Skip to content

Latest commit

 

History

History
116 lines (95 loc) · 2.67 KB

README.md

File metadata and controls

116 lines (95 loc) · 2.67 KB

Pecker Scanner

A scanner named pecker, written in php,It can check dangerous functions with lexical analysis.

Use:

Config:

    $config = array(
        'scandir' => dirname(__FILE__),
        'extend' => array('php','inc','php5'),
        'function' => array('exec','system','create_function','passthru','shell_exec','proc_open','popen','curl_exec','parse_ini_file','show_source','include','preg_replace'),
    );

Main:

    $scaner = new Pecker_Scanner();
    $scaner->setPath($config['scandir']);    // set directory to scan
    $scaner->setExtend($config['extend']);
    $scaner->setFunction($config['function']);
    $scaner->run();
    $result = $scaner->getReport();

Result:

Array
(
    [Pecker\test\1.php] => Array
        (
            [parser] => 1
            [message] => 
            [function] => Array
                (
                    [eval] => Array
                        (
                            [0] => Array
                                (
                                    [line] => 23
                                    [code] => (       //get it
gzinflate    ( $str   ($str1)))
                                )

                            [1] => Array
                                (
                                    [line] => 35
                                    [code] => ('$str = time();')
                                )

                        )

                    [exec] => Array
                        (
                            [0] => Array
                                (
                                    [line] => 25
                                    [code] => ('dir')
                                )

                            [1] => Array
                                (
                                    [line] => 36
                                    [code] => ('dir')
                                )

                        )

                )

        )

    [Pecker\test\111.php] => Array
        (
            [parser] => 1
            [message] => 
            [function] => Array
                (
                )

        )

    [Pecker\test\3.php] => Array
        (
            [parser] => 1
            [message] => 
            [function] => Array
                (
                )

        )

)

Info

Reference

Other