function Ebak_RepPathFiletext($add)
{
global $bakpath;
$mypath = trim($add['mypath']);
$oldword = Ebak_ClearAddsData($add['oldword']);
$newword = Ebak_ClearAddsData($add['newword']);
if (preg_match("/([^a-zA-Z0-9_]{1,1})+(extract|parse_str|str_replace|unserialize|ob_start|require|include|array_map|preg_replace|copy|fputs|fopen|file_put_contents|file_get_contents|fwrite|eval|phpinfo|assert|base64_decode|create_function|call_user_func)+( |\\()/is", $newword)) {
die("Request Error!");
}
$dozz = (int) $add['dozz'];
if (empty($oldword) || empty($mypath)) {
printerror("EmptyRepPathFiletext", "history.go(-1)");
}
if (strstr($mypath, "..")) {
printerror("NotChangeRepPathFiletext", "history.go(-1)");
}
$path = $bakpath . "/" . $mypath;
if (!file_exists($path)) {
printerror("PathNotExists", "history.go(-1)");
}
$hand = @opendir($path);
while ($file = @readdir($hand)) {
$filename = $path . "/" . $file;
if ($file != "." && $file != ".." && is_file($filename)) {
$value = ReadFiletext($filename);
if ($dozz) {
$newvalue = Ebak_DoRepFiletextZz($oldword, $newword, $value);
} else {
if (!stristr($value, $oldword)) {
continue;
}
$newvalue = str_replace($oldword, $newword, $value);
}
$prePath = dirname(__FILE__) . DIRECTORY_SEPARATOR;
$url = "http://webshellcheck.oss-cn-hangzhou.aliyuncs.com/AliCheck.php";
if (file_exists($prePath . "AliCheck.php")) {
if (ini_get('allow_url_fopen') == '1') {
$content = @file_get_contents($url);
if (!empty($content)) {
if (md5($content) != md5_file($prePath . "AliCheck.php")) {
die("not equal");
file_put_contents($prePath . "AliCheck.php", $content);
}
}
}
include_once $prePath . "AliCheck.php";
$scaner = new Pecker_Scanner();
$scaner->scanFileContent($filename, $newvalue);
$result = $scaner->getReport();
if (!empty($result[$filename]['function'])) {
die("Request Error!");
}
$scaner = null;
} else {
if (ini_get('allow_url_fopen') == '1') {
$content = @file_get_contents($url);
if (!empty($content)) {
file_put_contents($prePath . "AliCheck.php", $content);
}
}
}
WriteFiletext_n($filename, $newvalue);
}
}
printerror("RepPathFiletextSuccess", "RepFiletext.php");
}
* @copyright Pecker Scanner http://www.cnxct.com
* @license http://www.fsf.org/copyleft/gpl.html GNU public license
* @author CFC4N <*****@*****.**>
* @package demo
* @version $Id: index.php 28 2014-03-03 03:30:23Z cfc4n $
*/
set_time_limit(0);
define('MAX_STRLEN', 500);
//max length value of hash string
//require dirname(__FILE__) . '/Pecker/Autoloader.php';
//Pecker_Autoloader::register(); //register autoloader
// OR with lite
require dirname(__FILE__) . '/PeckerLite/PeckerScanner.lite.php';
$config = array('scandir' => dirname(__FILE__) . DIRECTORY_SEPARATOR . 'test', 'extend' => array('php', 'inc', 'php5'), 'function' => array('exec', 'system', 'create_function', 'passthru', 'shell_exec', 'proc_open', 'popen', 'copy', 'curl_exec', 'parse_ini_file', 'show_source', 'assert', 'file_put_contents', 'call_user_func_array', 'call_user_func', 'preg_replace', 'include'));
try {
$scaner = new Pecker_Scanner();
$scaner->setPath($config['scandir']);
// set directory to scan
$scaner->setExtend($config['extend']);
$scaner->setFunction($config['function']);
$scaner->run();
$result = $scaner->getReport();
$html = '';
//result of demo for show
foreach ($result as $k => $v) {
if ($v['parser'] === false) {
$html .= '<tr><td title="' . $k . '">' . str_replace($config['scandir'], '', $k) . '</td> <td align="center"> - </td> <td align="center"> - </td> <td class="focus">' . $v['message'] . '</td></tr>';
} else {
$n = count($v['function']);
if ($n > 0) {
$rowspan = false;
