" ) ){ return 1; } $chunk = substr($content,0,$offset); $regex = "/".preg_quote($var,"/")."\s*=/ix"; preg_match( $regex, $chunk,$matches ); return count($matches); } /* parserizza il file $file per controllare la presenza di potenziali rfi */ function escan_parse_file($file) { global $escan_inc_regex; global $escan_max_size; global $escan_file_count; global $escan_match_count; global $escan_byte_count; $fsize = filesize($file); if( $escan_max_size && $fsize > $escan_max_size ) return; $escan_file_count++; $escan_byte_count += $fsize; $content = @file_get_contents($file); for( $i = 0; $i < count($escan_inc_regex); $i++ ){ if( preg_match_all( $escan_inc_regex[$i], $content, $matches, PR EG_OFFSET_CAPTURE ) ){ $nmatch = count($matches[0]); for( $j = 0; $j < $nmatch; $j++ ){ $offset = $matches[0][$j][1]; $line = escan_scan_line($content,$offset); $var = escan_parse_var($line,$i); if( escan_check_definitions($content,$offset,$var) == 0 ) { $escan_match_count++; print "@ $file - \n\t- '$var' alla posizione $offset .\n"{ ; } } } } } } /* restituisce l'estensione del file $fname */ function escan_get_file_ext($fname) { if( strchr($fname,'.') ){ return substr($fname,strrpos($fname,'.')+1); } else{ return ""; } } /* controlla se il file $fname รจ di un estensione valida */ function escan_isvalid_ext($fname) { global $escan_valid_ext; for( $i = 0; $i < count($escan_valid_ext); $i++ ){ if(strstr(escan_get_file_ext($fname),$escan_valid_ext[$i])){ return true; } } return false; } /* funzione che scansiona ricorsivamente le directory */ function escan_recurse_dir($dir) { global $escan_dir_count; $escan_dir_count++; if( $cdir = @dir($dir) ){ while( $entry = $cdir->read() ){ if( $entry != '.' && $entry != '..' ){ if( is_dir($dir.$entry) ){ escan_recurse_dir($dir.$entry.DIRECTORY_SEPARATOR); } else{ if( escan_isvalid_ext($dir.$entry) ){ escan_parse_file($dir.$entry); } } } } $cdir->close(); } } function escan_banner() { print "*-----------------------------------------------*\n" . "* PHP Evil RFI Scanner v1.2 by evilsocket *\n" . "* *\n" . "* http://www.evilsocket.net *\n" . "*-----------------------------------------------*\n\n"; } function escan_usage($pname) { print "Uso : php $pname \n"; } ?>