Last active
August 15, 2020 19:41
-
-
Save galehrizky/97dd68157c31c25627e7dd1f4b520cb9 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
# Coded by galehdotid | |
# fb : https://www.facebook.com/hax0rtersakiti | |
# Mass WebShell check & SSL check | |
# Usage : php file.php list.txt | |
error_reporting(0); | |
function has_ssl( $domain ) { | |
$res = false; | |
$stream = @stream_context_create( array( 'ssl' => array( 'capture_peer_cert' => true ) ) ); | |
$socket = @stream_socket_client( 'ssl://' . $domain . ':443', $errno, $errstr, 30, STREAM_CLIENT_CONNECT, $stream ); | |
// If we got a ssl certificate we check here, if the certificate domain | |
// matches the website domain. | |
if ( $socket ) { | |
$cont = stream_context_get_params( $socket ); | |
$cert_ressource = $cont['options']['ssl']['peer_certificate']; | |
$cert = openssl_x509_parse( $cert_ressource ); | |
// Expected name has format "/CN=*.yourdomain.com" | |
$namepart = explode( '=', $cert['name'] ); | |
// We want to correctly confirm the certificate even | |
// for subdomains like "www.yourdomain.com" | |
if ( count( $namepart ) == 2 ) { | |
$cert_domain = trim( $namepart[1], '*. ' ); | |
$check_domain = substr( $domain, -strlen( $cert_domain ) ); | |
$res = ($cert_domain == $check_domain); | |
} | |
} | |
return $res; | |
} | |
function grabdomain($url) | |
{ | |
$parse = parse_url($url); | |
return $parse['host']; | |
} | |
function cek_shell($url) | |
{ | |
$keyword = array("Password","password","Submit","submit","WSO","GIF89a","IndoXploit","Shell","shell","wso","Upload","Priv8","priv8","tool","Tool","tools","Tools","Linux","SMP Tue","SMP Wed","SMP Sat","SMP Mon","SMP Sun","SMP Thu","SMP Fri","Safe mode","exploit-db.com","phpinfo","Php Info"," UTC","Disable Function"); // Edit Here | |
$rEgex = '/(' .implode('|', $keyword) .')/'; | |
$ch = curl_init($url); | |
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1); | |
curl_setopt($ch,CURLOPT_TIMEOUT,20); | |
$shellcurl = curl_exec($ch); | |
$httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE); | |
curl_close($ch); | |
if($httpcode == 200 && preg_match_all("$rEgex", $shellcurl)) { | |
return true; | |
} | |
else { | |
return false; | |
} | |
} | |
function saveBjir($url, $file_name) | |
{ | |
$file = fopen($file_name."-".date('Y-m-d').".txt","a"); | |
fwrite($file, "\n". $url); | |
fclose($file); | |
} | |
if (isset($argv[1])) { | |
$list = $argv[1]; | |
$url_list = explode("\r\n", file_get_contents($list)); | |
if (!empty($url_list)) { | |
$i = 0; | |
foreach ($url_list as $key => $value) { | |
$cek_shell = cek_shell($value); | |
if ($cek_shell == true) { | |
echo "[" . $i . " / " . count($url_list) . "][+] Webshell OK => {$value} "; | |
$host = grabdomain($value); | |
$ahha = has_ssl($host); | |
if ($ahha == true) { | |
echo " => SSL OK \n"; | |
saveBjir($value, "WEBSHELL-SSL"); | |
}else{ | |
echo "=> SSL FAIL \n"; | |
saveBjir($value, "WEBSHELL-NOT-SSL"); | |
} | |
}else{ | |
echo "[" . $i . " / " . count($url_list) . "][-] Webshell DIE => {$value} \n"; | |
} | |
$i++; | |
} | |
}else{ | |
die("List Empty !"); | |
} | |
}else{ | |
die("List not found !"); | |
} | |
?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment