..:: Global Account Maintenance Tool ::.. released - by [ ]

REMOVE SCRIPT

..:: MALWARE AUDIT ::..
  • Known PHPShell Scan
  • Known Malware Scan
  • Less used patterns
  • Scan JPEG EXIF Data
  • malicious IFRAME scan
  • Check Files With Large Lines
  • Database String Scanner
  • CryptoPHP Scanner
  • Run Findbot.PL
  • Custom string scanner
 ..:: INSTALLED SCRIPTS ::..
  • Most used scripts (batch #1)
  • Other scripts (batch #2)
  • Other blogs & portals
  • Other ecommerce & forums
  • Rarely used
  • Insecure WP plugins
  • Vulnerable WP themes
 ..:: CLEANER ::..
  • Clean.PL
  • Clean.PHP
  • Clear Error Logs
  • Clean EXIF
  • Clean Gravity Forms Exploit
  • Remove Empty Files
  • Remove Error Logs
  • Remove PHP files from uploads dir (WP)
 ..:: MySQL ::..
  • Change Table Prefix
  • Check password security
  • Change MySQL user password
  • Change MySQL database engine
  • Replace Strings (MySQL password)
  • MySQL DB Optimization

..:: FIND STUFF::..
  • Find suspicious files in /tmp
  • Check for broken symlinks
  • Find backups
  • Find SQL dumps
  • Find large files (unrelated content)
  • Find last 500 modified files
  • Find Symlinks
  • Find Files & Dirs With Chmod 0000
  • Get Size of a directory
 ..:: SOP/MISC. ::..
  • Secure .htaccess and php.ini
  • Fix File and Folder Permissions
  • Secure Temporary/Images
  • Site Transfer
  • ZenCart Concantenated
  • Empty
  • Empty
 ..:: USAGE Investigation ::..
  • WP Resource Hogs
  • Database Size
  • Running Processes
  • Check The ProcessList
"; $GLOBALS["br"] = "
"; $GLOBALS["span"] = ""; /* let's get the server and account specs */ echo "Server: "; system('hostname'); echo " | user: "; system('whoami'); echo " | location: "; system('pwd'); if( ini_get('safe_mode') ){ echo "
PHP is running in safe mode - functionality is limited"; }else{ echo "
PHP is not running in safe mode - script has full functionality
"; } /* checking the server wide load */ echo "

Check the server load below first and make sure that you do not execute any of the functions if server has high load!!!

"; system ("w | grep load"); ?>
$output"; } /* secure the temporary directories against execution of malicious files */ function securetemps(){ $htdata = ' Order Deny,Allow Deny from all '; system("for i in `find ../ -type d -path '*/wp-content/uploads' -print;`; do echo -e '".$htdata."' >> \$i/.htaccess; done"); system("for i in `find ../ -type d -path '*/tmp' -print;`; do echo -e '".$htdata."' >> \$i/.htaccess; done"); /* Joomla /images may cause a ton of false positive patches so we'll research this further */ // system("for i in `find ./ -type d -path '*/images' -print;`; do echo -e '".$htdata."' >> \$i/.htaccess; done"); echo "all patched\n"; } /* Vulnerability check $output = shell_exec('find ./ -type f -name "*.php" -print -exec grep -RPn "(passthru|shell_exec|system|phpinfo|base64_decode|chmod|mkdir|fopen|fclose|readfile|php_uname|eval|tcpflood|udpflood|edoced_46esab) *\(" --color {} \;'); echo "
$output
"; */ /* let's scan and clean cryptoPHP */ function cryptophp(){ echo "Scanning for cryptoPHP in social.png files\n"; system("find ../ -type f -iname \"social*.png\" -exec grep -E -o 'php.{0,80}' {} \; -print"); echo "\nScanning for cryptoPHP in all PNG files\n"; system("find ../ -type f -iname '*.png' -print0 | xargs -0 file | grep \"PHP script\""); } /* Execute The Malware Scanner */ function scanme(){ require_once("./scan.php"); } /* Execute The PHP Cleaner */ function cleanPHP(){ require_once("./clean.php"); } /* Execute the Perl Cleaners */ function cleanPL(){ system("./malware.pl"); } /* Site Transfer Script */ function transfer(){ system("./transfer.pl"); } /* EXIF scanner */ function checkexif(){ ini_set('exif.encode_unicode', 'UTF-8'); define('IMAGEPATH', $GLOBALS["public_html"]); $directory = new RecursiveDirectoryIterator(IMAGEPATH); $iterator = new RecursiveIteratorIterator($directory); $matches = new RegexIterator($iterator, '/^.+\.(jpg|jpeg|png|tiff)$/i', RecursiveRegexIterator::GET_MATCH); foreach($matches as $key => $match): $exif = exif_read_data($match[0], 0, 'EXIF'); echo '
', print_r($exif, true), '
'; endforeach; } /* Insecure Plugins */ function insecplug(){ $plugins_list = array( "complete-gallery-manager", "wp-phpmyadmin", "1-flash-gallery", "category-list-portfolio-page", "disclosure-policy-plugin", "dp-thumbnail", "ip-logger", "is-human", "jquery-slider-for-featured-content", "kish-guest-posting", "lisl-last-image-slider", "really-easy-slider", "rent-a-car", "vk-gallery", "wordpress-news-ticker-plugin", "wp-marketplace", "adminer", "file-commander", "portable-phpmyadmin", "portable-phpmyadmin", "toolspack", "ToolsPack", "revslider", "research-plugin*" ); foreach ($plugins_list as $plugin){ system($GLOBALS["findcmd"].' -type d -name '.$plugin.' -print'); } } /* Resource Hog Plugins */ function reshog(){ $plugin_list = array( "broken-link-checker", "myreviewplugin", "linkman", "fuzzy-seo-booster", "wp-postviews", "wordfence", "tweet-blender", "dynamic-related-posts", "yet-another-related-posts-plugin", "similar-posts", "contextual-related-posts", "yet-another-featured-posts-plugin", "wponlinebackup", "wpengine-snapshot", "wpengine-migrate", "wp-symposium-alerts", "wp-slimstat", "wp-missed-schedule", "wordpress-gzip-compression", "wp-cache", "wp-database-optimizer", "wp-db-backup", "wp-dbmanager", "wp-engine-snapshot", "wp-file-cache", "wp-mailinglist", "async-google-analytics", "backup-scheduler", "backupwordpress", "backwpup", "duplicator", "ewww-image-optimizer", "ezpz-one-click-backup", "google-xml-sitemaps-with-multisite-support", "jr-referrer", "missed-schedule", "no-revisions", "ozh-who-sees-ads", "quick-cache", "seo-alrp", "si-captcha-for-wordpress", "similar-posts", "spyderspanker", "spyderspanker_pro", "super-post", "superslider", "text-passwords", "the-codetree-backup", ); foreach ($plugin_list as $plugins){ system($GLOBALS["findcmd"].' -type d -name '.$plugins.' -print'); } } /* EXIF cleaner */ function cleanexif(){ ini_set('exif.encode_unicode', 'UTF-8'); define('IMAGEPATH', $GLOBALS["public_html"]); $directory = new RecursiveDirectoryIterator(IMAGEPATH); $iterator = new RecursiveIteratorIterator($directory); $matches = new RegexIterator($iterator, '/^.+\.(jpg|jpeg)$/i', RecursiveRegexIterator::GET_MATCH); foreach($matches as $key => $image): echo '
', print_r($image, true),'
'; try { $img = new Imagick($image[0]); $img->stripImage(); $img->writeImage($image[0]); $img->clear(); $img->destroy(); echo "Removed EXIF data from $image. \n"; } catch(Exception $e) { echo 'Exception caught: ', $e->getMessage(), PHP_EOL; } endforeach; } /* Get MySQL process list for a given user */ function processlist(){ echo '

