Aerosol Posted December 16, 2014 Report Share Posted December 16, 2014 http://uppix.com/f-shellfinder153b423d90016e81b.jpghttp://uppix.com/f-shellfinder253b424050016e81e.jpg<style> #sbz {text-align: center;color: #000;font-size: 30px;font-weight: bold;line-height: 0.8em;letter-spacing: 0.2em;margin:0;text-shadow: 0 1px 20px #00FF00, 0 0 5px #00FF00, 0 0px 30px #00FF00, 1px 0 3px #00FF00;} span.tab{padding: 0 10px; } .box{ -moz-box-shadow: 1px 1px 8px #666; -webkit-box-shadow: 1px 1px 8px #666; box-shadow: 1px 1px 8px #40D5D2; border: solid 1px black; -webkit-border-radius: 8px 8px 0px 0px; -moz-border-radius: 8px 8px 0px 0px; border-radius: 8px 8px 0px 0px; margin: 15px 0px; background-color: #F5F5F5; opacity: 0.8; width:840px; } #footer { position : absolute; bottom : 0; height : 40px; margin-top : 40px; } body{ background-color: black; background: url('http://images7.alphacoders.com/332/332232.jpg') no-repeat center center fixed; }</style><?php @set_time_limit(0);error_reporting(0);function recurseDir($dir,$list) { if(is_dir($dir)) { if($dh = opendir($dir)){ while($file = readdir($dh)){ if($file != '.' && $file != '..'){ if(is_dir($dir . '/' . $file)){ $list = recurseDir($dir .'/' . $file . '/',$list); }else{ $list[] = $dir . '/' . $file; } } } } closedir($dh); } return $list;}echo '<html><head><title>Shellfinder</title></head><body><center><pre id="sbz">Shellfinder by T3N38R15</pre><div class="box" align="left">';if(empty($_POST["go"])==0){ $files = array(); $files = recurseDir($_POST["directory"],$files); echo '<table cellpadding="2"><tr><td>Path</td><td>Functions</td><td> Shell ?</td></tr>'; foreach($files as $file){ if($file!=getcwd() . $_SERVER["PHP_SELF"]){ $content=file_get_contents($file); if (preg_match('/(<\?php)/i',$content)){ if (preg_match('/(base64_\(|eval\s*\(|system\s*\(|shell_|exec\s*\(|move_uploaded_file\s*\(|gzinfl?ate\s*\()/i',$content)){ $ve1=0;$ve2=0;$ve3=0;$ve4=0;$ve5=0;$ve6=0; echo '<tr><td>'. $file . '</td><td>'; if (preg_match('/(base64_)/i',$content)){echo "base64 decoding/encoding,";$ve1=1;} if (preg_match('/(eval)/i',$content)){echo "eval,";$ve2=1;} if (preg_match('/(system)/i',$content)){echo "system,";$ve3=1;} if (preg_match('/(shell_)/i',$content)){echo "Shell_,";$ve4=1;} if (preg_match('/(move_uploaded_file)/i',$content)){echo "move_uploaded_file,";$ve5=1;} if (preg_match('/(gzinflate)/i',$content)){echo "gzinflate,";$ve6=1;} echo '</td><td>'; if(($ve1==1 && $ve2==1) || ($ve6==1 && $ve2==1)){ echo '<font color="red">possible shell 85%</font>'; }elseif($ve5==1){ echo '<font color="red">possible uploader 90%</font>'; }elseif($ve4==1){ echo '<font color="red">possible shell-Console 50%</font>'; }elseif($ve3==1){ echo '<font color="red">system-shell 50%</font>'; }else{ echo ' '; } echo '</td></tr>'; } } } } echo '</tr></table>';}else{ echo '<center>To start the scanning press go.</br>this can took a bit of your time </br></br><form method="POST">scann : <input type="text" name="directory" value="' . $_SERVER["DOCUMENT_ROOT"] . '"/></br><input type="submit" name="go" value="GO"/></form></center>';}echo '</div></center></body><div id="footer"><pre id="sbz">Team Madleets</pre></div></html>';?>Credit's to: T3N38R15 Quote Link to comment Share on other sites More sharing options...
