快速扫描目录下可能的漏洞存在点
<!DOCTYPE html>
<html>
<head>
<title>Security Scan Report</title>
<style>
body {
font-family: Arial, sans-serif;
background-color: #f5f5f5;
margin: 0;
padding: 0;
}
.container {
max-width: 800px;
margin: 0 auto;
padding: 20px;
background-color: #fff;
border-radius: 5px;
box-shadow: 0 0 10px rgba(0, 0, 0, 0.1);
}
h1 {
text-align: center;
color: #333;
}
table {
width: 100%;
border-collapse: collapse;
margin-top: 20px;
}
th, td {
padding: 8px;
text-align: left;
border-bottom: 1px solid #ddd;
}
th {
background-color: #f2f2f2;
}
tr:nth-child(even) {
background-color: #f2f2f2;
}
</style>
</head>
<body>
<div class="container">
<h1>Security Scan Report</h1>
<table>
<tr>
<th>File Name</th>
<th>Line Number</th>
<th>Security Issues</th>
</tr>
<?php
// 获取当前目录及其子目录下的所有PHP文件
$targetDirectory = __DIR__;
$fileTypes = ['php'];
// 定义正则表达式来匹配安全问题
$patterns = [
'/\b(SELECT|INSERT|UPDATE|DELETE|CREATE|ALTER|REPLACE|TRUNCATE|DROP)\b/i' => 'SQL Injection',
'/\$_(GET|POST)\[["\'](.*?)["\']\]/i' => 'Parameter Manipulation',
'/\$_COOKIE\[\s*["\'](.*?)["\']\s*\]/i' => 'Cookie Usage',
'/(system|exec|shell_exec|passthru|eval|assert|preg_replace|base64_decode|pcntl_exec|proc_open|popen)\s*\(/i' => 'Command Execution',
'/(move_uploaded_file|copy|file_put_contents)\s*\(/i' => 'File Upload',
'/(include|include_once|require|require_once)\s*\(.*\)/i' => 'File Inclusion',
'/(fopen|file_get_contents|fread|fgets|file)\s*\(.+\)/i' => 'File Read',
'/(fwrite|file_put_contents)\s*\(.+\)/i' => 'File Write',
'/(unlink|rename|mkdir|rmdir)\s*\(.+\)/i' => 'File Manipulation',
'/(curl_exec|curl_multi_exec|curl_setopt)\s*\(/i' => 'CURL Usage',
'/(mail|mb_send_mail|imap_mail)\s*\(.+\)/i' => 'Email Injection',
'/(header|header_remove)\s*\(.+\)/i' => 'HTTP Header Manipulation',
'/(preg_match|preg_replace|preg_filter)\s*\(/i' => 'Regular Expression Injection',
'/(eval|assert|create_function|system|exec|shell_exec|passthru|backticks)/i' => 'Code Execution',
'/\b(UNION|JOIN|CONCAT|SUBSTRING)\b/i' => 'SQL Injection',
'/(document\.location|location\.href|location\.search)\s*=/i' => 'JavaScript Injection',
'/(window\.open|window\.location|eval\(.*\)|setTimeout\(.*\))\s*\(/i' => 'XSS and JavaScript Injection',
'/\b(password|pwd|passwd)\b/i' => 'Password Exposure',
'/(print_r|var_dump|phpinfo|error_reporting|ini_set)\s*\(/i' => 'Information Disclosure',
'/(sleep|usleep|set_time_limit)\s*\(/i' => 'Denial of Service (DoS)',
'/(exec|system|passthru|shell_exec|proc_open|popen)\s*\(.*\|/i' => 'Command Injection',
// 添加更多漏洞类型和关键词
];
// 扫描目录
$iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($targetDirectory));
foreach ($iterator as $file) {
if ($file->isFile() && in_array(pathinfo($file, PATHINFO_EXTENSION), $fileTypes)) {
$fileContent = file_get_contents($file);
$lines = explode("\n", $fileContent);
foreach ($patterns as $pattern => $issue) {
foreach ($lines as $lineNumber => $lineContent) {
if (preg_match_all($pattern, $lineContent, $matches)) {
foreach ($matches[0] as $match) {
echo '<tr>';
echo '<td>' . $file->getPathname() . '</td>';
echo '<td>' . ($lineNumber + 1) . '</td>'; // 行号从1开始
echo '<td>' . $issue . ': ' . htmlentities($match) . '</td>';
echo '</tr>';
}
}
}
}
}
}
?>
</table>
</div>
</body>
</html>
