php网安快速扫描

快速扫描目录下可能的漏洞存在点

<!DOCTYPE html>
<html>
	<head>
		<title>Security Scan Report</title>
		<style>
			body {
				font-family: Arial, sans-serif;
				background-color: #f5f5f5;
				margin: 0;
				padding: 0;
			}

			.container {
				max-width: 800px;
				margin: 0 auto;
				padding: 20px;
				background-color: #fff;
				border-radius: 5px;
				box-shadow: 0 0 10px rgba(0, 0, 0, 0.1);
			}

			h1 {
				text-align: center;
				color: #333;
			}

			table {
				width: 100%;
				border-collapse: collapse;
				margin-top: 20px;
			}

			th, td {
				padding: 8px;
				text-align: left;
				border-bottom: 1px solid #ddd;
			}

			th {
				background-color: #f2f2f2;
			}

			tr:nth-child(even) {
				background-color: #f2f2f2;
			}
		</style>
	</head>
	<body>
		<div class="container">
			<h1>Security Scan Report</h1>
			<table>
				<tr>
					<th>File Name</th>
					<th>Line Number</th>
					<th>Security Issues</th>
				</tr>
				<?php
				// 获取当前目录及其子目录下的所有PHP文件
				$targetDirectory = __DIR__;
				$fileTypes = ['php'];

				// 定义正则表达式来匹配安全问题
				$patterns = [
					'/\b(SELECT|INSERT|UPDATE|DELETE|CREATE|ALTER|REPLACE|TRUNCATE|DROP)\b/i' => 'SQL Injection',
					'/\$_(GET|POST)\[["\'](.*?)["\']\]/i' => 'Parameter Manipulation',
					'/\$_COOKIE\[\s*["\'](.*?)["\']\s*\]/i' => 'Cookie Usage',
					'/(system|exec|shell_exec|passthru|eval|assert|preg_replace|base64_decode|pcntl_exec|proc_open|popen)\s*\(/i' => 'Command Execution',
					'/(move_uploaded_file|copy|file_put_contents)\s*\(/i' => 'File Upload',
					'/(include|include_once|require|require_once)\s*\(.*\)/i' => 'File Inclusion',
					'/(fopen|file_get_contents|fread|fgets|file)\s*\(.+\)/i' => 'File Read',
					'/(fwrite|file_put_contents)\s*\(.+\)/i' => 'File Write',
					'/(unlink|rename|mkdir|rmdir)\s*\(.+\)/i' => 'File Manipulation',
					'/(curl_exec|curl_multi_exec|curl_setopt)\s*\(/i' => 'CURL Usage',
					'/(mail|mb_send_mail|imap_mail)\s*\(.+\)/i' => 'Email Injection',
					'/(header|header_remove)\s*\(.+\)/i' => 'HTTP Header Manipulation',
					'/(preg_match|preg_replace|preg_filter)\s*\(/i' => 'Regular Expression Injection',
					'/(eval|assert|create_function|system|exec|shell_exec|passthru|backticks)/i' => 'Code Execution',
					'/\b(UNION|JOIN|CONCAT|SUBSTRING)\b/i' => 'SQL Injection',
					'/(document\.location|location\.href|location\.search)\s*=/i' => 'JavaScript Injection',
					'/(window\.open|window\.location|eval\(.*\)|setTimeout\(.*\))\s*\(/i' => 'XSS and JavaScript Injection',
					'/\b(password|pwd|passwd)\b/i' => 'Password Exposure',
					'/(print_r|var_dump|phpinfo|error_reporting|ini_set)\s*\(/i' => 'Information Disclosure',
					'/(sleep|usleep|set_time_limit)\s*\(/i' => 'Denial of Service (DoS)',
					'/(exec|system|passthru|shell_exec|proc_open|popen)\s*\(.*\|/i' => 'Command Injection',
					// 添加更多漏洞类型和关键词
				];


				// 扫描目录
				$iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($targetDirectory));
				foreach ($iterator as $file) {
					if ($file->isFile() && in_array(pathinfo($file, PATHINFO_EXTENSION), $fileTypes)) {
						$fileContent = file_get_contents($file);
						$lines = explode("\n", $fileContent);

						foreach ($patterns as $pattern => $issue) {
							foreach ($lines as $lineNumber => $lineContent) {
								if (preg_match_all($pattern, $lineContent, $matches)) {
									foreach ($matches[0] as $match) {
										echo '<tr>';
										echo '<td>' . $file->getPathname() . '</td>';
										echo '<td>' . ($lineNumber + 1) . '</td>'; // 行号从1开始
										echo '<td>' . $issue . ': ' . htmlentities($match) . '</td>';
										echo '</tr>';
									}
								}
							}
						}
					}
				}
				?>
			</table>
		</div>
	</body>
</html>

然后这些关键字就是waf规则识别的关键字哈哈,然后你就被ban了

我超,安全的这些漏洞类型还有扫描方法根本看不懂:dizzy_face:

弄个白名单就好了:rage:

From security to 开发调优