php扫马、内网查mysql数据库账,密码








一下代码保留为php，拜访，输入门路，就能够了。内网数据库确定都是192开头的ip。







html

head

meta equiv ContentType content text/html; charsetgb2312

title ∷ Scanwebshell /title

STYLE

body{ SCROLLBARFACECOLOR: #719BC5; FONTSIZE: 12px; SCROLLBARHIGHLIGHTCOLOR: #ffffff; SCROLLBARSHADOWCOLOR: #ffffff; SCROLLBAR3DLIGHTCOLOR: #ffffff; SCROLLBARARROWCOLOR: #ffffff; SCROLLBARTRACKCOLOR: #ffffff; FONTFAMILY: 宋体 ; SCROLLBARDARKSHADOWCOLOR: #ffffff

fontfamily: 宋体; fontsize: 9pt}



INPUT {BORDER: 1px none silver; }

/STYLE

/head

body





php

if(set_time_limit(0)) ini_set( max_execution_time ,0);

$timeexplode( ,microtime());

$starttime$time.0.+$time.1.;

echo 本文件路径: .str_replace('\\','/',dirname(__FILE__)). br ;

$scan_ex php ; //扫描文件后缀

$count_all0; //总共扫描文件个数



//die();

//扫描的函数

$check_system_fun array( 192.168 , 10.0.



);

//返回的可疑文件

$dan_file_arrayarray();

global $scan_ex,$count_all,$scan_path,$check_file_fun,$dan_file_array;



//断定文件后缀

function get_ex($file_name)

{

$retval ;

$ptstrrpos($file_name, . );

if ($pt) $retvalsubstr($file_name, $pt+1, strlen($file_name) $pt);

// echo $retval. br ;

return ($retval);

}





//检讨文件

function check($file_name)

{

global $dan_file_array;

global $check_system_fun;



$content_num0;

$funs_info'';

$include_info'';

$contents_info'';

$time_info'';

$result false;

$file_contents file ($file_name);

$time_info. 文件创立时间: .date( F d Y H:i:s. , filectime($file_name)). br ;

$time_info. 文件修正时光: .date( F d Y H:i:s. , filemtime($file_name)). br ;

foreach ($file_contents as $file_content)

{

$mask1;

$content_num$content_num+1;

foreach ($check_system_fun as $func_name)

{

if(eregi($func_name,$file_content))

{

$funs_info$funs_info. 在第 .$content_num. 行存在要害字 .$func_name. 可能文件在试图执行体系命令 br ;

if($mask1)

{

$contents_info.htmlspecialchars(substr($file_content,0,100)). br ;

$mask0;

}

}

}

}







if(stristr($include_info,'试图履行')false)

{

if($include_info!'')

{

echo tr ;

echo td width\ 20\ border10 valign\ top\ $file_name /td ;

echo td width\ 30\ border10 valign\ top\ $include_info /td ;

echo td width\ 20\ border10 valign\ top\ $contents_info /td ;

echo td width\ 20\ border10 valign\ top\ $time_info /td ;

echo /tr ;

}