12.02
Achmad Miftah Fahmi
Nah2 udh lama jga ane blum msukin info2 barunya :)
ok deh mumpung ada info bagus nih untuk memperkuat security site kita. salah satunya scannner dri file2 tanaman backdoor para peretas :p
langsung aja deh.. cekibr00t...
Copas Code ini :
#!/usr/bin/php
/*
* this script find some shell like
* c99, c100, r57, erne, Safe_Over
* and try to find some of unknow shell searching specific words this can be
* not safe
*
* how to use:
* the script don't need no-one of these parameter thay are facoltative
* -e Y/N enable disable eusristic mode (default is enable)
* -p a number 1-100 , it's the percentual of word that must be find into the file to warm the euristic mode
* -f check a single file
* -d check a single dir (normaly the program is recursive chek ALL file )
* powered by Dr. nefasto
*/
$euristic__ = array("fopen", "file(", "file_get_contents", "sql", "opendir", "perms", "port", "eval", "system", "exec", "rename", "copy", "delete", "hack", "(\$_", "phpinfo", "uname", "glob", "is_writable", "is_readable", "get_magic_quotes_gpc()", "move_uploaded_file", "\$dir", "& 00", "get");
$word__ = array(
"c99" => array("c999shexit();", "setcookie(\"c999sh_surl\");", "c999_buff_prepare();"),
"c100" => array("\$back_connect_c=\"f0VMRgEBAQA", "function myshellexec(\$command) {", "tEY87ExcilDfgAMhwqM74s6o"),
"r57" => array("if(strpos(ex(\"echo abcr57\"),\"r57\")!=3)", "function ex(\$cfe)", "\$port_bind_bd_c=\"I2luY2x1ZGUg"),
"erne"=> array("function unix2DosTime(\$unixtime = 0)", "eh(\$errno, \$er", "\$mtime=@date(\"Y-m-d H:i:s\",@filemti"),
"Safe_Over" => array("function walkArray(\$array){", "function printpagelink(\$a, \$b, \$link = \"\")", "if (\$cmd != \"downl\")"),
"cmd_asp" => array(" ' -- Read th", "ll oFileSys.D", "Author: Maceo")
);
//the script work
$euristic_active = true;
$euristic_sens = 40;
for ($i = 1; $i < $argc; $i++)
{
if ($argv[$i] == "-h")
help($argv[0]);
elseif($argv[$i] == "-e")
{
if ($argv[$i+1] == "Y") $euristic_active = true;
if ($argv[$i+1] == "N") $euristic_active = false;
}
elseif($argv[$i] == "-p")
$euristic_sens = $argv[$i+1];
elseif($argv[$i] == "-d")
{
dir_scan($argv[$i+1]);
exit;
}
elseif($argv[$i] == "-f")
{
a($argv[$i+1]);
exit;
}
}
dir_scan(".");
function dir_scan($name)
{
if (!is_dir($name))
echo "$name is not a dir\n";
if ($o = @opendir($name))
{
while(false !== ($file = readdir($o)))
{
if ($file == '.' or $file == '..' or $file == basename(__file__)){ continue;}
else if (is_dir($name."/".$file)){dir_scan($name."/".$file);}
else
a($name."/".$file);
}
closedir($o);
}
else
echo "i can't open $name dir\n";
}
function a($file)
{
global $euristic_active;
global $euristic_sens;
if ($l = file_get_contents($file))
{
if ( $shell = check($l))
{
echo "[DANGER] word_list > ".$file."\tprobably ".$shell." shell\n";
}
else if ($euristic_active)
if ($t = check_euristic($l) and $t > $euristic_sens)
{
echo "[_ALERT] euristic $t%> ".$file."\tprobably is a shell\n";
}
}
else
{
echo "i can't open $file file\n";
}
}
function check($string)
{
$check = 0;
global $word__;
foreach($word__ as $shell => $code)
foreach($code as $microcode)
if (stripos($string, $microcode) !== false)
{
$check ++;
if ($check == 3) return $shell;
}
return false;
}
function check_euristic($string)
{
global $euristic__;
$check = 0;
foreach($euristic__ as $code)
if (stripos($string, $code) !== false)
$check++;
return intval(($check * 100) / count($euristic__));
}
function help($me)
{
echo "indonesianhacker shell scanner\n".
"$me {-e [euristic method default = Y] Y/N -p [[0-100] euristic sensibility fewer == most feeble ] [-d [directory] / -f [file] ]}\n".
"exemple: $me -e N -d /tmp\n"
;
exit;
}
?>
Lalu, simpan dengan nama amankan.php ato serah ente dah
panggil url nah ... http://situslo/amankan.php
ntar tinggal liat hasilnah....
Saran Dari Omz zee eichel
TESTI gan .. ane pasang di halaman pertama...
semoga berguna gan ....
ditunggu cendolnya dan rate nya gan ....
Posted in: hacker
0 komentar:
Posting Komentar