From acdffca2f0b9b64904f22dcc5261856b7e6d6cc9 Mon Sep 17 00:00:00 2001 From: Palma Solutions LTD Date: Sat, 13 May 2017 06:39:58 +0200 Subject: [PATCH] fixed bugs --- sc.php | 482 ++++++++++++++++++--------------------------------------- 1 file changed, 153 insertions(+), 329 deletions(-) diff --git a/sc.php b/sc.php index d0be174..9d81344 100644 --- a/sc.php +++ b/sc.php @@ -121,9 +121,9 @@ $error = "Fatal error: Allowed memory size of 134217728 bytes exhausted (tried t /* let's define the paths first */ $processUser = posix_getpwuid(posix_geteuid()); - $this->user = $processUser['name']; - $this->top_dir = '/home/'.$this->user.'/'; - $this->web_dir = '/home/'.$this->user.'/public_html/'; + $GLOBALS["user"] = $processUser['name']; + $GLOBALS["docroot"] = '/home/'.$GLOBALS["user"].'/'; + $GLOBALS["webroot"] = '/home/'.$GLOBALS["user"].'/public_html/'; $GLOBALS["red"] = ""; $GLOBALS["br"] = "
"; @@ -154,7 +154,7 @@ system ("w | grep load"); function cleanupl(){ system("find ../*/wp-content/uploads/ -type f -name '*.php' -print -exec rm -rf {} \;"); /* clear PHP files from wp-content/uploads */ system('find ../ -type f -name "*.php.suspected" -print -exec rm -rf {} \;'); /* clear files renamed as *.suspected by the server AV */ - system('find '.$this->web_dir.' -type f -size 0 -print -exec rm -rf {} \;'); /* clear files with 0 bytes size */ + system('find '.$GLOBALS["webroot"].' -type f -size 0 -print -exec rm -rf {} \;'); /* clear files with 0 bytes size */ } @@ -166,13 +166,13 @@ function vulntheme(){ } function clear_cache(){ -system("if [ $(find-name "cache" -maxdepth 0 -type d -empty 2>/dev/null) ]; then rm -rfv $i/*; echo "no cache dirs, or empty ones found"; fi"); +//system("if [ $(find-name "cache" -maxdepth 0 -type d -empty 2>/dev/null) ]; then rm -rfv $i/*; echo "no cache dirs, or empty ones found"; fi"); } /* cleaning the backdoor files of the Gravity Forms Exploit */ function cleangravity(){ -system('find '.$this->web_dir.' -type f -name "*_input__test*" -print -exec rm -rf {} \;'); -system('find '.$this->web_dir.' -type f -name "*_input_*.php*" -print -exec rm -rf {} \;'); -system('find '.$this->web_dir.' -type f -name "*_input_*.txt*" -print -exec rm -rf {} \;'); +system('find '.$GLOBALS["webroot"].' -type f -name "*_input__test*" -print -exec rm -rf {} \;'); +system('find '.$GLOBALS["webroot"].' -type f -name "*_input_*.php*" -print -exec rm -rf {} \;'); +system('find '.$GLOBALS["webroot"].' -type f -name "*_input_*.txt*" -print -exec rm -rf {} \;'); } /* use a modified version of Spamhaus's findbot.pl to identify left over backdoors */ @@ -235,7 +235,7 @@ system("./malware.pl"); /* EXIF scanner */ function checkexif(){ -define('IMAGEPATH', $this->web_dir); +define('IMAGEPATH', $GLOBALS["webroot"]); $directory = new RecursiveDirectoryIterator(IMAGEPATH); $iterator = new RecursiveIteratorIterator($directory); @@ -277,7 +277,7 @@ function insecplug(){ foreach ($plugins_list as $plugin){ - system('find '.$this->web_dir.' -type d -name '.$plugin.' -print'); + system('find '.$GLOBALS["webroot"].' -type d -name '.$plugin.' -print'); } @@ -338,7 +338,7 @@ function reshog(){ foreach ($plugin_list as $plugins){ - system('find '.$this->web_dir.' -type d -name '.$plugins.' -print'); + system('find '.$GLOBALS["webroot"].' -type d -name '.$plugins.' -print'); } @@ -346,7 +346,7 @@ function reshog(){ /* EXIF cleaner */ function cleanexif(){ -define('IMAGEPATH', $this->web_dir); +define('IMAGEPATH', $GLOBALS["webroot"]); $directory = new RecursiveDirectoryIterator(IMAGEPATH); $iterator = new RecursiveIteratorIterator($directory); @@ -472,9 +472,9 @@ echo "Removing Files With Zero Size"; function findchmod(){ echo "Finding All Files With Chmod Set To 0000

"; -system('find '.$this->web_dir.' -type f -perm 0000 -exec ls -al'); +system('find '.$GLOBALS["webroot"].' -type f -perm 0000 -exec ls -al'); echo "Finding All Directories With Chmod Set To 0000

"; -system('find '.$this->web_dir.' -type d -perm 0000 -exec ls -al'); +system('find '.$GLOBALS["webroot"].' -type d -perm 0000 -exec ls -al'); } function trimblanklines($str) { @@ -487,12 +487,12 @@ function trimblanklines($str) { function fixperms(){ echo("To save time (and money) we're going to locate the files and directories with improper permissions and fix just those:\n"); - system('find '.$this->web_dir.' -perm +og+w -follow -type d -print -exec chmod 755 {} \;'); - system('find '.$this->web_dir.' -perm 0000 -follow -type d -print -exec chmod 755 {} \;'); - system('find '.$this->web_dir.' -perm +og+w -follow -type f -print -exec chmod 644 {} \;'); - system('find '.$this->web_dir.' -perm 0000 -follow -type f -print -exec chmod 644 {} \;'); - system('find '.$this->web_dir.' -perm +og+w -follow -type f -name "*.cgi" -print -exec chmod 755 {} \;'); - system('find '.$this->web_dir.' -perm +og+w -follow -type f -name "*.pl" -print -exec chmod 755 {} \;'); + system('find '.$GLOBALS["webroot"].' -perm +og+w -follow -type d -print -exec chmod 755 {} \;'); + system('find '.$GLOBALS["webroot"].' -perm 0000 -follow -type d -print -exec chmod 755 {} \;'); + system('find '.$GLOBALS["webroot"].' -perm +og+w -follow -type f -print -exec chmod 644 {} \;'); + system('find '.$GLOBALS["webroot"].' -perm 0000 -follow -type f -print -exec chmod 644 {} \;'); + system('find '.$GLOBALS["webroot"].' -perm +og+w -follow -type f -name "*.cgi" -print -exec chmod 755 {} \;'); + system('find '.$GLOBALS["webroot"].' -perm +og+w -follow -type f -name "*.pl" -print -exec chmod 755 {} \;'); } function getcleaner(){ @@ -507,7 +507,7 @@ fclose($fp); function addsec(){ echo "securing .htaccess
"; - $htafile = $this->web_dir.'/.htaccess'; + $htafile = $GLOBALS["webroot"].'/.htaccess'; $htaData = " # Protection agains XSS exploits added by Lunarpages MSH team Options +FollowSymLinks @@ -528,7 +528,7 @@ file_put_contents($htafile, $htaData, FILE_APPEND | LOCK_EX); show_source($htafile); echo "moving on to php.ini"; - $phpfile = $this->web_dir.'/php.ini'; + $phpfile = $GLOBALS["webroot"].'/php.ini'; $phpData = ' ; Protection agains RFI exploits added by Lunarpages MSH team allow_url_fopen = Off @@ -553,7 +553,7 @@ file_put_contents($phpfile, $phpData, FILE_APPEND | LOCK_EX); echo ''; if(($_POST['send']) == "Remove it") { $name= ($_POST["name"]); - system('find '.$this->web_dir.' -name "'.$name.'" -print -exec rm -fr {} \;'); + system('find '.$GLOBALS["webroot"].' -name "'.$name.'" -print -exec rm -fr {} \;'); } } @@ -836,7 +836,7 @@ echo '

'; $ziparray = array("zip", "rar", "tgz", "tar.gz", "bz2", "tar"); foreach ($ziparray as $i => $valzip) { echo 'checking for backup files with extension: '.$valzip.'
'; - system('find '.$this->web_dir.'-name *.'.$valzip.' -exec du -sh {} \; | grep "backup"'); + system('find '.$GLOBALS["webroot"].'-name *.'.$valzip.' -exec du -sh {} \; | grep "backup"'); } } @@ -1091,329 +1091,153 @@ echo '
';
 
 function version() {
 
-
 $versions = array(
-    array("Wordpress", "*/wp-includes/version.php", "\$wp_version ="),
-    array("osCommerce", "*/includes/application_top.php", "define('PROJECT_VERSION', 'osCommerce Online Merchant"),
-    array("ZenCart", "*/includes/version.php", "define('PROJECT_VERSION_NAME', 'Zen Cart');"),
-    array("Drupal", "*/modules/system/system.info", "version = "),
-    array("Joomla 1.0", "*/includes/version.php", "\$RELEASE\|\$DEV_LEVEL"),
-    array("Joomla 1.5", "*/libraries/joomla/version.php", "\$RELEASE\ =\|\$DEV_LEVEL\ ="),
-
+    array("Wordpress", "/wp-includes/version.php", "\$wp_version ="),
+    array("osCommerce", "/includes/application_top.php", "define('PROJECT_VERSION', 'osCommerce Online Merchant"),
+    array("ZenCart", "/includes/version.php", "define('PROJECT_VERSION_NAME', 'Zen Cart');"),
+    array("Drupal", "/modules/system/system.info", "version = "),
+    array("Joomla 1.0", "/includes/version.php", "\$RELEASE\|\$DEV_LEVEL"),
+    array("Joomla 1.5", "/libraries/joomla/version.php", "\$RELEASE\ =\|\$DEV_LEVEL\ ="),
+    array("phpBB", "/includes/constants.php", "define('PHPBB_VERSION',"),
+    array("SMF", "/index.php", "\$forum_version = 'SMF"),
+    array("Gallery", "/modules/gallery/helpers/gallery.php", "const VERSION ="),
+    array("Coppermine", "/versioncheck.inc.php", "Coppermine version:"),
+    array("4images", "/includes/constants.php", "define('SCRIPT_VERSION',"),
+    array("MediaWiki", "/includes/DefaultSettings.php", "\$wgVersion ="),
+    array("PHPlist", "/admin/init.php", "define(\"VERSION\","),
+    array("RoundCube", "/program/include/iniset.php", "define('RCMAIL_VERSION',"),
+    array("Squirrel Mail", "/functions/strings.php", "\$version ="),
+    array("Dede CMS<", "/config_base.php", "\$cfg_soft_enname\|\$cfg_version"),
+    array("Sugar CRM", "/sugar_version.php", "\$sugar_version"),
+    array("XOOPS", "/version.php", "XOOPS_VERSION"),
+    array("Concrete5", "/config/concrete.php", "version_installed"),
+    array("Serendipity", "/serendipity_config.inc.php", "\$serendipity\['version'\] ="),
+    array("OpenBlog", "/application/config/open_blog.php", "\$config\['version'\] ="),
+    array("b2evolution", "/conf/_application.php", "\$app_version ="),
+    array("Nucleus", "/nucleus/libs/globalfunctions.php", "\$nucleus\['version'\] ="),
+    array("Dotclear", "/inc/prepend.php", "define('DC_VERSION',"),
+    array("TextPattern", "/textpattern/index.php", "\$thisversion ="),
+    array("NibbleBlog", "/admin/boot/rules/98-constants.bit", "define('NIBBLEBLOG_VERSION',"),
+    array("Lifetype", "/version.php", "\$version = \"lifetype"),
+    array("Chyrp", "/includes/common.php", "define('CHYRP_VERSION',"),
+    array("PivotX", "/pivotx/lib.php", "\$version ="),
+    array("FlatPress", "/fp-includes/core/core.system.php", "define('SYSTEM_VER',"),
+    array("Status.Net", "/lib/framework.php", "define('STATUSNET_BASE_VERSION',"),
+    array("Sharetronix", "/system/conf_main.php", "\$C->VERSION"),
+    array("PageCookery", "/global.php", "\$pcm_version ="),
+    array("StoryTLR", "/index.php", "define(\"STORYTLR_VERSION\","),
+    array("PHP-Fusion", "/administration/upgrade.php", "WHERE settings_name='version'"),
+    array("e107", "/e107_admin/ver.php", "\$e107info\['e107_version'\] ="),
+    array("Open Real Estate", "/index.php", "define('ORE_VERSION',"),
+    array("Zikula", "/lib/Zikula/Core.php", "const VERSION_NUM ="),
+    array("Website Baker", "/pages/posts/index.php", "by WebsiteBaker Ver."),
+    array("Subrion", "/index.php", "define('IA_VERSION', '"),
+    array("Pligg", "/languages/lang_english.conf", "//"),
+    array("PyroCMS", "/system/cms/config/constants.php", "define('CMS_VERSION',="),
+    array("Contao", "/system/config/localconfig.php", "\$GLOBALS\['TL_CONFIG'\]\['latestVersion'\] ="),
+    array("Geeklog", "/siteconfig.php", "define('VERSION',"),
+    array("Silverstripe", "/cms/silverstripe_version", "*"), //needs review
+    array("sNews", "/snews.php", "sNews Version:"),
+    array("jCore", "/config.inc.php", "@define('JCORE_VERSION',"),
+    array("ImpressPages", "/Ip/Application.php", "; //CHANGE_ON_VERSION_UPDATE"),
+    array("Quick.CMS", "/database/config.php", "\$config\['version'\] ="),
+    array("ImpressCMS", "/include/version.php", "define('ICMS_VERSION_NAME',"), /* triggers false positive for XOOPS as it's a fork of it */
+    array("Monstra", "/engine/Monstra.php", "const VERSION ="),
+    array("phpwcms", "/include/inc_lib/revision/revision.php", "define('PHPWCMS_VERSION'"),
+    array("Redaxscript", "/languages/en.json", "version"),
+    array("Silex", "/version.txt", "version=v"),
+    array("Mahara", "/lib/version.php", "\$config->release ="),
+    array("Saurus", "/classes/site.class.php", "\$this->script_version ="),
+    array("Jamroom", "/modules/jrCore/include.php", "'version'     =>"),
