if ($_POST ['Submit'] == '开始') {
$total = 0; //文件总数
$dangerous = array (); //危险文件
$dangerous_cOntent= $_POST ["sstr"];
$find_path = $_POST ["searchpath"];
$shortname = $_POST ["shortname"];
echo "";
echo "";
echo "";
echo "";
echo "";
echo "";
$begin_time=date("U");
// $dangerous_cOntent= "小亮,Root_GP,Root_CSS,c99sh_updateurl,c99sh_sourcesurl,640684770";
visitFile ( $find_path, $shortname );
$end_time=date("U");
foreach ($dangerous as $d){
echo $d." ";
}
echo "查找文件总数:" . $total." 危险文件:".count($dangerous)." 总用时".($end_time-$begin_time)."秒";
echo "";
echo "";
//if (! empty ( $dangerous )) {
//foreach ( $dangerous as $dan ) {
//echo "[error]" . $dan . " ";
//}
//}
exit();
}
function visitFile($path, $ext) {
global $total;
global $dangerous_content;
$fdir = dir ( $path );
//echo "Handle: " . $d->handle . " ";
// echo "Path: " . $fdir->path . " ";
set_time_limit ( 24 * 60 * 60 );
while ( ($entry = $fdir->read ()) !== false ) {
$pathSub = $path . "\" . $entry;
if ($entry != '.' && $entry != '..') {
if (is_dir ( $pathSub )) {
visitFile ( $pathSub, $ext );
} else {
$exten = explode ( '.', $entry );
$exten = array_reverse ( $exten ); //把上面数组倒序
// foreach ()
$shortnames = explode ( '|', $ext );
foreach ( $shortnames as $sn ) {
if (! empty ( $exten ) && $sn == $exten [0]) {
$total = $total + 1;
//echo "开始分析文件:".$path."/".$entry . " ";
$cOntent= file_get_contents ( $path . "/" . $entry ); //这个性能较好
$cOntent= strtolower ( $content ); //全部转为小写
$dangerous_cOntent= strtolower ( $dangerous_content ); //全部转为小写
isExists ( $dangerous_content, $path . "/" . $entry, $content );//这个方法太耗内存了,希望有高手能解决一下
}
}
//sleep(1);
}
}
}
$fdir->close ();
}
function isExists($str, $filename, $content) {
global $dangerous;
//sleep ( 1 );
set_time_limit ( 10 );
$arr = explode ( ',', $str );
$signature="特征码:";
if (! empty ( $arr )) {
// $cOntent= file_get_contents ( $filename ); //这个性能较好
$cOntent= strtolower ( $content ); //全部转为小写
$error_count = 0;
foreach ( $arr as $a ) {
if (trim ( $a ) != "") {
if (strpos ( $content, $a )) {
$error_count = $error_count + 1;
$signature.=$a." ";
}
}
}
if ($error_count > 0) {
// $dangerous [] = $filename;
$dangerous [] = "[error] " . $error_count . " " .$signature." " . $filename;
//echo "[error] " . $error_count . " " .$signature." " . $filename . " ";
}else{
//echo "[ok] " . $filename . " ";
}
}
}
?>
批量查找程序
本程序可以扫描指定目录的所有文件,进行内容查找。
在文件数量非常多的情况下,本操作比较占用服务器资源,请确脚本超时限制时间允许更改,否则可能无法完成操作。
" name="form1"
target="stafrm" method="post">
cellspacing="1" bgcolor="#666666">
起始根路径: |
id="searchpath" value="D:/" size="20" /> 点表示当前目录,末尾不要加/ |
文件扩展名: |
id="shortname" size="20" value="htm|html|shtml|php" /> 多个请用|隔开 |
内容查找选项:
name="isreg" value="1" />使用正则表达式 |
查找内容类默认使用字符串查找,也可以使用正则表达式(需勾选)。"查找为"不填写的话,就表示删除"查找内容"。
com,system,exec,eval,escapeshell,cmd,passthru,base64_decode,gzuncompress
|
查找内容: |
|
|
type="submit" name="Submit" value="开始" class="inputbut" /> |
cellspacing="1" bgcolor="#666666">
|
|