Last active
January 11, 2024 12:03
-
-
Save tguruslan/ad0032516e40e267c9682842730fe097 to your computer and use it in GitHub Desktop.
Пошук в базі данних небажаного коду
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
//wordpress | |
if (file_exists('wp-config.php')) { | |
preg_match_all('/define\s*\(\s*[\'"](.*?)[\'"]\s*,\s*[\'"](.*?)[\'"]\s*\)\s*;/', file_get_contents('wp-config.php'), $matches, PREG_SET_ORDER); | |
foreach ($matches as $match) { | |
if(in_array($match[1],['DB_HOST','DB_USER','DB_PASSWORD','DB_NAME'],false)){ | |
define($match[1], $match[2]); | |
} | |
} | |
} | |
//joomla | |
if (file_exists('configuration.php')) { | |
preg_match_all('/^\s*public\s*\$([^\s]+)\s*=[^\'"]+[\'"]([^\'"]+)[\'"]/m',file_get_contents('configuration.php'),$matches,PREG_SET_ORDER); | |
$joomla_map=['host'=>'DB_HOST','user'=>'DB_USER','password'=>'DB_PASSWORD','db'=>'DB_NAME']; | |
foreach ($matches as $match) { | |
if(in_array($match[1],['host','user','password','db'],false)){ | |
define($joomla_map[$match[1]], $match[2]); | |
} | |
} | |
} | |
//moodle | |
if (file_exists('config.php')) { | |
preg_match_all('/\$CFG->([^\s]+)\s*=[^\'"]+[\'"]([^\'"]+)[\'"]/m',file_get_contents('config.php'),$matches,PREG_SET_ORDER); | |
$moodle_map=['dbhost'=>'DB_HOST','dbuser'=>'DB_USER','dbpass'=>'DB_PASSWORD','dbname'=>'DB_NAME']; | |
foreach ($matches as $match) { | |
if(in_array($match[1],['dbhost','dbuser','dbpass','dbname'],false)){ | |
define($moodle_map[$match[1]], $match[2]); | |
} | |
} | |
} | |
// Параметри для підключення до MySQL серверу | |
$servername = DB_HOST; | |
$username = DB_USER; | |
$password = DB_PASSWORD; | |
$database_name = DB_NAME; | |
error_reporting(E_DEBUG); | |
ini_set('display_errors', 'on'); | |
$tags=[ | |
'iframe'=>[ | |
'attr'=>'src', | |
'accept'=>['(?:.+\.)?youtube\.com','(?:.+\.)?google\.com','(?:.+\.)?facebook\.com','(?:.+\.)?udpu\.(org|edu)\.ua','slideshare\.net','onedrive\.live\.com','prezi\.com'] | |
], | |
'script'=>[ | |
'attr'=>'src', | |
'accept'=>['(?:.+\.)?youtube\.com','(?:.+\.)?google\.com','(?:.+\.)?facebook\.com'] | |
], | |
'object'=>[ | |
'attr'=>'data', | |
'accept'=>['(?:.+\.)?youtube\.com','(?:.+\.)?google\.com','(?:.+\.)?facebook\.com'] | |
], | |
'embed'=>[ | |
'attr'=>'src', | |
'accept'=>[] | |
], | |
]; | |
// Підключення до MySQL серверу | |
$conn = mysqli_connect($servername, $username, $password); | |
mysqli_set_charset($conn, "utf8mb4"); | |
$fp1 = fopen('result_'.$database_name.'.txt', 'w+'); | |
mysqli_select_db($conn, $database_name); | |
// Вибір всіх таблиць поточної бази даних | |
$table_result = mysqli_query($conn, "SHOW TABLES"); | |
while ($table_row = mysqli_fetch_row($table_result)) { | |
$table_name = $table_row[0]; | |
// Вибір всіх колонок таблиці та пошук вказаного слова у кожній колонці | |
$column_query = "SHOW COLUMNS FROM $table_name"; | |
$column_result = mysqli_query($conn, $column_query); | |
while ($column_row = mysqli_fetch_assoc($column_result)) { | |
$column_name = $column_row['Field']; | |
$search_query = "SELECT * FROM $table_name WHERE ($column_name LIKE ".implode(" OR ".$column_name." LIKE ",array_map(function($el) {return '\'%</'.$el.'>%\'';}, array_keys($tags))).")"; | |
$search_result = mysqli_query($conn, $search_query); | |
// Виведення результатів пошуку | |
while ($search_row = mysqli_fetch_assoc($search_result)) { | |
if(array_key_exists('post_type',$search_row) && ($search_row['post_type'] == 'revision')){ | |
// нічого не робимо бо це ревізія | |
}else{ | |
foreach ($search_row as $key => $value) { | |
$dom = new DOMDocument(); | |
$dom->loadHTML($value); | |
$to_file=false; | |
$out=""; | |
foreach ($tags as $tag => $opts) { | |
try { | |
$$tag = $dom->getElementsByTagName($tag); | |
$count=$$tag->length; | |
for ($i = 0; $i < $$tag->length; $i++) { | |
$attr=$$tag->item($i)->getAttribute($opts['attr']); | |
$print=true; | |
foreach ($opts['accept'] as $k) { | |
if(preg_match('/^(https?:\/\/|\/\/)'.$k.'/', $attr) || preg_match('/^\/[^\/]+.*/', $attr) || (preg_match('/^\w+.*/', $attr) && !preg_match('/^http.*/', $attr))){ | |
$print=false; | |
$count--; | |
} | |
} | |
if($print){ | |
$out.=$dom->saveHTML($$tag->item($i)); | |
} | |
} | |
if($count > 0){ | |
$to_file=true; | |
} | |
} catch (\Throwable $th) { | |
//throw $th; | |
} | |
} | |
if($to_file){ | |
echo $database_name.', '.$table_name.', '.$column_name."<br>"; | |
fputcsv($fp1, [$database_name,$table_name,$column_name]); | |
//fputcsv($fp1, [$key,$value],";","`"); | |
fputcsv($fp1, [$key,$out],";","`"); | |
fputcsv($fp1, []); | |
fputcsv($fp1, []); | |
} | |
} | |
} | |
} | |
} | |
} | |
fclose($fp1); | |
// Закриття підключення до MySQL серверу | |
mysqli_close($conn); | |
echo "<a href='result_".$database_name.".txt'>Відкрити результати</a>"; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment