<!--?php
header('content-type:text/html;charset=gbk');
set_time_limit(0);//防止超時(shí)
/**
*
* php目錄掃描監(jiān)控增強(qiáng)版
*
* @version 1.0
*
下面幾個(gè)變量使用前需要手動(dòng)設(shè)置
*
**/
/*===================== 程序配置 =====================*/
$pass="test";//設(shè)置密碼
$jkdir="."; //設(shè)置監(jiān)控掃描的目錄,當(dāng)前目錄為'.',上一級(jí)目錄為'..',也可以設(shè)置絕對(duì)路徑,后面不要加斜杠,默認(rèn)為當(dāng)前目錄
$logfilename="./m.log";//設(shè)置存儲(chǔ)log的路徑,可以放置在任意位置
$exclude=array('data','images');//排除目錄
$danger='eval|cmd|passthru|gzuncompress';//設(shè)置要查找的危險(xiǎn)的函數(shù) 以確定是否木馬文件
$suffix='php|inc';//設(shè)置要掃描文件的后綴
/*===================== 配置結(jié)束 =====================*/
$filename=$_GET['filename'];
$check=$_GET['check'];
$jumpoff=false;
$url = $_SERVER['PHP_SELF'];
$thisfile = end(explode('/',$url));
$jump="{$thisfile}|".implode('|',$exclude);
$jkdir_num=$file_num=$danger_num=0;
define('M_PATH',$jkdir);
define('M_LOG',$logfilename);
if ($check=='check')
{
$safearr = explode("|",$jump);
$start_time=microtime(true);
safe_check($jkdir);
$end_time=microtime(true);
$total=$end_time-$start_time;
$file_num=$file_num-$jkdir_num;
$message= " 文件數(shù):".$file_num;
$message.= " 文件夾數(shù):".$jkdir_num;
$message.= " 可疑文件數(shù):".$danger_num;
$message.= " 執(zhí)行時(shí)間:".$total;
echo $message;
}else{
if ($_GET['m']=="del") Delete();//處理文件刪除
//讀取文件內(nèi)容
if(isset($_GET['readfile'])){
//輸出查看密碼,密碼校驗(yàn)正確以后輸出文件內(nèi)容
if(empty($_POST['passchack'])){
echo"<form id=\"form1\" name=\"form1\" method=\"post\"-->"
. " <label>pass"
. " <input type="\"text\"" name="\"passchack\"">"
. " </label>"
. " <input type="\"submit\"" name="\"Submit\"" value="\"提交\"">"
. ""
."";
exit;
}elseif(isset($_POST['passchack'])&&$_POST['passchack']==$pass){
$code=file_get_contents($_GET['readfile']);
echo"<textarea name="\"code\"" cols="\"150\"" rows="\"30\"" id="\"code\"" style="'width:100%;height:450px;background:#cccccc;'">{$code}</textarea>";
exit;
}else{
exit;
}
}else{
record_md5(M_PATH);
if(file_exists(M_LOG)){
$log = unserialize(file_get_contents(M_LOG));
}else{
$log = array();
}
if($_GET['savethis']==1){
//保存當(dāng)前文件md5到日志文件
@unlink(M_LOG);
file_put_contents(M_LOG,serialize($file_list));
echo "<a href="'scandir.php'">保存成功!點(diǎn)擊返回</a>";
exit;
}
if(empty($log)){
echo "當(dāng)前還沒有創(chuàng)建日志文件!點(diǎn)擊[保存當(dāng)前]創(chuàng)建日志文件!";
}else{
if($file_list==$log){
echo "本文件夾沒有做過任何改動(dòng)!";
}else{
if(count($file_list) > 0 ){
foreach($file_list as $file => $md5){
if(!isset($log[$file])){
echo "新增文件:<a href="{$file}" target="'_blank'">".$file."</a>"." 創(chuàng)建時(shí)間:".date("Y-m-d H:i:s",filectime($file))." 修改時(shí)間:".date("Y-m-d H:i:s",filemtime($file))." <a href="?readfile={$file}" target="'_blank'">源碼</a><a href="'?m=del&filename={$file}'" target="'_blank'">刪除</a><br>";
}else{
if($log[$file] != $md5){
echo "修改文件:<a href="{$file}" target="'_blank'">".$file."</a>"." 創(chuàng)建時(shí)間:".date("Y-m-d H:i:s",filectime($file))." 修改時(shí)間:".date("Y-m-d H:i:s",filemtime($file))." <a href="?readfile={$file}" target="'_blank'">源碼</a><br>";
unset($log[$file]);
}else{
unset($log[$file]);
}
}
}
}
if(count($log)>0){
foreach($log as $file => $md5){
echo "刪除文件:<a href="{$file}" target="'_blank'">".$file."</a><br>";
}
}
}
}
}
}
//計(jì)算md5
function record_md5($jkdir){
global $file_list,$exclude;
if(is_dir($jkdir)){
$file=scandir($jkdir);
foreach($file as $f){
if($f!='.' && $f!='..' && !in_array($f, $exclude)){
$path = $jkdir.'/'.$f;
if(is_dir($path)){
record_md5($path);
}else{
$file_list[$path]=md5_file($path);
}
}
}
}
}
function Safe_Check($jkdir)//遍歷文件
{
global $danger ,$suffix ,$jkdir_num ,$file_num ,$danger_num;
) or die('文件夾不存在') ;
while ($file=$hand->read())
{
$filename=$jkdir.'/'.$file;
if (!$jumpoff) {
if(Jump($filename))continue;
}
if(@is_dir($filename) && $file != '.' && $file!= '..'&& $file!='./..')
{ $jkdir_num++;
Safe_Check($filename);
}
if (preg_match_all ("/\.($suffix)/i",$filename,$out))
{
$str=^^ `;
$fp = @fopen($filename,'r')or die('沒有權(quán)限');
while(!feof($fp))
{
$str .= fgets($fp,1024);
}
fclose($fp);
if( preg_match_all ("/($danger)[ \r\n\t]{0,}([\[\(])/i",$str,$out))
{
echo "<font color="'green'" style="'font-size:14px'">可疑文件:{$filename}</font>"." 創(chuàng)建時(shí)間:".date("Y-m-d H:i:s",filectime($filename))." 修改時(shí)間:".date("Y-m-d H:i:s",filemtime($filename))." <a href="'?readfile={$filename}'" target="'_blank'"><u>查看代碼</u></a> <a href="'?m=del&filename=$filename'" target="'_blank'">刪除</a><br>";
$danger_num++;
}
}
$file_num++;
}
}
function Edit()//查看可疑文件
{
global $filename;
$filename = str_replace("..","",$filename);
$file = $filename;
$content = "";
if(is_file($file))
{
$fp = fopen($file,"r")or die('沒有權(quán)限');
$content = fread($fp,filesize($file));
fclose($fp);
$content = htmlspecialchars($content);
}
echo "<textarea name="'str'" style="'width:100%;height:450px;background:#cccccc;'">$content</textarea>\r\n";
exit();
}
function Delete()//刪除文件
{ global $filename,$pass;
if(empty($_POST['passchack'])){
echo"<form id="\"form1\"" name="\"form1\"" method="\"post\"">"
. " <label>pass"
. " <input type="\"text\"" name="\"passchack\"">"
. " </label>"
. " <input type="\"submit\"" name="\"Submit\"" value="\"提交\"">"
. "</form>"
."";
exit;
}elseif(isset($_POST['passchack'])&&$_POST['passchack']==$pass){
(is_file($filename))?($mes=unlink($filename)?'刪除成功':'刪除失敗 查看權(quán)限'):^^ `;
echo $mes;
exit();
}else{
echo '密碼錯(cuò)誤!';
exit;
}
}
function Jump($file)//跳過文件
{
global $jump,$safearr;
if($jump != ^^ `)
{
foreach($safearr as $v)
{
if($v==^^ `) continue;
if( eregi($v,$file) ) return true ;
}
}
return false;
}
?>
<a href="scandir.php">[查看文件改動(dòng)]</a>|<a href="scandir.php?savethis=1">[保存當(dāng)前文件指紋]</a>|<a href="scandir.php?check=check">[掃描可疑文件]</a>
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Hot AI Tools
Undress AI Tool
Undress images for free
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
How to fix KB5060533 fails to install in Windows 10?
4 weeks ago
By DDD
Dune: Awakening - Where To Get Insulated Fabric
4 weeks ago
By Jack chen
Gmail Login: How to Sign Up, Sign In, or Sign Out of Gmail - MiniTool
1 months ago
By Jack chen
How to fix KB5060999 fails to install in Windows 11?
3 weeks ago
By DDD
Guild Guide In Tainted Grail: The Fall Of Avalon
4 weeks ago
By Jack chen
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