'; echo 'MySQL Host:
'; echo 'MySQL Username:
'; echo 'MySQL Password:
'; echo '

'; if(($_POST['submit']) == "Go") { $mhost = ($_POST["host"]);; $mpass = ($_POST["passwd"]); $musr = ($_POST["usern"]); } mysql_connect($mhost, $musr, $mpass); $q = mysql_query("SHOW FULL PROCESSLIST"); echo "..:: MySQL-Processes ::..\n"; echo "\n"; while($l = mysql_fetch_row($q) ) { echo "\n"; foreach($l as $val) echo "\n"; echo "\n"; } echo "
$val 
\n"; echo "..:: Query Cache Status ::..\n"; echo "\n"; $q = mysql_query("SHOW STATUS LIKE 'Qcache%'"); while($l = mysql_fetch_row($q) ) { echo "\n"; foreach($l as $val) echo "\n"; echo "\n"; } echo "
$val 
\n"; mysql_close(); } /* Get STAT data for a given file */ function stats(){ $output = shell_exec('stat ./ModSettings.php'); echo "
$output
"; } /* change MySQL Engine */ function changeengine(){ mysql_connect('localhost', 'learn0_mdle1', 'O{XgxSMtTXrD'); $databases = mysql_query('SHOW databases'); while($db = mysql_fetch_array($databases)) { echo "database => {$db[0]}\n"; mysql_select_db($db[0]); $tables = mysql_query('SHOW tables'); while($tbl = mysql_fetch_array($tables)) { echo "table => {$tbl[0]}\n"; mysql_query("ALTER TABLE {$tbl[0]} ENGINE=INNODB"); } } } function checklarge(){ $ite=new RecursiveDirectoryIterator(dirname(__FILE__)); $i = 0; foreach (new RecursiveIteratorIterator($ite) as $filename=>$cur): preg_match('/^.+\.php$/i', $filename, $match); if($match): $file = fopen($match[0], "r"); while(!feof($file)): $line = fgets($file); if(!feof($file)): if(mb_strlen($line) > 999): $i++; echo '
', $i ,')
', $filename ,' found line having more than 1000 characters, output to follow:
'; echo '
';
					echo trim(htmlentities($line));
					echo '
'; echo 'This file was last modified on: ' , date ("F d Y H:i:s.", filemtime($filename)) ,''; echo '
'; endif; endif; endwhile; fclose($file); endif; endforeach; } function removezero(){ echo "Removing Files With Zero Size"; } function findchmod(){ echo "Finding All Files With Chmod Set To 0000

"; system($GLOBALS["findcmd"].' -type f -perm 0000 -exec ls -al'); echo "Finding All Directories With Chmod Set To 0000

"; system($GLOBALS["findcmd"].' -type d -perm 0000 -exec ls -al'); } /* function sucuri() { $myresults = wp_remote_get("http://sitecheck.sucuri.net/scanner/?serialized&fromwp&scan=".home_url(), array("timeout" => 180)); if(is_wp_error($myresults)) { print_r($myresults); return; } $res = unserialize($myresults['body']); echo '
'; echo '

Sucuri SiteCheck Malware Scanner

'; if(!isset($res['MALWARE']['WARN'])) { echo '

  No malware was identified

'; echo "

Malware: No.

"; echo "

Malicious javascript: No.

"; echo "

Malicious iframes: No.

"; echo "

Suspicious redirections (htaccess): No.

"; echo "

Blackhat SEO Spam: No.

"; echo "

Anomaly detection: Clean.

"; } else { echo '

  Site compromised (malware was identified)

'; foreach($res['MALWARE']['WARN'] as $malres) { if(!is_array($malres)) { echo htmlspecialchars($malres); } else { $mwdetails = explode("\n", htmlspecialchars($malres[1])); echo htmlspecialchars($malres[0])."\n
". substr($mwdetails[0], 1)."
\n"; } } echo "
"; } echo 'More details here http://sitecheck.sucuri.net/scanner/?&scan='.home_url().''; echo "
\n"; if(isset($res['BLACKLIST']['WARN'])) { echo '

  Site blacklisted

'; } else { echo '