+    array("Bolt", "/src/Application.php", "\$values\['bolt_version'\] ="),
+    array("Pluck", "/data/inc/security.php", "define('PLUCK_VERSION',"),
+    array("Croogo", "/Vendor/croogo/croogo/VERSION.txt", "*"), // needs further review
+    array("Kirby", "/kirby/kirby.php", "static public \$version ="),
+    array("Zenario", "/zenario/admin/db_updates/latest_revision_no.inc.php", "define('ZENARIO_CMS_VERSION',"),
+    array("Cotonti", "/system/functions.php", "\$cfg\['version'\] ="),
+    array("appRain", "/development/definition/system_configuration/config.xml", ""),
+    array("ClipperCMS", "/manager/includes/version.inc.php", "define('CMS_RELEASE_VERSION',"), // forked from ModX
+    array("MyBB", "/inc/class_core.php", "public \$version ="),
+    array("AEF", "/globals.php", "// AEF : Advanced Electron Forum"),
+    array("Vanilla", "/conf/config.php", "\$Configuration\['Vanilla'\]\['Version'\] ="),
+    array("PunBB", "/include/constants.php", "define('FORUM_VERSION',"),
+    array("XMB", "/db/mysql.php", "* eXtreme Message Board"), // needs 2nd line too
+    array("FluxBB", "/include/common.php", "define('FORUM_VERSION',"),
+    array("Phorum", "/common.php", "define( \"PHORUM\","),
+    array("MiniBB", "/bb_functions.php", "\$version="),
+    array("Piwigo", "/include/constants.php", "define('PHPWG_VERSION"),
+    array("TinyWebGallery", "/config.php", "TWG version:"),
+    array("phpAlbum", "/main.php", "\$phpalbum_version="),
+    array("iGalerie", "/includes/classes/system.class.php", "public static \$galleryVersion ="),
+    array("Dolphin", "/modules/boonex/news/install/config.php", "'compatible_with' => array("), // needs 2nd line too
+    array("Oxwall", "/ow_version.xml", ""),
+    array("Etano", "/includes/defines.inc.php", "define('_INTERNAL_VERSION_',"),
+    array("PeoplePods", "/peoplepods/lib/etc/options.php", "\$this->setLibOptions('last_database_update','"),
+    array("Family Connections", "/install.php", "\$_POST\['contact'\], 'Family Connections"),
+    array("OSClass", "/oc-load.php", "define('OSCLASS_VERSION',"),
+    array("Revive AdServer", "/constants.php", "define('VERSION',"),
+    array("WebCalendar", "/includes/config.php", "\$PROGRAM_VERSION ="),
+    array("Booked", "/lib/Config/Configuration.php", "const VERSION ="),
+    array("PHP iCalendar", "/default_config.php", "\$this->phpicalendar_version ="),
+    array("WebMail Lite", "/adminpanel/VERSION", "*"), // needs further review
+    array("Piwik", "/core/Version.php", "const VERSION ="),
+    array("Little Poll", "/lp_admin.php", "Little Poll Admin Center v"),
+    array("Sphider", "/settings/conf.php", "\$version_nr"),
+    array("BigTree CMS", "/core/version.php", "define(\"BIGTREE_VERSION\",\""),
+    array("Quick Cart", "/database/config/general.php", "\$config\['version'\] ="),
+    array("gpEasy", "/include/common.php", "define('gpversion','"),
+    array("Gallery", "/modules/gallery/helpers/gallery.php", "const VERSION ="),
+    array("Gallery", "/modules/gallery/helpers/gallery.php", "const VERSION ="),
+    array("Gallery", "/modules/gallery/helpers/gallery.php", "const VERSION ="),
+    array("Gallery", "/modules/gallery/helpers/gallery.php", "const VERSION ="),
+    array("Gallery", "/modules/gallery/helpers/gallery.php", "const VERSION ="),
+    array("Gallery", "/modules/gallery/helpers/gallery.php", "const VERSION ="),
+    array("Gallery", "/modules/gallery/helpers/gallery.php", "const VERSION ="),
+    array("Gallery", "/modules/gallery/helpers/gallery.php", "const VERSION ="),
+    array("Gallery", "/modules/gallery/helpers/gallery.php", "const VERSION ="),
+    array("Gallery", "/modules/gallery/helpers/gallery.php", "const VERSION ="),
+    array("Gallery", "/modules/gallery/helpers/gallery.php", "const VERSION ="),
+    array("Gallery", "/modules/gallery/helpers/gallery.php", "const VERSION ="),
+    array("Gallery", "/modules/gallery/helpers/gallery.php", "const VERSION ="),
+    array("Gallery", "/modules/gallery/helpers/gallery.php", "const VERSION ="),
+    array("Gallery", "/modules/gallery/helpers/gallery.php", "const VERSION ="),
+    array("Gallery", "/modules/gallery/helpers/gallery.php", "const VERSION ="),
+    array("Gallery", "/modules/gallery/helpers/gallery.php", "const VERSION ="),
+    array("Gallery", "/modules/gallery/helpers/gallery.php", "const VERSION ="),
+    array("Gallery", "/modules/gallery/helpers/gallery.php", "const VERSION ="),
+    array("Gallery", "/modules/gallery/helpers/gallery.php", "const VERSION ="),
+    array("Gallery", "/modules/gallery/helpers/gallery.php", "const VERSION ="),
+    array("Gallery", "/modules/gallery/helpers/gallery.php", "const VERSION ="),
+    array("Gallery", "/modules/gallery/helpers/gallery.php", "const VERSION ="),
+    array("Gallery", "/modules/gallery/helpers/gallery.php", "const VERSION ="),
+    array("Gallery", "/modules/gallery/helpers/gallery.php", "const VERSION ="),
 
