From afa26c7960c3869389230ea10a1f485169a5906f Mon Sep 17 00:00:00 2001
From: Palma Solutions LTD <malin@cenusa.me>
Date: Fri, 12 May 2017 08:07:02 +0200
Subject: [PATCH] fixed some bugz

---
 sc.php | 59 +++++++++++++++++++++++++++-------------------------------
 1 file changed, 27 insertions(+), 32 deletions(-)

diff --git a/sc.php b/sc.php
index 63b7efb..0d8aa4f 100644
--- a/sc.php
+++ b/sc.php
@@ -154,7 +154,7 @@ system ("w | grep load");
     function cleanupl(){
         system("find ../*/wp-content/uploads/ -type f -name '*.php' -print -exec rm -rf {} \;"); /* clear PHP files from wp-content/uploads */
         system('find ../ -type f -name "*.php.suspected" -print -exec rm -rf {} \;'); /* clear files renamed as *.suspected by the server AV */
-        system('find '.$this->web_dir.'./ -type f -size 0 -print -exec rm -rf {} \;'); /* clear files with 0 bytes size */
+        system('find '.$this->web_dir.' -type f -size 0 -print -exec rm -rf {} \;'); /* clear files with 0 bytes size */
         
     }
     
@@ -170,9 +170,9 @@ system("if [ $(find-name "cache" -maxdepth 0 -type d -empty 2>/dev/null) ]; then
 }
 /* cleaning the backdoor files of the Gravity Forms Exploit */
 function cleangravity(){
-system('find '.$this->web_dir.'./ -type f -name "*_input__test*" -print -exec rm -rf {} \;');
-system('find '.$this->web_dir.'./ -type f -name "*_input_*.php*" -print -exec rm -rf {} \;');
-system('find '.$this->web_dir.'./ -type f -name "*_input_*.txt*" -print -exec rm -rf {} \;');
+system('find '.$this->web_dir.' -type f -name "*_input__test*" -print -exec rm -rf {} \;');
+system('find '.$this->web_dir.' -type f -name "*_input_*.php*" -print -exec rm -rf {} \;');
+system('find '.$this->web_dir.' -type f -name "*_input_*.txt*" -print -exec rm -rf {} \;');
 }
 
 /* use a modified version of Spamhaus's findbot.pl to identify left over backdoors */
@@ -290,7 +290,7 @@ function insecplug(){
 
   foreach ($plugins_list as $plugin){
 
-    system('find '.$this->web_dir.'./ -type d -name '.$plugin.' -print');
+    system('find '.$this->web_dir.' -type d -name '.$plugin.' -print');
 
   }
 
@@ -351,7 +351,7 @@ function reshog(){
 
     foreach ($plugin_list as $plugins){
 
-      system('find '.$this->web_dir.'./ -type d -name '.$plugins.' -print');
+      system('find '.$this->web_dir.' -type d -name '.$plugins.' -print');
 
     }
 
@@ -485,9 +485,9 @@ echo "Removing Files With Zero Size";
 
 function findchmod(){
 echo "Finding All Files With Chmod Set To 0000<br /><br />";
-system('find '.$this->web_dir.'./ -type f -perm 0000 -exec ls -al');
+system('find '.$this->web_dir.' -type f -perm 0000 -exec ls -al');
 echo "Finding All Directories With Chmod Set To 0000<br /><br />";
-system('find '.$this->web_dir.'./ -type d -perm 0000 -exec ls -al');
+system('find '.$this->web_dir.' -type d -perm 0000 -exec ls -al');
 }
 
 function trimblanklines($str) {
@@ -500,12 +500,12 @@ function trimblanklines($str) {
 
