新一代漏洞扫描器

php,效率超高 首发,可搬运带作者

<!DOCTYPE html>
<html lang="zh">
<head>
    <meta charset="UTF-8">
    <title>漏洞扫描报告</title>
    <style>
        body { font-family: Arial, sans-serif; background-color: #f5f5f5; margin: 0; padding: 0; }
        .container { max-width: 800px; margin: 0 auto; padding: 20px; background-color: #fff; border-radius: 5px; box-shadow: 0 0 10px rgba(0, 0, 0, 0.1); }
        h1 { text-align: center; color: #333; }
        .collapsible { cursor: pointer; padding: 10px; width: 100%; border: none; text-align: left; outline: none; font-size: 15px; margin-top: 5px; background-color: #e7e7e7; }
        .active, .collapsible:hover { background-color: #cccccc; }
        .content { display: none; overflow: hidden; background-color: #f9f9f9; padding: 15px; }
        table { width: 100%; border-collapse: collapse; }
        th, td { padding: 8px; text-align: left; border-bottom: 1px solid #ddd; }
        th { background-color: #f2f2f2; }
        tr:nth-child(even) { background-color: #f2f2f2; }
        .scrollable { overflow-x: auto; } /* 启用水平滚动条 */
        /* 新增CSS样式以支持垂直滚动 */
        .scrollable-text {
            max-height: 100px; /* 最大高度,根据需要调整 */
            overflow-y: auto; /* 启用垂直滚动条 */
            white-space: pre-wrap; /* 保持文本的格式,如空格和换行 */
        }
    </style>
</head>
<body>
<div class="container">
    <h1>安全扫描报告</h1>
    <?php
    $baseDir = __DIR__; // 获取当前脚本的目录
    $issuesCategories = [];
    $directory = new RecursiveDirectoryIterator($baseDir, RecursiveDirectoryIterator::SKIP_DOTS);
    $files = new RecursiveIteratorIterator($directory, RecursiveIteratorIterator::LEAVES_ONLY);
    $patterns = [
        '/\b(SELECT|INSERT|UPDATE|DELETE|CREATE|ALTER|REPLACE|TRUNCATE|DROP)\b/i' => 'SQL注入',
        '/(move_uploaded_file|copy|file_put_contents)\s*\(/i' => '文件上传',
        '/(system|exec|shell_exec|passthru|eval|assert|preg_replace|base64_decode|pcntl_exec|proc_open|popen)\s*\(/i' => '命令执行',
        '/unserialize\s*\(/i' => '反序列化漏洞',
        '/php:\/\/(input|filter|memory|temp)/i' => '伪协议漏洞',
        '/(intval|floatval|doubleval|strval|boolval)\s*\(/i' => '类型转换缺陷',
        '/(gzinflate|gzuncompress|str_rot13|strrev|base64_encode|base64_decode)\s*\(/i' => '编码/解码函数使用',
        '/(ob_start|ob_flush|ob_clean|ob_end_clean|ob_end_flush)\s*\(/i' => '输出控制函数使用',
        '/(array_map|array_filter|array_reduce|array_walk)\s*\(/i' => '数组操作函数使用',
        '/(create_function|eval)\s*\(/i' => '动态代码执行',
        '/\$_(GET|POST)\[[^\]]+\]/' => 'GET/POST参数',
    ];
    $variableTracePattern = '/\$(\w+)/';

    foreach ($files as $file) {
        if ($file->getExtension() == "php") {
            $absoluteFilename = $file->getRealPath();
            $relativeFilename = str_replace($baseDir . DIRECTORY_SEPARATOR, '', $absoluteFilename); // 转换为相对路径
            $fileContent = file_get_contents($absoluteFilename);
            $lines = explode("\n", $fileContent);


            foreach ($patterns as $pattern => $issue) {
                foreach ($lines as $lineNumber => $lineContent) {
                    if (preg_match($pattern, $lineContent, $matches)) {
                        $issueDetail = [
                            'filename' => $relativeFilename, // 使用相对路径
                            'lineNumber' => $lineNumber + 1,
                            'match' => $lineContent
                        ];
                        $issuesCategories[$issue][] = $issueDetail;
                    }
                }
            }
        }
    }

    foreach ($issuesCategories as $category => $issues) {
        echo "<button class=\"collapsible\">$category (" . count($issues) . ")</button>";
        echo "<div class=\"content\">";
        echo "<table><tr><th>文件名</th><th>行号</th><th>安全问题</th><th>变量追溯</th></tr>";
        foreach ($issues as $issue) {
            echo "<tr><td>" . htmlentities($issue['filename']) . "</td><td>" . $issue['lineNumber'] . "</td><td class=\"scrollable-text\">" . htmlentities($issue['match']) . "</td>";
            if (isset($issue['variableTrace'])) {
                echo "<td class=\"scrollable-text\">" . htmlentities($issue['variableTrace']['content']) . " (行号: " . $issue['variableTrace']['lineNumber'] . ")</td>";
            } else {
                echo "<td>N/A</td>";
            }
            echo "</tr>";
        }
        echo "</table></div>";
    }
    ?>
</div>

<script>
    var coll = document.getElementsByClassName("collapsible");
    for (var i = 0; i < coll.length; i++) {
        coll[i].addEventListener("click", function() {
            this.classList.toggle("active");
            var content = this.nextElementSibling;
            content.style.display = content.style.display === "block" ? "none" : "block";
        });
    }
</script>
</body>
</html> :smiling_face:
2 Likes

别说了,佬。开个专栏吧。

小项目,没必要还有一点小bug正在修复

不愧是最好的语言

25 Likes

From security to 开发调优