  Site blacklist-free

'; } foreach($res['BLACKLIST']['INFO'] as $blres) { echo "CLEAN: ".htmlspecialchars($blres[0])." ".htmlspecialchars($blres[1])."
"; } if(isset($res['BLACKLIST']['WARN'])) { foreach($res['BLACKLIST']['WARN'] as $blres) { echo "WARN: ".htmlspecialchars($blres[0])." ".htmlspecialchars($blres[1])."
"; } } */ function trimblanklines($str) { return preg_replace('`\A[ \t]*\r?\n|\r?\n[ \t]*\Z`','',$str); } function scanspam(){ } function fixperms(){ echo("To save time (and money) we're going to locate the files and directories with improper permissions and fix just those:\n"); system($GLOBALS["findcmd"].' -perm +og+w -follow -type d -print -exec chmod 755 {} \;'); system($GLOBALS["findcmd"].' -perm 0000 -follow -type d -print -exec chmod 755 {} \;'); system($GLOBALS["findcmd"].' -perm +og+w -follow -type f -print -exec chmod 644 {} \;'); system($GLOBALS["findcmd"].' -perm 0000 -follow -type f -print -exec chmod 644 {} \;'); system($GLOBALS["findcmd"].' -perm +og+w -follow -type f -name "*.cgi" -print -exec chmod 755 {} \;'); system($GLOBALS["findcmd"].' -perm +og+w -follow -type f -name "*.pl" -print -exec chmod 755 {} \;'); } function getcleaner(){ $remote = "http://malin.online9.net/cl.txt"; $local = "cl.php"; $contents=file_get_contents($remote); $fp=fopen($local, "w"); fwrite($fp, $contents); fclose($fp); include('./cl.php'); } function addsec(){ echo "securing .htaccess
"; $htafile = $GLOBALS["public_html"].'/.htaccess'; $htaData = " # Protection agains XSS exploits added by Lunarpages MSH team Options +FollowSymLinks RewriteEngine On RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR] RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (\<|%3C).*iframe.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR] RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) RewriteRule ^(.*)$ index_error.php [F,L] RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) RewriteRule .* - [F] "; file_put_contents($htafile, $htaData, FILE_APPEND | LOCK_EX); echo "data added to .htaccess
"; show_source($htafile); echo "moving on to php.ini"; $phpfile = $GLOBALS["public_html"].'/php.ini'; $phpData = ' ; Protection agains RFI exploits added by Lunarpages MSH team allow_url_fopen = Off allow_url_include = Off disable_functions=popen,passthru,escapeshellarg,escapeshellcmd,exec,passthru,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,system,blob,exec,escapeshellarg,pfsockopen,stream_get_transports,stream_set_blocking display_errors = Off display_startup_errors = Off error_reporting = E_ALL mail.add_x_header = On mail.log = '.$GLOBALS["doc_root"].'/phpmail.log '; file_put_contents($phpfile, $phpData, FILE_APPEND | LOCK_EX); echo "data added to php.ini"; show_source($phpfile); } function rmfile(){ echo "insert filename for mass deletion:
"; echo ''; echo ';'; echo ''; if(($_POST['send']) == "Remove it") { $name= ($_POST["name"]); system($GLOBALS["findcmd"].' -name "'.$name.'" -print -exec rm -fr {} \;'); } } function mysqlsearch(){ ?>
Results for: ".$search_text.''; // @abstract table count in the database $sql= 'show tables'; $res = mysql_query($sql); //@abstract get all table information in row tables $tables = fetch_array($res); //$tables = array(array('album')); //endof table count for($i=0;$i0) //@abstract Buliding search Querry, search { //@abstract taking the table data type information $sql = 'desc '.$tables[$i]['Tables_in_'.$dbname]; $res = mysql_query($sql); $collum = fetch_array($res); $search_sql = 'select * from '.$tables[$i]['Tables_in_'.$dbname].' where '; $no_varchar_field = 0; for($j=0;$jField .'
'; if($no_varchar_field!=0){$search_sql .= ' or ' ;} $search_sql .= '`'.$collum[$j]['Field'] .'` like \'%'.$search_text.'%\' '; $no_varchar_field++; //} // endof type selection part of query bulidingtype selection part }//@endof for |buliding search query if($no_varchar_field>0) // @abstract only main searching part showing the data { $res = mysql_query($search_sql); $search_result = fetch_array($res); if(sizeof($search_result)) // @abstract found search data showing it! { $result_in_tables++; echo '
   Table : ' . $tables[$i]['Tables_in_'.$dbname] .'   
          '. ' Total Results for "'.$search_text .'": '.mysql_affected_rows().'
SQL
'.$search_sql.'
Result
'; table_arrange($search_result); echo '


'; }// @endof showing found search }//@endof main searching }//@endof querry building and searching } if(!$result_in_tables) // @abstract if result is not found { echo '

Sorry, '. $search_text. ' is not found in this Database ('.$dbname.') !

'; } mysql_close($link); } } //********************* //* PHP functions //********************* function fetch_array($res) // @method fetch_array // @abstract taking the mySQL $resource id and fetch and return the result array // @param string| MySQL resouser // @return array { $data = array(); while ($row = mysql_fetch_assoc($res)) { $data[] = $row; } return $data; } //@endof function fetch_array function table_arrange($array) // @method table_arrange // @abstract taking the mySQL the result array and return html Table in a string. showing the search content in a diffrent css class. // @param array // @post_data search_text // @return string | html table { $table_data = ''; // @abstract returning table $max =0; // @abstract max lenth of a row $max_i =0; // @abstract number of the row which is maximum max lenth of a row $search_text = $_POST["search_text"]; for($i=0;$i'; // $j=0; foreach($array[$i] as $key => $data) { //@abstract a class around the search text $data = preg_replace("|($search_text)|Ui" , "
$1
" , htmlspecialchars($data)); $table_data .= ''. $data .'  '; $j++; } if($max<$j) { $max = $j; $max_i = $i; } $table_data .= ''."\n"; } $table_data .= '
'; unset($data); // @endof html table //@abstract populating the table head // @varname $data_a //@abstract taking the highest sized array and printing the key name. $data_a = $array[$max_i]; $table_head = ''; foreach($data_a as $key => $value) { $table_head .= ''. $key.''; } $table_head .= ''."\n"; //@endof populating the table head // @abstract printing the table data echo '
'.$table_head.$table_data; }//@endof function table_arrange /* Calculate sizes of all your databases in MB: SELECT table_schema "DB Name", SUM( data_length + index_length) / 1024 / 1024 "DB Size" FROM information_schema.TABLES GROUP BY table_schema ; Calculate table sizes for a specific database: SELECT TABLE_NAME, table_rows, data_length, index_length, round(((data_length + index_length) / 1024 / 1024),2) "Size in MB" FROM information_schema.TABLES WHERE table_schema = "PUT_YOUR_DATABASE_NAME_HERE"; */ function repl(){ echo "String Replacement"; echo '
'; echo 'Old String:

'; echo 'New String:
'; echo '

'; if(($_POST['submit']) == "Go") { $oldstr = ($_POST["oldstr"]); $newstr = ($_POST["newstr"]); system("grep -ilr '".$oldstr."' * | xargs -i@ sed -i 's/".$oldstr."/".$newstr."/g' @"); /* xargs /usr/bin/perl -w -i -p -e "s/your_old_string/your_new_string/g" */ echo 'all done'; } } /* getting the total size of a specific directory */ function getsize(){ $username = system('whoami'); echo "insert the location you wish to get the size for:
"; echo ''; echo $GLOBALS["doc_root"].''; echo ''; if(($_POST['send']) == "Get it") { $path = ($_POST["path"]); echo "
Getting size of: ".$path."
"; system('du -sh '.$GLOBALS["doc_root"].$path); } } /* looking for any backup files that would cause issues */ function findbackups(){ $ziparray = array("zip", "rar", "tgz", "tar.gz", "bz2", "tar"); foreach ($ziparray as $i => $valzip) { echo 'checking for backup files with extension: '.$valzip.'
'; system($GLOBALS["findcmd"].'-name *.'.$valzip.' -exec du -sh {} \; | grep "backup"'); } } /* looking for SQL dumps that may expose sensitive info */ function findsql(){ echo 'checking for SQL dumps
'; system('find '.$GLOBALS[doc_root].' -name "*.sql" -exec du -sh {} \;'); } /* looking for large files that may crash the scans*/ function findlarge(){ echo 'checking for large files (over 10MB)
'; system('find '.$GLOBALS[doc_root].' -size +10000k -exec du -sh {} \;'); } /* looking for symlinks that may expose sensitive data and will crash the scans */ function findsymlinks(){ echo 'checking for symlinks
'; system("find ../ -type l -exec ls -al {} \;"); } /* generate a concantenated password for ZenCart */ function zencart(){ echo 'generating ZenCart concantenated password:
'; echo '
'; echo 'New Password:
'; echo '