     function fixperms(){
         echo("To save time (and money) we're going to locate the files and directories with improper permissions and fix just those:\n");
-        system('find '.$this->web_dir.'./ -perm +og+w -follow -type d -print -exec chmod 755 {} \;');
-        system('find '.$this->web_dir.'./ -perm 0000 -follow -type d -print -exec chmod 755 {} \;');
-        system('find '.$this->web_dir.'./ -perm +og+w -follow -type f -print -exec chmod 644 {} \;');
-        system('find '.$this->web_dir.'./ -perm 0000 -follow -type f -print -exec chmod 644 {} \;');
-        system('find '.$this->web_dir.'./ -perm +og+w -follow -type f -name "*.cgi" -print -exec chmod 755 {} \;');
-        system('find '.$this->web_dir.'./ -perm +og+w -follow -type f -name "*.pl" -print -exec chmod 755 {} \;');
+        system('find '.$this->web_dir.' -perm +og+w -follow -type d -print -exec chmod 755 {} \;');
+        system('find '.$this->web_dir.' -perm 0000 -follow -type d -print -exec chmod 755 {} \;');
+        system('find '.$this->web_dir.' -perm +og+w -follow -type f -print -exec chmod 644 {} \;');
+        system('find '.$this->web_dir.' -perm 0000 -follow -type f -print -exec chmod 644 {} \;');
+        system('find '.$this->web_dir.' -perm +og+w -follow -type f -name "*.cgi" -print -exec chmod 755 {} \;');
+        system('find '.$this->web_dir.' -perm +og+w -follow -type f -name "*.pl" -print -exec chmod 755 {} \;');
     }
 
     function getcleaner(){
@@ -566,7 +566,7 @@ file_put_contents($phpfile, $phpData, FILE_APPEND | LOCK_EX);
         echo '<input name="send" type="send" value="Remove it">';
     if(($_POST['send']) == "Remove it") {
     $name= ($_POST["name"]);
-        system('find '.$this->web_dir.'./ -name "'.$name.'" -print -exec rm -fr {} \;');
+        system('find '.$this->web_dir.' -name "'.$name.'" -print -exec rm -fr {} \;');
     }
     }
 
@@ -849,7 +849,7 @@ echo '<input name="submit" type="submit" value="Go"><br /><br />';
     $ziparray = array("zip", "rar", "tgz", "tar.gz", "bz2", "tar");
     foreach ($ziparray as $i => $valzip) {
         echo 'checking for backup files with extension: '.$valzip.'<br />';
-        system('find '.$this->web_dir.'./-name *.'.$valzip.' -exec du -sh {} \; | grep "backup"');
+        system('find '.$this->web_dir.'-name *.'.$valzip.' -exec du -sh {} \; | grep "backup"');
     }
     }
 
@@ -1104,28 +1104,23 @@ echo '<br><pre>';
 
 function version() {
 
-/* new script
 
 $versions = array(
-    array("Wordpress", "\*\/wp-includes/version.php", "\$wp_version ="),
-    array("osCommerce", "\*\/includes/application_top.php", "define('PROJECT_VERSION', 'osCommerce Online Merchant"),
-    array("ZenCart", "\*\/includes/version.php", "define('PROJECT_VERSION_NAME', 'Zen Cart');"),
-    array("Drupal", "\*\/modules/system/system.info", "version = "),
+    array("Wordpress", "*/wp-includes/version.php", "\$wp_version ="),
+    array("osCommerce", "*/includes/application_top.php", "define('PROJECT_VERSION', 'osCommerce Online Merchant"),
+    array("ZenCart", "*/includes/version.php", "define('PROJECT_VERSION_NAME', 'Zen Cart');"),
+    array("Drupal", "*/modules/system/system.info", "version = "),
+    array("Joomla 1.0", "*/includes/version.php", "\$RELEASE\|\$DEV_LEVEL"),
+    array("Joomla 1.5", "*/libraries/joomla/version.php", "\$RELEASE\ =\|\$DEV_LEVEL\ ="),
 
 
-)
+);
 
-if (file_exists($versions[0][1]))
-{
-    echo $versions[0][0] . "\n"
-    preg_grep ($versions[0][2], $versions[0][1])
-    elseif (file_exists($versions[1][1]))
-    echo $versions[1][0] . "\n"
-    preg_grep ($versions[1][2], $versions[0][1])
+echo $versions[0][0];
+system('find '.$this->web_dir.' -type f -path '.$versions[0][1].' -exec grep -H '.$versions[0][2].'{} \; ');
+echo $versions[1][0];
+system('find '.$this->web_dir.' -type f -path '.$versions[1][1].' -exec grep -H '.$versions[1][2].'{} \; ');
 
-}
-
-*/
 echo $GLOBALS["red"] . $GLOBALS["br"] . "<h3><b>Scanning account for the installed scripts & their versions...</h3><br /></span>";
 echo "<span style='color: #666666';><br /><h4><b>Batch #1 - Most used scripts:</h4><br /></span>";