 );
 
-foreach(glob("./{**/*,*}".$versions[0][1], GLOB_BRACE) as $versionfile){
+foreach($versions as $row){
+foreach(glob("./{**/*,*}".$row[1], GLOB_BRACE) as $versionfile){
 
 	$file = file_get_contents($versionfile);
-	$pattern = preg_quote($versions[0][2], '/');
+	$pattern = preg_quote($row[2], '/');
 	$pattern = "/^.*$pattern.*\$/m";
 	if(preg_match_all($pattern, $file, $matches)){
 	echo "
";
-   	echo "Wordpress found:";
+   	echo "".$row[0]." found:
";
    	echo implode("
", $matches[0]);
-   	print_r ("location: ".$versionfile);
+   	echo "
";
+   	print_r ("location:".$versionfile);
 	}
+  }
 }
 
-foreach(glob("./{**/*,*}".$versions[1][1], GLOB_BRACE) as $versionfile){
-
-	$file = file_get_contents($versionfile);
-	$pattern = preg_quote($versions[1][2], '/');
-	$pattern = "/^.*$pattern.*\$/m";
-	if(preg_match_all($pattern, $file, $matches)){
-	echo "
";
-   	echo "osCommerce found:";
-   	echo implode("
", $matches[0]);
-   	print_r ("location: ".$versionfile);
-	}
-}
-
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "
Scanning account for the installed scripts & their versions...