'; if(($_POST['submit']) == "Go") { $password = ($_POST["newzen"]); $salt = substr(md5($password), 0, 2); $password = md5($salt . $password) . ':' . $salt; echo 'New Password Hash is:
'; echo $password; } } function mysqlpwd(){ echo '
'; echo 'MySQL Username:
'; echo 'Current Password:
'; echo 'New MySQL Password:
'; echo '

'; if(($_POST['submit']) == "Go") { $host = "localhost"; $pass = ($_POST["pwd"]); $actusr = ($_POST["actusr"]); $actpass = ($_POST["actpwd"]); $link = mysql_connect($host, $actusr, $actpass) or die(mysql_error()); mysql_query("SET PASSWORD FOR '".$actusr."'@'".$host."' = PASSWORD('".$pass."');") or die(mysql_error()); } mysql_close($link); } function pwds(){ system('find ../ -name "*.php" -type f -exec grep -HA4 "`whoami`_" {} \;'); } function clean(){ $dir = "../"; echo '
'; echo 'Malware String:		'; echo '

'; if(($_POST['submit']) == "Go") { $malware = ($_POST["malware"]); system(`find $dir -name "*.php" -type f |xargs sed -i 's###g' 2>&1`); echo "Malware removed.
\n"; } system(`find $dir -name "*.php" -type f | xargs sed -i '/./,$!d' 2>&1`); echo "Empty lines removed.
\n"; } function optim(){ echo '
'; echo 'MySQL Hostname/IP:		'; echo 'MySQL Username:'; echo 'MySQL Password:'; echo '

'; if(($_POST['submit']) == "Go") { $host = ($_POST["host"]); $user = ($_POST["usr"]); $pass = ($_POST["pwd"]); echo "".date('H:i:s').": Connecting to MySQL Server ....
"; $link = mysql_connect($host, $user, $pass) or die(mysql_error()); $result = mysql_list_dbs($link); while($raw = mysql_fetch_object($result)){ foreach($raw as $name){ $tables = mysql_list_tables($name); echo 'optimizing database '.$name.'
'; if($name == 'information_schema') { echo 'skipping information_schema
'; } else { echo "".date('H:i:s').": Get tables from database $name ....
"; while ($row = mysql_fetch_row($tables)) { echo "".date('H:i:s').": Optimize table $row[0] ....
"; mysql_query('optimize table '.$row[0].' ') or die(mysql_error()); } } echo "".date('H:i:s').": Table of Database ".$name." Optimized
"; } } mysql_free_result($result); mysql_close($link); } } function prefix(){ // Check for POST data $action = isset($_REQUEST['action'])?$_REQUEST['action']:false; if (!$action) { ?>
Enter database name:
Enter database user
Enter database password:
Enter New Prefix:
   

'; // Select database and grab table list mysql_select_db($mysql_db, $link) or die ("Database not found."); $tables = mysql_list_tables($mysql_db); // Pull table names into an array and replace prefixes $i = 0; while ($i < mysql_num_rows($tables)) { $table_name = mysql_tablename($tables, $i); $table_array[$i] = $table_name; $i++; } // Pull table names into another array after replacing prefixes foreach ($table_array as $key => $value) { $table_names[$key] = replace_prefix($value, $table_prefix); } // Write new table names back foreach ($table_array as $key => $value) { $query = sprintf('RENAME TABLE %s TO %s', $table_array[$key], $table_names[$key]); $result = mysql_query($query, $link); if (!$result) { $error = mysql_error(); echo "Could not $query : $error
"; } else { $message = sprintf('Successfully renamed %s to %s in %s', $table_array[$key], $table_names[$key], $mysql_db); echo "$message
"; } } // Free the resources mysql_close($link); } function replace_prefix($s, $prefix) { $pos = strpos($s, "_"); $s = substr($s, $pos + 1); $s = sprintf("%s_%s", $prefix, $s); return $s; } } function loop(){ system('find ../ -type l -exec ls -l {} \;'); } function lastfiles(){ system("find ../ -type f -printf '%T@ %p\t\t %t\n' | sort -k 1 -nr | sed 's/^[^ ]* //' | head -n 500"); } function execmd(){ } /* Let's Remove All Files So The Don't Fall In Wrong Hands */ function remove(){ unlink(__FILE__); unlink("../sc"); unlink("./sc.zip"); } function norun(){ if(''==$df) { echo "[X]=> No functions are disabled, this script should run without issues
"; } else { echo "WARNING!: The following functions are disabled, please check your php.ini ".$df."
"; } echo "[X]=> Use any of the functions above in order to suit your needs
 "; echo "[X]=> Please be patient as this script uses recursive queries in order to determine the files
 "; echo "[X]=> If you run this script on accounts higher than 50GB in size please monitor server load
 "; echo "[X]=> There might be some false positives so please always double check results
 "; echo $GLOBALS["red"] . "account size is: "; system ("du -sh /home/`whoami`/public_html"); echo $GLOBALS["red"] . "total files in public_html: "; system ("find ../ -type f | wc -l"); echo '
php.ini files with register_globals enabled:
'; system("find ../ -name php.ini -exec grep -Hli '^register_globals.*=.*On' {} \;"); echo '
Running processes:'; echo '
';
system("ps -eo pid,user,cmd | grep `whoami`");
}
echo '
';
//starting script functions


function version() {

/* batch #1 */

echo $GLOBALS["red"] . $GLOBALS["br"] . "
Scanning account for the installed scripts & their versions...

";
echo "
Batch #1 - Most used scripts:

";

echo $GLOBALS["red"] . $GLOBALS["br"] . "Wordpress

";
system ("find ../ -type f -path '*/wp-includes/version.php' -exec grep -H '\$wp_version =' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Joomla

";
system ("find ../ -type f -path '*/libraries/joomla/version.php' -exec grep -H '\$RELEASE\ =\|\$DEV_LEVEL =' {} \; ");
system ("find ../ -type f -path '*/libraries/cms/version.php' -exec grep -H '\$RELEASE\ =\|\$DEV_LEVEL =' {} \; ");
system ("find ../ -type f -path '*/libraries/cms/version/version.php' -exec grep -H '\$RELEASE\ =\|\$DEV_LEVEL =' {} \; ");

echo $GLOBALS["red"] . $GLOBALS["br"] . "osCommerce

";
system ("find ../ -type f -path '*/includes/application_top.php' -exec grep -H \"define('PROJECT_VERSION', 'osCommerce Online Merchant\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "ZenCart

";
system ("find ../ -type f -path '*/includes/version.php' -exec grep -HA2 \"define('PROJECT_VERSION_NAME', 'Zen Cart');\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Drupal

";
system("find ../ type f -path '*/modules/system/system.info' -exec grep -H 'version = \"' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Timthumb

";
system("find ../ type f -name '*.php' ! -name 'sc.php' -exec grep -H \"TimThumb CONFIGURATION\|define ('VERSION',\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "phpBB

";
system("find ../ type f -path '*/includes/constants.php' -exec grep -H \"define('PHPBB_VERSION',\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "SMF

";
system("find ../ type f -path '*/index.php' -exec grep -H \"\$forum_version = 'SMF\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Gallery

";
system("find ../ type f -path '*/modules/gallery/helpers/gallery.php' -exec grep -H 'const VERSION =' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Coppermine

";
system("find ../ type f -path '*/versioncheck.inc.php' -exec grep -H 'Coppermine version:' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "4images

";
system("find ../ type f -path '*/includes/constants.php' -exec grep -H \"define('SCRIPT_VERSION',\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "MediaWiki

";
system("find ../ type f -path '*/includes/DefaultSettings.php' -exec grep -H '\$wgVersion =' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "PHPlist

";
system("find ../ type f -path '*/admin/init.php' -exec grep -H 'define(\"VERSION\",' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "RoundCube

";
system("find ../ type f -path '*/program/include/iniset.php' -exec grep -H \"define('RCMAIL_VERSION',\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Squirrel Mail

";
system("find ../ type f -path '*/functions/strings.php' -exec grep -H '\$version =' {} \;");

}

function cms(){

/* batch #2 */
echo $GLOBALS["red"] . $GLOBALS["br"] . "
Scanning account for the installed scripts & their versions...

";

echo "
Batch #2 - Scripts used sometimes:

";

echo $GLOBALS["red"] . $GLOBALS["br"] . "Dede CMS

";
system("find ../ type f -path '*/config_base.php' -exec grep -H '\$cfg_soft_enname\|\$cfg_version' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Sugar CRM

";
system("find ../ type f -path '*/sugar_version.php' -exec grep -H '\$sugar_version' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "XOOPS

";
system ("find ../ type f -path '*/version.php' -exec grep -H 'XOOPS_VERSION' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Concrete5

";
system ("find ../ type f -path '*/config/concrete.php' -exec grep -H 'version_installed' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Serendipity

";
system("find ../ type f -path '*/serendipity_config.inc.php' -exec grep -H \"\$serendipity\['version'\] =\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "OpenBlog

";
system("find ../ type f -path '*/application/config/open_blog.php' -exec grep -H \"\$config\['version'\] =\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "b2evolution

";
system("find ../ type f -path '*/conf/_application.php' -exec grep -H '\$app_version =' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Nucleus

";
system("find ../ type f -path '*/nucleus/libs/globalfunctions.php' -exec grep -H \"\$nucleus\['version'\] =\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Dotclear

";
system("find ../ type f -path '*/inc/prepend.php' -exec grep -H \"define('DC_VERSION',\"  {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "TextPattern

";
system("find ../ type f -path '*/textpattern/index.php' -exec grep -H '\$thisversion =' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "NibbleBlog

";
system("find ../ type f -path '*/admin/boot/rules/98-constants.bit' -exec grep -H \"define('NIBBLEBLOG_VERSION',\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Lifetype

";
system("find ../ type f -path '*/version.php' -exec grep -H '\$version = \"lifetype' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Chyrp

";
system("find ../ type f -path '*/includes/common.php' -exec grep -H \"define('CHYRP_VERSION',\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "PivotX

";
system("find ../ type f -path '*/pivotx/lib.php' -exec grep -H '\$version =' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "FlatPress

";
system("find ../ type f -path '*/fp-includes/core/core.system.php' -exec grep -H \"define('SYSTEM_VER',\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Status.Net

";
system("find ../ type f -path '*/lib/framework.php' -exec grep -H \"define('STATUSNET_BASE_VERSION',\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Sharetronix

";
system("find ../ type f -path '*/system/conf_main.php' -exec grep -H '\$C->VERSION' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "PageCookery

";
system("find ../ type f -path '*/global.php' -exec grep -H '\$pcm_version =' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "StoryTLR

";
system("find ../ type f -path '*/index.php' -exec grep -H 'define(\"STORYTLR_VERSION\",' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "PHP-Fusion

";
system("find ../ type f -path '*/administration/upgrade.php' -exec grep -H \"WHERE settings_name='version'\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "e107

";
system("find ../ type f -path '*/e107_admin/ver.php' -exec grep -H \"\$e107info\['e107_version'\] =\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Open Real Estate

";
system("find ../ type f -path '*/index.php' -exec grep -H \"define('ORE_VERSION',\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Zikula

";
system("find ../ type f -path '*/lib/Zikula/Core.php' -exec grep -H 'const VERSION_NUM =' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Website Baker

";
system("find ../ type f -path '*/pages/posts/index.php' -exec grep -H 'by WebsiteBaker Ver.' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Subrion

";
system("find ../ type f -path '*/index.php' -exec grep -H \"define('IA_VERSION', '\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Pligg

";
system("find ../ type f -path '*/languages/lang_english.conf' -exec grep -H '//' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "PyroCMS

";
system("find ../ type f -path '*/system/cms/config/constants.php' -exec grep -H \"define('CMS_VERSION',\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Contao

";
system("find ../ type f -path '*/system/config/localconfig.php' -exec grep -H \"\$GLOBALS\['TL_CONFIG'\]\['latestVersion'\] =\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Geeklog

";
system("find ../ type f -path '*/siteconfig.php' -exec grep -H \"define('VERSION',\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Silverstripe

";
system("find ../ type f -path '*/cms/silverstripe_version' -print -exec cat {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "sNews

";
system("find ../ type f -path '*/snews.php' -exec grep -H 'sNews Version:' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "jCore

";
system("find ../ type f -path '*/config.inc.php' -exec grep -H \"@define('JCORE_VERSION',\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "ImpressPages

";
system("find ../ type f -path '*/Ip/Application.php' -exec grep -H '; //CHANGE_ON_VERSION_UPDATE' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Quick.CMS

";
system("find ../ type f -path '*/database/config.php' -exec grep -H \"\$config\['version'\] =\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "ImpressCMS

