Last active
January 11, 2024 12:04
-
-
Save tguruslan/6e54884079405b30f8ebd20fbbf85f06 to your computer and use it in GitHub Desktop.
Пошук в базі движка небажаних доменів
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
//wordpress | |
if (file_exists('wp-config.php')) { | |
preg_match_all('/define\s*\(\s*[\'"](.*?)[\'"]\s*,\s*[\'"](.*?)[\'"]\s*\)\s*;/', file_get_contents('wp-config.php'), $matches, PREG_SET_ORDER); | |
foreach ($matches as $match) { | |
if(in_array($match[1],['DB_HOST','DB_USER','DB_PASSWORD','DB_NAME'],false)){ | |
define($match[1], $match[2]); | |
} | |
} | |
} | |
//joomla | |
if (file_exists('configuration.php')) { | |
preg_match_all('/^\s*public\s*\$([^\s]+)\s*=[^\'"]+[\'"]([^\'"]+)[\'"]/m',file_get_contents('configuration.php'),$matches,PREG_SET_ORDER); | |
$joomla_map=['host'=>'DB_HOST','user'=>'DB_USER','password'=>'DB_PASSWORD','db'=>'DB_NAME']; | |
foreach ($matches as $match) { | |
if(in_array($match[1],['host','user','password','db'],false)){ | |
define($joomla_map[$match[1]], $match[2]); | |
} | |
} | |
} | |
//moodle | |
if (file_exists('config.php')) { | |
preg_match_all('/\$CFG->([^\s]+)\s*=[^\'"]+[\'"]([^\'"]+)[\'"]/m',file_get_contents('config.php'),$matches,PREG_SET_ORDER); | |
$moodle_map=['dbhost'=>'DB_HOST','dbuser'=>'DB_USER','dbpass'=>'DB_PASSWORD','dbname'=>'DB_NAME']; | |
foreach ($matches as $match) { | |
if(in_array($match[1],['dbhost','dbuser','dbpass','dbname'],false)){ | |
define($moodle_map[$match[1]], $match[2]); | |
} | |
} | |
} | |
// Параметри для підключення до MySQL серверу | |
$servername = DB_HOST; | |
$username = DB_USER; | |
$password = DB_PASSWORD; | |
$database_name = DB_NAME; | |
error_reporting(E_DEBUG); | |
ini_set('display_errors', 'on'); | |
$search_strings=['.ucoz.','.at.','mail.ru','yandex.','vk.ru','vk.com','narod.ru']; | |
$ignore_databases=['information_schema','dls_moodle']; | |
// Підключення до MySQL серверу | |
$conn = mysqli_connect($servername, $username, $password); | |
mysqli_set_charset($conn, "utf8mb4"); | |
$filename = 'result_strings_'.$database_name.'.txt'; | |
$fp1 = fopen($filename, 'w+'); | |
mysqli_select_db($conn, $database_name); | |
// Вибір всіх таблиць поточної бази даних | |
$table_result = mysqli_query($conn, "SHOW TABLES"); | |
while ($table_row = mysqli_fetch_row($table_result)) { | |
$table_name = $table_row[0]; | |
// Вибір всіх колонок таблиці та пошук вказаного слова у кожній колонці | |
$column_query = "SHOW COLUMNS FROM $table_name"; | |
$column_result = mysqli_query($conn, $column_query); | |
while ($column_row = mysqli_fetch_assoc($column_result)) { | |
$column_name = $column_row['Field']; | |
$search_query = "SELECT * FROM $table_name WHERE ($column_name LIKE ".implode(" OR ".$column_name." LIKE ",array_map(function($el) {return '\'%'.$el.'%\'';}, $search_strings)).")"; | |
$search_result = mysqli_query($conn, $search_query); | |
// Виведення результатів пошуку | |
while ($search_row = mysqli_fetch_assoc($search_result)) { | |
if(array_key_exists('post_type',$search_row) && ($search_row['post_type'] == 'revision')){ | |
// нічого не робимо бо це ревізія | |
}else{ | |
foreach ($search_row as $key => $value) { | |
if($column_name == $key){ | |
$lines++; | |
echo $database_name.', '.$table_name.', '.$column_name."\n"; | |
fputcsv($fp1, [$database_name,$table_name,$column_name]); | |
fputcsv($fp1, [$key,$value]); | |
fputcsv($fp1, []); | |
fputcsv($fp1, []); | |
} | |
} | |
} | |
} | |
} | |
} | |
fclose($fp1); | |
// Закриття підключення до MySQL серверу | |
mysqli_close($conn); | |
echo "<a href='".$filename."'>Відкрити результати</a>"; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment