Malin/LP-MSH-Scanner
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

changed globals

Browse Source
This commit is contained in:
Palma Solutions LTD
2017-05-11 20:52:36 +02:00
parent 639a8937b9
commit 7f20afb14e
1 changed files with 28 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
sc.php
View File

@@ -130,10 +130,10 @@ $error = "Fatal error: Allowed memory size of 134217728 bytes exhausted (tried t
<?php
/* let's define the paths first */
$GLOBALS["userdir"] = system('whoami');
$GLOBALS["public_html"] = '/home/'.$GLOBALS["userdir"].'/public_html';
$GLOBALS["doc_root"] = '/home/'.$GLOBALS["userdir"].'/';
$GLOBALS["findcmd"] = 'find '.$GLOBALS["public_html"].'/';
$processUser = posix_getpwuid(posix_geteuid());
$this->user = $processUser['name'];
$this->top_dir = '/home/'.$this->user.'/';
$this->web_dir = '/home/'.$this->user.'/public_html/';
$GLOBALS["red"] = "<span style='color: #FF0000';>";
$GLOBALS["br"] = "<br />";
@@ -164,7 +164,7 @@ system ("w | grep load");
function cleanupl(){
system("find ../*/wp-content/uploads/ -type f -name '*.php' -print -exec rm -rf {} \;"); /* clear PHP files from wp-content/uploads */
system('find ../ -type f -name "*.php.suspected" -print -exec rm -rf {} \;'); /* clear files renamed as *.suspected by the server AV */
system($GLOBALS["findcmd"].' -type f -size 0 -print -exec rm -rf {} \;'); /* clear files with 0 bytes size */
system('find '.$this->web_dir.'./ -type f -size 0 -print -exec rm -rf {} \;'); /* clear files with 0 bytes size */
}
@@ -177,9 +177,9 @@ function vulntheme(){
/* cleaning the backdoor files of the Gravity Forms Exploit */
function cleangravity(){
system($GLOBALS["findcmd"].' -type f -name "*_input__test*" -print -exec rm -rf {} \;');
system($GLOBALS["findcmd"].' -type f -name "*_input_*.php*" -print -exec rm -rf {} \;');
system($GLOBALS["findcmd"].' -type f -name "*_input_*.txt*" -print -exec rm -rf {} \;');
system('find '.$this->web_dir.'./ -type f -name "*_input__test*" -print -exec rm -rf {} \;');
system('find '.$this->web_dir.'./ -type f -name "*_input_*.php*" -print -exec rm -rf {} \;');
system('find '.$this->web_dir.'./ -type f -name "*_input_*.txt*" -print -exec rm -rf {} \;');
}
/* use a modified version of Spamhaus's findbot.pl to identify left over backdoors */
@@ -233,7 +233,7 @@ system("./malware.pl");
/* EXIF scanner */
function checkexif(){
define('IMAGEPATH', $GLOBALS["public_html"]);
define('IMAGEPATH', $this->web_dir);
$directory = new RecursiveDirectoryIterator(IMAGEPATH);
$iterator = new RecursiveIteratorIterator($directory);
@@ -275,7 +275,7 @@ function insecplug(){
foreach ($plugins_list as $plugin){
system($GLOBALS["findcmd"].' -type d -name '.$plugin.' -print');
system('find '.$this->web_dir.'./ -type d -name '.$plugin.' -print');
}
@@ -336,7 +336,7 @@ function reshog(){
foreach ($plugin_list as $plugins){
system($GLOBALS["findcmd"].' -type d -name '.$plugins.' -print');
system('find '.$this->web_dir.'./ -type d -name '.$plugins.' -print');
}
@@ -344,7 +344,7 @@ function reshog(){
/* EXIF cleaner */
function cleanexif(){
define('IMAGEPATH', $GLOBALS["public_html"]);
define('IMAGEPATH', $this->web_dir);
$directory = new RecursiveDirectoryIterator(IMAGEPATH);
$iterator = new RecursiveIteratorIterator($directory);
@@ -470,9 +470,9 @@ echo "Removing Files With Zero Size";
function findchmod(){
echo "Finding All Files With Chmod Set To 0000<br /><br />";
system($GLOBALS["findcmd"].' -type f -perm 0000 -exec ls -al');
system('find '.$this->web_dir.'./ -type f -perm 0000 -exec ls -al');
echo "Finding All Directories With Chmod Set To 0000<br /><br />";
system($GLOBALS["findcmd"].' -type d -perm 0000 -exec ls -al');
system('find '.$this->web_dir.'./ -type d -perm 0000 -exec ls -al');
}
function trimblanklines($str) {
@@ -485,12 +485,12 @@ function trimblanklines($str) {
function fixperms(){
echo("To save time (and money) we're going to locate the files and directories with improper permissions and fix just those:\n");
system($GLOBALS["findcmd"].' -perm +og+w -follow -type d -print -exec chmod 755 {} \;');
system($GLOBALS["findcmd"].' -perm 0000 -follow -type d -print -exec chmod 755 {} \;');
system($GLOBALS["findcmd"].' -perm +og+w -follow -type f -print -exec chmod 644 {} \;');
system($GLOBALS["findcmd"].' -perm 0000 -follow -type f -print -exec chmod 644 {} \;');
system($GLOBALS["findcmd"].' -perm +og+w -follow -type f -name "*.cgi" -print -exec chmod 755 {} \;');
system($GLOBALS["findcmd"].' -perm +og+w -follow -type f -name "*.pl" -print -exec chmod 755 {} \;');
system('find '.$this->web_dir.'./ -perm +og+w -follow -type d -print -exec chmod 755 {} \;');
system('find '.$this->web_dir.'./ -perm 0000 -follow -type d -print -exec chmod 755 {} \;');
system('find '.$this->web_dir.'./ -perm +og+w -follow -type f -print -exec chmod 644 {} \;');
system('find '.$this->web_dir.'./ -perm 0000 -follow -type f -print -exec chmod 644 {} \;');
system('find '.$this->web_dir.'./ -perm +og+w -follow -type f -name "*.cgi" -print -exec chmod 755 {} \;');
system('find '.$this->web_dir.'./ -perm +og+w -follow -type f -name "*.pl" -print -exec chmod 755 {} \;');
}
function getcleaner(){
@@ -505,7 +505,7 @@ fclose($fp);
function addsec(){
echo "securing .htaccess<br />";
$htafile = $GLOBALS["public_html"].'/.htaccess';
$htafile = $this->web_dir.'/.htaccess';
$htaData = "
# Protection agains XSS exploits added by Lunarpages MSH team
Options +FollowSymLinks
@@ -526,7 +526,7 @@ file_put_contents($htafile, $htaData, FILE_APPEND | LOCK_EX);
show_source($htafile);
echo "moving on to php.ini";
$phpfile = $GLOBALS["public_html"].'/php.ini';
$phpfile = $this->web_dir.'/php.ini';
$phpData = '
; Protection agains RFI exploits added by Lunarpages MSH team
allow_url_fopen = Off
@@ -536,7 +536,7 @@ display_errors = Off
display_startup_errors = Off
error_reporting = E_ALL
mail.add_x_header = On
mail.log = '.$GLOBALS["doc_root"].'/phpmail.log
mail.log = '.$this->top_dir.'/phpmail.log
';
file_put_contents($phpfile, $phpData, FILE_APPEND | LOCK_EX);
@@ -551,7 +551,7 @@ file_put_contents($phpfile, $phpData, FILE_APPEND | LOCK_EX);
echo '<input name="send" type="send" value="Remove it">';
if(($_POST['send']) == "Remove it") {
$name= ($_POST["name"]);
system($GLOBALS["findcmd"].' -name "'.$name.'" -print -exec rm -fr {} \;');
system('find '.$this->web_dir.'./ -name "'.$name.'" -print -exec rm -fr {} \;');
}
}
@@ -820,12 +820,12 @@ echo '<input name="submit" type="submit" value="Go"><br /><br />';
$username = system('whoami');
echo "insert the location you wish to get the size for: <br />";
echo '<form method="post" enctype="multipart/form-data">';
echo $GLOBALS["doc_root"].'<input name="path" id="path" type="text" size="100">';
echo $this->top_dir.'<input name="path" id="path" type="text" size="100">';
echo '<input name="send" type="submit" value="Get it">';
if(($_POST['send']) == "Get it") {
$path = ($_POST["path"]);
echo "<br />Getting size of: ".$path."<br/>";
system('du -sh '.$GLOBALS["doc_root"].$path);
system('du -sh '.$this->top_dir.$path);
}
}
@@ -834,7 +834,7 @@ echo '<input name="submit" type="submit" value="Go"><br /><br />';
$ziparray = array("zip", "rar", "tgz", "tar.gz", "bz2", "tar");
foreach ($ziparray as $i => $valzip) {
echo 'checking for backup files with extension: '.$valzip.'<br />';
system($GLOBALS["findcmd"].'-name *.'.$valzip.' -exec du -sh {} \; | grep "backup"');
system('find '.$this->web_dir.'./-name *.'.$valzip.' -exec du -sh {} \; | grep "backup"');
}
}
@@ -1989,7 +1989,7 @@ default :
}
$settings = array (
'BASE_DIR' => $GLOBALS["public_html"],
'BASE_DIR' => $this->web_dir,
'USE_DEFINITIONS' => true,
'SIZE_LIMIT' => ( 1024 * 1024 ) //size limit set to 1mb
);