"; /* triggers false positive for XOOPS as it's a fork of it */
system("find ../ type f -path '*/include/version.php' -exec grep -H \"define('ICMS_VERSION_NAME',\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Monstra

";
system("find ../ type f -path '*/engine/Monstra.php' -exec grep -H 'const VERSION =' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "phpwcms

";
system("find ../ type f -path '*/include/inc_lib/revision/revision.php' -exec grep -H \"define('PHPWCMS_VERSION'\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Redaxscript

";
system("find ../ type f -path '*/languages/en.json' -exec grep -H '\"version\":' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Silex

";
system("find ../ type f -path '*/version.txt' -exec grep -H 'version=v' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Mahara

";
system("find ../ type f -path '*/lib/version.php' -exec grep -H '\$config->release =' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Saurus

";
system("find ../ type f -path '*/classes/site.class.php' -exec grep -H '\$this->script_version =' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Jamroom

";
system("find ../ type f -path '*/modules/jrCore/include.php' -exec grep -H \"'version'     =>\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Bolt

";
system("find ../ type f -path '*/src/Application.php' -exec grep -H \"\$values\['bolt_version'\] =\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Pluck

";
system("find ../ type f -path '*/data/inc/security.php' -exec grep -H \"define('PLUCK_VERSION',\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Croogo

";
system("find ../ type f -path '*/Vendor/croogo/croogo/VERSION.txt' -print -exec cat {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Kirby

";
system("find ../ type f -path '*/kirby/kirby.php' -exec grep -H 'static public \$version =' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Zenario

";
system("find ../ type f -path '*/zenario/admin/db_updates/latest_revision_no.inc.php' -exec grep -H \"define('ZENARIO_CMS_VERSION',\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Cotonti

";
system("find ../ type f -path '*/system/functions.php' -exec grep -H \"\$cfg\['version'\] =\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "appRain

";
system("find ../ type f -path '*/development/definition/system_configuration/config.xml' -exec grep -H '' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "ClipperCMS

"; /* forked from ModX */
system("find ../ type f -path '*/manager/includes/version.inc.php' -exec grep -H \"define('CMS_RELEASE_VERSION',\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "MyBB

";
system("find ../ type f -path '*/inc/class_core.php' -exec grep -H 'public \$version =' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "AEF

";
system("find ../ type f -path '*/globals.php' -exec grep -HA1 '// AEF : Advanced Electron Forum' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Vanilla

";
system("find ../ type f -path '*/conf/config.php' -exec grep -H \"\$Configuration\['Vanilla'\]\['Version'\] =\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "PunBB

";
system("find ../ type f -path '*/include/constants.php' -exec grep -H \"define('FORUM_VERSION',\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "XMB

";
system("find ../ type f -path '*/db/mysql.php' -exec grep -HA1 '* eXtreme Message Board' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "FluxBB

";
system("find ../ type f -path '*/include/common.php' -exec grep -H \"define('FORUM_VERSION',\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Phorum

";
system("find ../ type f -path '*/common.php' -exec grep -H 'define( \"PHORUM\",' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "MiniBB

";
system("find ../ type f -path '*/bb_functions.php' -exec grep -H '\$version=' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Piwigo

";
system("find ../ type f -path '*/include/constants.php' -exec grep -H \"define('PHPWG_VERSION',\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "TinyWebGallery

";
system("find ../ type f -path '*/config.php' -exec grep -H 'TWG version:' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "phpAlbum

";
system("find ../ type f -path '*/main.php' -exec grep -H '\$phpalbum_version=\"' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "iGalerie

";
system("find ../ type f -path '*/includes/classes/system.class.php' -exec grep -H 'public static \$galleryVersion =' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Dolphin

";
system("find ../ type f -path '*/modules/boonex/news/install/config.php' -exec grep -HA1 \"'compatible_with' => array(\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Oxwall

";
system("find ../ type f -path '*/ow_version.xml' -exec grep -H '' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Etano

";
system("find ../ type f -path '*/includes/defines.inc.php' -exec grep -H \"define('_INTERNAL_VERSION_',\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "PeoplePods

";
system("find ../ type f -path '*/peoplepods/lib/etc/options.php' -exec grep -H \"\$this->setLibOptions('last_database_update','\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Family Connections

";
system("find ../ type f -path '*/install.php' -exec grep -H \"\$_POST\['contact'\], 'Family Connections\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "OSClass

";
system("find ../ type f -path '*/oc-load.php' -exec grep -H \"define('OSCLASS_VERSION',\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Revive AdServer

";
system("find ../ type f -path '*/constants.php' -exec grep -H \"define('VERSION',\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "WebCalendar

";
system("find ../ type f -path '*/includes/config.php' -exec grep -H '\$PROGRAM_VERSION =' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Booked

";
system("find ../ type f -path '*/lib/Config/Configuration.php' -exec grep -H 'const VERSION =' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "PHP iCalendar

";
system("find ../ type f -path '*/default_config.php' -exec grep -H '\$this->phpicalendar_version =' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "WebMail Lite

";
system("find ../ type f -path '*/adminpanel/VERSION' -print -exec cat {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Piwik

";
system("find ../ type f -path '*/core/Version.php' -exec grep -H 'const VERSION =' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Little Poll

";
system("find ../ type f -path '*/lp_admin.php' -exec grep -H 'Little Poll Admin Center v' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Sphider

";
system("find ../ type f -path '*/settings/conf.php' -exec grep -H '\$version_nr' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "BigTree CMS

";
system("find ../ type f -path '*/core/version.php' -exec grep -H 'define(\"BIGTREE_VERSION\",\"' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Quick Cart

";
system("find ../ type f -path '*/database/config/general.php' -exec grep -H \"\$config\['version'\] = \" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "gpEasy

";
system("find ../ type f -path '*/include/common.php' -exec grep -H \"define('gpversion','\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Elxis

";
system("find ../ type f -path '*/includes/version.php' -exec grep -HA4 '\$elxis_version = array(' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "CMSimple

";
system("find ../ type f -path '*/cmsimple/cms.php' -exec grep -H \"define('CMSIMPLE_VERSION', '\" {} \;");
    
echo $GLOBALS["red"] . $GLOBALS["br"] . "CRE Loaded

";
system("find ../ type f -path '*/includes/version.php' -exec grep -H \"define('PROJECT_VERSION', '\[CRE Loaded v\" {} \;");
    
echo $GLOBALS["red"] . $GLOBALS["br"] . "Expression Engine

";
system("find ../ type f -path '*/config/config.php' -exec grep -H \"\$config\['app_version'\] = \" {} \;");
    
echo $GLOBALS["red"] . $GLOBALS["br"] . "Pydio

";
system("find ../ type f -path '*/conf/VERSION.php' -exec grep -H 'define(\"AJXP_VERSION\", \"' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Aardvark Topsites

