | | BumiayuKita Administrator
Jumlah posting : 2456 Points : 3020 Reputation : 85 Join date : 06.02.11 Age : 34 Lokasi : bumiayu
| Subyek: Re: Scan File-file Backdoor di situs anda Wed Sep 14, 2011 7:58 pm | |
| | |
| | | Tuan DC BC Security
Jumlah posting : 623 Points : 704 Reputation : 41 Join date : 11.08.11 Lokasi : in the Hell
| Subyek: Re: Scan File-file Backdoor di situs anda Thu Sep 15, 2011 9:30 am | |
| - bocah cupu wrote:
- mending di del aje gan
delete webnya ya oms... hehe | |
| | | Sponsored content
| Subyek: Re: Scan File-file Backdoor di situs anda | |
| |
| | | | Scan File-file Backdoor di situs anda | |
|
Similar topics | |
|
| Permissions in this forum: | Anda tidak dapat menjawab topik
| |
| |
| Latest topics | » Baktrack TutorialSun Jul 28, 2019 2:26 am by kenta » aplikasi gambas pada linuxTue Apr 30, 2019 10:28 am by kenta » beli linux ubuntu terbaru di surabayaSun Mar 31, 2019 10:08 am by kenta » desain robotFri Jan 19, 2018 1:25 pm by kenta » membuat robot tidak susahFri Jan 19, 2018 1:15 pm by kenta » Salam.. Salam.. Salam..Thu Nov 30, 2017 7:42 am by BumiayuKita» teknologi penyaring udara dan airWed Oct 04, 2017 8:41 am by kenta » [CloudMILD] VPS SSD IIX 2X RAM + Xtra SSD SpaceMon Jul 24, 2017 10:46 am by BumiayuKita» cara menutup akses dari situs negatifTue Apr 04, 2017 1:04 pm by kenta » Aplikasi Google TalkMon Mar 20, 2017 3:00 am by BumiayuKita» Driver buat Webcam PC ?? merknya M-Tech,, Fri Jan 30, 2015 8:51 pm by aelgrim » Portal Blog,,,,,Sun Dec 14, 2014 12:38 am by robofics» Appteknodroid - Seputar Dunia AndroidMon Nov 10, 2014 11:32 pm by Pr0phecy » Software animasi yang agan2 pakeTue Sep 30, 2014 1:11 pm by X_campus » INDO BILLING 6.70 + KEYSun Sep 21, 2014 2:17 pm by abdul halim |
Statistics | Total 12294 user terdaftar User terdaftar terakhir adalah Adlygans
Total 31710 kiriman artikel dari user in 5734 subjects
|
Banner Forum | Dukung forum Blackc0de dengan memasang bannernya.
|
Social Networking |
|
|