";
-
-
 echo $GLOBALS["red"] . $GLOBALS["br"] . "Joomla

";
 system ("find ../ -type f -path '*/includes/version.php' -exec grep -H '\$RELEASE\|\$DEV_LEVEL' {} \; ");
 system ("find ../ -type f -path '*/libraries/joomla/version.php' -exec grep -H '\$RELEASE\ =\|\$DEV_LEVEL\ =' {} \; ");
 system ("find ../ -type f -path '*/libraries/cms/version.php' -exec grep -H '\$RELEASE\ =\|\$DEV_LEVEL\ =' {} \; ");
 system ("find ../ -type f -path '*/libraries/cms/version/version.php' -exec grep -H '\$RELEASE\ =\|\$DEV_LEVEL\ =' {} \; ");
 system ("find ../ -type f -path '*/libraries/cms/version/version.php' -exec grep -H 'const\ RELEASE\ =\|const\ DEV_LEVEL\ =' {} \; ");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "ZenCart

";
-system ("find ../ -type f -path '*/includes/version.php' -exec grep -HA2 \"define('PROJECT_VERSION_NAME', 'Zen Cart');\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Drupal

";
-system("find ../ type f -path '*/modules/system/system.info' -exec grep -H 'version = \"' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Timthumb

";
-system("find ../ type f -name '*.php' ! -name 'sc.php' -exec grep -H \"TimThumb CONFIGURATION\|define ('VERSION',\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "phpBB

";
-system("find ../ type f -path '*/includes/constants.php' -exec grep -H \"define('PHPBB_VERSION',\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "SMF

";
-system("find ../ type f -path '*/index.php' -exec grep -H \"\$forum_version = 'SMF\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Gallery

";
-system("find ../ type f -path '*/modules/gallery/helpers/gallery.php' -exec grep -H 'const VERSION =' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Coppermine

";
-system("find ../ type f -path '*/versioncheck.inc.php' -exec grep -H 'Coppermine version:' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "4images

";
-system("find ../ type f -path '*/includes/constants.php' -exec grep -H \"define('SCRIPT_VERSION',\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "MediaWiki

";
-system("find ../ type f -path '*/includes/DefaultSettings.php' -exec grep -H '\$wgVersion =' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "PHPlist

";
-system("find ../ type f -path '*/admin/init.php' -exec grep -H 'define(\"VERSION\",' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "RoundCube

";
-system("find ../ type f -path '*/program/include/iniset.php' -exec grep -H \"define('RCMAIL_VERSION',\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Squirrel Mail

";
-system("find ../ type f -path '*/functions/strings.php' -exec grep -H '\$version =' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "
Scanning account for the installed scripts & their versions...

";
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Dede CMS

";
-system("find ../ type f -path '*/config_base.php' -exec grep -H '\$cfg_soft_enname\|\$cfg_version' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Sugar CRM

";
-system("find ../ type f -path '*/sugar_version.php' -exec grep -H '\$sugar_version' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "XOOPS

";
-system ("find ../ type f -path '*/version.php' -exec grep -H 'XOOPS_VERSION' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Concrete5

";
-system ("find ../ type f -path '*/config/concrete.php' -exec grep -H 'version_installed' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Serendipity

";
-system("find ../ type f -path '*/serendipity_config.inc.php' -exec grep -H \"\$serendipity\['version'\] =\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "OpenBlog

";
-system("find ../ type f -path '*/application/config/open_blog.php' -exec grep -H \"\$config\['version'\] =\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "b2evolution

";
-system("find ../ type f -path '*/conf/_application.php' -exec grep -H '\$app_version =' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Nucleus

";
-system("find ../ type f -path '*/nucleus/libs/globalfunctions.php' -exec grep -H \"\$nucleus\['version'\] =\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Dotclear

";
-system("find ../ type f -path '*/inc/prepend.php' -exec grep -H \"define('DC_VERSION',\"  {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "TextPattern

";
-system("find ../ type f -path '*/textpattern/index.php' -exec grep -H '\$thisversion =' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "NibbleBlog

";
-system("find ../ type f -path '*/admin/boot/rules/98-constants.bit' -exec grep -H \"define('NIBBLEBLOG_VERSION',\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Lifetype

";
-system("find ../ type f -path '*/version.php' -exec grep -H '\$version = \"lifetype' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Chyrp

";
-system("find ../ type f -path '*/includes/common.php' -exec grep -H \"define('CHYRP_VERSION',\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "PivotX

";
-system("find ../ type f -path '*/pivotx/lib.php' -exec grep -H '\$version =' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "FlatPress

";
-system("find ../ type f -path '*/fp-includes/core/core.system.php' -exec grep -H \"define('SYSTEM_VER',\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Status.Net

";
-system("find ../ type f -path '*/lib/framework.php' -exec grep -H \"define('STATUSNET_BASE_VERSION',\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Sharetronix

";
-system("find ../ type f -path '*/system/conf_main.php' -exec grep -H '\$C->VERSION' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "PageCookery

";
-system("find ../ type f -path '*/global.php' -exec grep -H '\$pcm_version =' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "StoryTLR