";
system("find ../ type f -path '*/index.php' -exec grep -H \"\$TMPL\['version'\] =\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Open Web Analytics

";
system("find ../ type f -path '*/owa_env.php' -exec grep -H \"define('OWA_VERSION', '\" {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "CJ Dynamic Poll

";
system("find ../ type f -path '*/poll_config.php' -exec grep -H '\$version = \"' {} \;");
    
echo $GLOBALS["red"] . $GLOBALS["br"] . "Logaholic

";
system("find ../ type f -path '*/includes/version.php' -exec grep -H 'define(\"LOGAHOLIC_VERSION_NUMBER\", \"' {} \;");
    
echo $GLOBALS["red"] . $GLOBALS["br"] . "Little Software Stats

";
system("find ../ type f -path '*/inc/version.php' -exec grep -H \"define( 'VERSION'\" {} \;");
    
echo $GLOBALS["red"] . $GLOBALS["br"] . "qdPM

";
system("find ../ type f -path '*/core/apps/qdPM/templates/_footer.php' -exec grep -H 'target=\"_blank\">qdPM' {} \;");
    
echo $GLOBALS["red"] . $GLOBALS["br"] . "eyeOS

";
system("find ../ type f -path '*/settings.php' -exec grep -H \"define('EYE_VERSION', '\" {} \;");
    
echo $GLOBALS["red"] . $GLOBALS["br"] . "Collabtive

";
system("find ../ type f -path '*/init.php' -exec grep -H '\$template->assign(\"myversion\"' {} \;");
    
echo $GLOBALS["red"] . $GLOBALS["br"] . "DotProj

";
system("find ../ type f -path '*/includes/version.php' -exec grep -HA2 '\$dp_version_major' {} \;");
    
echo $GLOBALS["red"] . $GLOBALS["br"] . "ProjectPier

";
system("find ../ type f -path '*/version.php' -exec grep -H \"return '\" {} \;");
    
echo $GLOBALS["red"] . $GLOBALS["br"] . "PHProjekt

";
system("find ../ type f -path '*/VERSION' -exec grep -H 'PHProjekt ' {} \;");
    
echo $GLOBALS["red"] . $GLOBALS["br"] . "TaskFreak

";
system("find ../ type f -path '*/include/config.php' -exec grep -H \"define('FRK_VERSION','\" {} \;");
    
echo $GLOBALS["red"] . $GLOBALS["br"] . "todoyu

";
system("find ../ type f -path '*/core/inc/version.php' -exec grep -H \"define('TODOYU_VERSION', '\" {} \;");
    
echo $GLOBALS["red"] . $GLOBALS["br"] . "FlySpray

";
system("find ../ type f -path '*/includes/class.flyspray.php' -exec grep -H 'public \$version =' {} \;");
    
echo $GLOBALS["red"] . $GLOBALS["br"] . "PHPCollab

";
system("find ../ type f -path '*/includes/settings.php' -exec grep -HA1 '# PhpCollab version' {} \;");
    
echo $GLOBALS["red"] . $GLOBALS["br"] . "Traq

";
system("find ../ type f -path '*/vendor/traq/version.php' -exec grep -H 'define(\"TRAQ_VER\",' {} \;");
    
echo $GLOBALS["red"] . $GLOBALS["br"] . "Admidio

";
system("find ../ type f -path '*/adm_program/system/constants.php' -exec grep -HA2 \"define('ADMIDIO_VERSION_MAIN',\" {} \;");
    
echo $GLOBALS["red"] . $GLOBALS["br"] . "Eventum

";
system("find ../ type f -path '*/init.php' -exec grep -H \"define('APP_VERSION',\" {} \;");
    
echo $GLOBALS["red"] . $GLOBALS["br"] . "Burden

";
system("find ../ type f -path '*/config.php' -exec grep -H \"define('VERSION',\" {} \;"); /* could produce too many false positives but there's no other way */
        
echo $GLOBALS["red"] . $GLOBALS["br"] . "Livezilla

";
system("find ../ type f -path '*/_definitions/definitions.inc.php' -exec grep -H 'define(\"VERSION\",' {} \;");    
    
echo $GLOBALS["red"] . $GLOBALS["br"] . "Perch

";
system("find ../ type f -path '*/admin/core/lib/Perch.class.php' -exec grep -H 'public \$version =' {} \;"); 
    
echo $GLOBALS["red"] . $GLOBALS["br"] . "Elefant CMS

";
system("find ../ type f -path '*/conf/version.php' -exec grep -H 'ELEFANT_VERSION' {} \;"); 

echo $GLOBALS["red"] . $GLOBALS["br"] . "Wolf CMS

";
system("find ../ type f -path '*/index.php' -exec grep -H \"define('CMS_VERSION\', '\" {} \;"); 
    
echo $GLOBALS["red"] . $GLOBALS["br"] . "Get Simple CMS

";
system("find ../ type f -path '*/admin/inc/configuration.php' -exec grep -HA1 '\$site_full_name' {} \;"); 
    
echo $GLOBALS["red"] . $GLOBALS["br"] . "Anchor CMS

";
system("find ../ type f -path '*/index.php' -exec grep -H \"define('VERSION', '\" {} \;"); 
    
echo $GLOBALS["red"] . $GLOBALS["br"] . "CodeIgniter

";
system("find ../ type f -path '*/CodeIgniter.php' -exec grep -H \"define('CI_VERSION', '\" {} \;"); 
    
echo $GLOBALS["red"] . $GLOBALS["br"] . "GotCMS

";
system("find ../ type f -path '*/library/Gc/Version.php' -exec grep -H 'const VERSION =' {} \;"); 
    
echo $GLOBALS["red"] . $GLOBALS["br"] . "Frog CMS

";
system("find ../ type f -path '*/admin/index.php' -exec grep -H \"define('FROG_VERSION', '\" {} \;"); 
    
echo $GLOBALS["red"] . $GLOBALS["br"] . "Pulse CMS

";
system("find ../ type f -path '*/admin/index.php' -exec grep -H 'class=\"ver\">Pulse CMS' {} \;"); 
    
echo $GLOBALS["red"] . $GLOBALS["br"] . "Couch CMS

";
system("find ../ type f -path '*/header.php' -exec grep -H \"define( 'K_COUCH_VERSION', '\" {} \;"); 
    
echo $GLOBALS["red"] . $GLOBALS["br"] . "Kanboard

";
system("find ../ type f -path '*/app/constants.php' -exec grep -H \"define('APP_VERSION', '\" {} \;"); 
    
echo $GLOBALS["red"] . $GLOBALS["br"] . "XpressEngine

";
system("find ../ type f -path '*/config/config.inc.php' -exec grep -H \"define('__XE_VERSION__',\" {} \;"); 
    
echo $GLOBALS["red"] . $GLOBALS["br"] . "Hesk

";
system("find ../ type f -path '*/hesk_settings.inc.php' -exec grep -H \"\$hesk_settings['hesk_version']=\" {} \;"); 
        
echo $GLOBALS["red"] . $GLOBALS["br"] . "PHPWiki

";
system("find ../ type f -path '*/lib/config.php' -exec grep -H \"define('PHPWIKI_VERSION',\" {} \;"); 

echo $GLOBALS["red"] . $GLOBALS["br"] . "PixelPost

";
system("find ../ type f -path '*/includes/pixelpost.php' -exec grep -H 'Pixelpost version ' {} \;"); 
    
