File: rcescan.sh

package info (click to toggle)
graudit 4.0-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 1,256 kB
  • sloc: sh: 1,134; makefile: 82; php: 62; jsp: 24
file content (16 lines) | stat: -rwxr-xr-x 493 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
 
#!/bin/sh
# PHP taint checking with graudit - PoC script
# Written by Wireghoul - http://www.justanotherhacker.com
# Released under the GPL licence
VERSION=0.1
if [ -z "$1" ]; then
    echo "Usage: $0 /path/to/check"
    exit 2
fi
RCEHOME=`dirname $0`
graudit -z -c 0 -d $RCEHOME/rce.db "$1" | \
perl -ne 'while ($_ =~ m!\$([a-z0-9-_\[\]\x27\>]+)!gi) { print "\\\$$1\n"; print "include\nrequire\n"; }' | \
sed -e's/\[/\\[/g' -e's/\]/\\]/g' | \
sort | uniq | \
graudit -d /dev/stdin "$1"
#more