";
-system("find ../ type f -path '*/index.php' -exec grep -H 'define(\"STORYTLR_VERSION\",' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "PHP-Fusion

";
-system("find ../ type f -path '*/administration/upgrade.php' -exec grep -H \"WHERE settings_name='version'\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "e107

";
-system("find ../ type f -path '*/e107_admin/ver.php' -exec grep -H \"\$e107info\['e107_version'\] =\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Open Real Estate

";
-system("find ../ type f -path '*/index.php' -exec grep -H \"define('ORE_VERSION',\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Zikula

";
-system("find ../ type f -path '*/lib/Zikula/Core.php' -exec grep -H 'const VERSION_NUM =' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Website Baker

";
-system("find ../ type f -path '*/pages/posts/index.php' -exec grep -H 'by WebsiteBaker Ver.' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Subrion

";
-system("find ../ type f -path '*/index.php' -exec grep -H \"define('IA_VERSION', '\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Pligg

";
-system("find ../ type f -path '*/languages/lang_english.conf' -exec grep -H '//' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "PyroCMS

";
-system("find ../ type f -path '*/system/cms/config/constants.php' -exec grep -H \"define('CMS_VERSION',\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Contao

";
-system("find ../ type f -path '*/system/config/localconfig.php' -exec grep -H \"\$GLOBALS\['TL_CONFIG'\]\['latestVersion'\] =\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Geeklog

";
-system("find ../ type f -path '*/siteconfig.php' -exec grep -H \"define('VERSION',\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Silverstripe

";
-system("find ../ type f -path '*/cms/silverstripe_version' -print -exec cat {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "sNews

";
-system("find ../ type f -path '*/snews.php' -exec grep -H 'sNews Version:' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "jCore

";
-system("find ../ type f -path '*/config.inc.php' -exec grep -H \"@define('JCORE_VERSION',\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "ImpressPages

";
-system("find ../ type f -path '*/Ip/Application.php' -exec grep -H '; //CHANGE_ON_VERSION_UPDATE' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Quick.CMS

";
-system("find ../ type f -path '*/database/config.php' -exec grep -H \"\$config\['version'\] =\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "ImpressCMS

"; /* triggers false positive for XOOPS as it's a fork of it */
-system("find ../ type f -path '*/include/version.php' -exec grep -H \"define('ICMS_VERSION_NAME',\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Monstra

";
-system("find ../ type f -path '*/engine/Monstra.php' -exec grep -H 'const VERSION =' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "phpwcms

";
-system("find ../ type f -path '*/include/inc_lib/revision/revision.php' -exec grep -H \"define('PHPWCMS_VERSION'\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Redaxscript

";
-system("find ../ type f -path '*/languages/en.json' -exec grep -H '\"version\":' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Silex

";
-system("find ../ type f -path '*/version.txt' -exec grep -H 'version=v' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Mahara

";
-system("find ../ type f -path '*/lib/version.php' -exec grep -H '\$config->release =' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Saurus

";
-system("find ../ type f -path '*/classes/site.class.php' -exec grep -H '\$this->script_version =' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Jamroom

";
-system("find ../ type f -path '*/modules/jrCore/include.php' -exec grep -H \"'version'     =>\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Bolt

";
-system("find ../ type f -path '*/src/Application.php' -exec grep -H \"\$values\['bolt_version'\] =\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Pluck

";
-system("find ../ type f -path '*/data/inc/security.php' -exec grep -H \"define('PLUCK_VERSION',\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Croogo

";
-system("find ../ type f -path '*/Vendor/croogo/croogo/VERSION.txt' -print -exec cat {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Kirby

";
-system("find ../ type f -path '*/kirby/kirby.php' -exec grep -H 'static public \$version =' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Zenario

";
-system("find ../ type f -path '*/zenario/admin/db_updates/latest_revision_no.inc.php' -exec grep -H \"define('ZENARIO_CMS_VERSION',\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Cotonti

";
-system("find ../ type f -path '*/system/functions.php' -exec grep -H \"\$cfg\['version'\] =\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "appRain

";
-system("find ../ type f -path '*/development/definition/system_configuration/config.xml' -exec grep -H '' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "ClipperCMS

"; /* forked from ModX */
-system("find ../ type f -path '*/manager/includes/version.inc.php' -exec grep -H \"define('CMS_RELEASE_VERSION',\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "MyBB

";
-system("find ../ type f -path '*/inc/class_core.php' -exec grep -H 'public \$version =' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "AEF

";
-system("find ../ type f -path '*/globals.php' -exec grep -HA1 '// AEF : Advanced Electron Forum' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Vanilla

";
-system("find ../ type f -path '*/conf/config.php' -exec grep -H \"\$Configuration\['Vanilla'\]\['Version'\] =\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "PunBB

";
-system("find ../ type f -path '*/include/constants.php' -exec grep -H \"define('FORUM_VERSION',\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "XMB

";
-system("find ../ type f -path '*/db/mysql.php' -exec grep -HA1 '* eXtreme Message Board' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "FluxBB

";
-system("find ../ type f -path '*/include/common.php' -exec grep -H \"define('FORUM_VERSION',\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Phorum

";
-system("find ../ type f -path '*/common.php' -exec grep -H 'define( \"PHORUM\",' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "MiniBB

";
-system("find ../ type f -path '*/bb_functions.php' -exec grep -H '\$version=' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Piwigo

";
-system("find ../ type f -path '*/include/constants.php' -exec grep -H \"define('PHPWG_VERSION',\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "TinyWebGallery

";
-system("find ../ type f -path '*/config.php' -exec grep -H 'TWG version:' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "phpAlbum

";
-system("find ../ type f -path '*/main.php' -exec grep -H '\$phpalbum_version=\"' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "iGalerie

";
-system("find ../ type f -path '*/includes/classes/system.class.php' -exec grep -H 'public static \$galleryVersion =' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Dolphin

";
-system("find ../ type f -path '*/modules/boonex/news/install/config.php' -exec grep -HA1 \"'compatible_with' => array(\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Oxwall

";
-system("find ../ type f -path '*/ow_version.xml' -exec grep -H '' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Etano

";
-system("find ../ type f -path '*/includes/defines.inc.php' -exec grep -H \"define('_INTERNAL_VERSION_',\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "PeoplePods

";
-system("find ../ type f -path '*/peoplepods/lib/etc/options.php' -exec grep -H \"\$this->setLibOptions('last_database_update','\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Family Connections

";
-system("find ../ type f -path '*/install.php' -exec grep -H \"\$_POST\['contact'\], 'Family Connections\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "OSClass

";
-system("find ../ type f -path '*/oc-load.php' -exec grep -H \"define('OSCLASS_VERSION',\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Revive AdServer

";
-system("find ../ type f -path '*/constants.php' -exec grep -H \"define('VERSION',\" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "WebCalendar

";
-system("find ../ type f -path '*/includes/config.php' -exec grep -H '\$PROGRAM_VERSION =' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Booked

";
-system("find ../ type f -path '*/lib/Config/Configuration.php' -exec grep -H 'const VERSION =' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "PHP iCalendar

";
-system("find ../ type f -path '*/default_config.php' -exec grep -H '\$this->phpicalendar_version =' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "WebMail Lite

";
-system("find ../ type f -path '*/adminpanel/VERSION' -print -exec cat {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Piwik

";
-system("find ../ type f -path '*/core/Version.php' -exec grep -H 'const VERSION =' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Little Poll

";
-system("find ../ type f -path '*/lp_admin.php' -exec grep -H 'Little Poll Admin Center v' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Sphider

";
-system("find ../ type f -path '*/settings/conf.php' -exec grep -H '\$version_nr' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "BigTree CMS

";
-system("find ../ type f -path '*/core/version.php' -exec grep -H 'define(\"BIGTREE_VERSION\",\"' {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "Quick Cart

";
-system("find ../ type f -path '*/database/config/general.php' -exec grep -H \"\$config\['version'\] = \" {} \;");
-
-echo $GLOBALS["red"] . $GLOBALS["br"] . "gpEasy

";
-system("find ../ type f -path '*/include/common.php' -exec grep -H \"define('gpversion','\" {} \;");
+//echo $GLOBALS["red"] . $GLOBALS["br"] . "Timthumb

";
+//system("find ../ type f -name '*.php' 
 
 echo $GLOBALS["red"] . $GLOBALS["br"] . "Elxis

";
 system("find ../ type f -path '*/includes/version.php' -exec grep -HA4 '\$elxis_version = array(' {} \;");
@@ -2022,7 +1846,7 @@ default :
 }
 
 $settings = array (
-        'BASE_DIR' => $this->web_dir,
+        'BASE_DIR' => $GLOBALS["webroot"],
         'USE_DEFINITIONS' => true,
         'SIZE_LIMIT' => ( 1024 * 1024 ) //size limit set to 1mb
     );