/*
PmWiki doesn't output the version properly for some reason and it will be checked later
phpNuke support removed as newer phpNuke installs store the version in the database
newest ELGG, CMS Made Simple, Sitecake, Pimcore, Microweber, ZenPhoto, WikkaWiki, JCow, Open Source Social Network, Lime Survey, Feng Office require PHP 5.4 to work
phpLD is not compatible with PHP version 5.3+ so support for it has been removed from the scanner
Pixie does not have proper version handling so it will not be supported
eggBlog stores it's version in a file called VERSION which will generate too many false positives so it will not be supported
PHP-Fusion normally pulls the version from the database, but we can try and grab it from it's upgrade script function
ModX nowadays pulls the version info from the database so we'll no longer support it
ocPortal seems to be pulling info from the database and we will not support it
Typo3 requires fileinfo() which isn't supported on LP shared
ProcessWire doesn't store any version related info so it will not be supported
Fork, Prosper202 don't work from subdirectories
Sitemagic fails to report the version properly so I've removed it from the script
Tiki Wiki stores the version details in the database so we'll not support it
razorCMS requires suPHP when installing with Softaculous and fails although suPHP exists
SeoToasterCMS stores version information under a version.txt file which is bound to produce a lot of false positives so we'll not support it
Bigace doesn't seem to store any version related info under it's files so it won't be supported
Fiyo stores only the major core version in it's files and this could cause too many false positives so it will not be supported
HotaruCMS couldn't be installed so I could not fingerprint it
FUDforum doesn't appear to store any version info in it's files
Beehive requires PHP 5.4, fileinfo () and intl ()
my little forum uses an improper version handling which will generate many false positives so we'll not support it
Pixelpost stores version related data in an Readme.txt file which would generate too many false positives if used
Plogger does not seem to store any version related info into it's files
DokuWiki uses a file called VERSION to store version related info and this generates too many false positives
pH7CMS requires PHP 5.2 & bz()
Open Classifieds needs PHP 5.5 to work
Noah's Classifieds seems to pull the version from an array and it cannot be supported
GPixPixel doesn't store version related info in the files
ExtCalendar is not compatible with PHP version 5.3+
poMMo is not compatible with PHP version 5.3+
Webinsta Maillist is not compatible with PHP version 5.3+
Open Newsletter does not store version info into it's files
ccMail is not compatible with PHP version 5.3+
phpESP is not compatible with PHP version 5.3+
Advanced Poll does not store version info into it's files
Easy Poll does not store version info into it's files
Simple PHP Poll does not store version info into it's files
The Bug Genie does not store version info into it's files
SiteDove can not be installed in subdirectories.
*/
    
}

function blog(){
echo $GLOBALS["red"] . $GLOBALS["br"] . "ELGG

";
system ("find ../ -name version.php -exec grep -HA1 'release = ' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "CMS Made Simple

";
system ("find ../ -name version.php -exec grep -HA3 'CMS_VERSION =' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "DataLife Engine

";
system("find ../ -name index.php -exec grep -HA1 'dle_version = ' {} \;");
}

function commerce(){

echo $GLOBALS["red"] . $GLOBALS["br"] . "phpCoin

";
system ("find ../ -name version.php -exec grep -HA1 'ThisVersion' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Avactis

";
system ("find ../ -name version.php -exec grep -HA1 'PRODUCT_VERSION_NUMBER' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "AccountLab Plus

";
system ("find ../ -name version.php -exec grep -HA1 'ALPversion=' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "tDah Webmail

";
system("find ../ -name config.system.php -print -exec awk '/define/ && /SW_VERSION/' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Agora Cart

";
system("find ../ -name agora.cgi -print -exec awk '/versions/ && /agora.cgi/' {} \;");
}

function rarely(){
echo $GLOBALS["red"] . $GLOBALS["br"] . "Flynax Classifieds

";
system("find ../ -name control.inc.php -exec grep -HA1 'VERSION:' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "vBulletin

";
system("find ../ -name version.php -exec grep -HA1 'fr_version = ' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "CubeCart

";
system("find ../ -name index.php -exec grep -HA1 'CubeCart v' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Soholaunch

";
system("find ../ -name index.php -exec grep -HA2 '\#\# Soholaunch\(R\) Site Management Tool' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "PHP Pro Bid

";
system("find ../ -name index.php -exec grep -HA1 'PHP Pro Bid v' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "ITLPoll

";
system("find ../ -name index.php -exec grep -HA1 'ITLPoll Version ' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Openads

";
system("find ../ -name index.php -exec grep -HA1 '\/\* Openads ' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "phpFormGenerator

";
system("find ../ -name index.php -exec grep -HA1 '\phpFormGenerator v' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "LightMon Engine

";
system("find ../ -name index.php -exec grep -HA1 '  *           LightMon v' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Kasseler CMS

";
system("find ../ -name index.php -exec grep -HA4 'by Kasseler CMS' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Silurus Classifieds Builder
";
system("find ../ -name index.php -exec grep -HA7 '* Silurus Classifieds Builder' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Bitweaver
";
system("find ../ -name config_defaults_inc.php -exec grep -HA3 'BIT_MAJOR_VERSION' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "phpFoX
";
system("find ../ -name version.php -exec grep -HA1 '\$_CONF\[\'info.version\'\] =' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Open Conference System
";
system("find ../ -name version.xml -exec grep -HA1 '\' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "SPIP
";
system("find ../ -name svn.revision -exec grep -HA1 'Origine: svn:' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Exponent
";
system("find ../ -name exponent_version.php -exec grep -HA7 'EXPONENT_VERSION_MAJOR' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Oxy Classifieds
";
system("find ../ -name version -exec head -n 2 {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Anova Pro
";
system("find ../ -name version.txt -exec grep -HA1 'Anova Pro :' {} \;");

echo $GLOBALS["red"] . $GLOBALS["br"] . "Question2Answer
";
system("find ../ -name VERSION.txt -exec head -n 1 {} \;");

}

function iframe(){
$pwd = system('whoami');
class PHPScan
{
  private $infctions    = array("htm","php","html");
  private $rules        = array(                                      
      '/]*>.*