| | #!/usr/bin/perl |
|---|
| | # By NaN |
|---|
| | # By 0xRoM |
|---|
| | use strict; |
|---|
| | use warnings; |
|---|
| | use Getopt::Long; |
|---|
| | |
|---|
| |
|---|
| | system("find $src -name '*.$tryext' -print | xargs grep -n '_SERVER' >> $dest/request_vars_server.txt"); |
|---|
| | |
|---|
| | print " Locating PHP object injection\n"; |
|---|
| | system("find $src -name '*.$tryext' -print | xargs grep -n 'unserialize(' >> $dest/unserialize.txt"); |
|---|
| | |
|---|
| | print " Locating SSRF\n"; |
|---|
| | system("find $src -name '*.$tryext' -print | xargs grep -n 'file_get_contents(' >> $dest/ssrf.txt"); |
|---|
| | system("find $src -name '*.$tryext' -print | xargs grep -n 'fopen(' >> $dest/ssrf.txt"); |
|---|
| | system("find $src -name '*.$tryext' -print | xargs grep -n 'fsockopen(' >> $dest/ssrf.txt"); |
|---|
| | system("find $src -name '*.$tryext' -print | xargs grep -n 'curl_exec(' >> $dest/ssrf.txt"); |
|---|
| | system("find $src -name '*.$tryext' -print | xargs grep -n 'parse_url(' >> $dest/ssrf.txt"); |
|---|
| | |
|---|
| | print " Locating command execution\n"; |
|---|
| | system("find $src -name '*.$tryext' -print | xargs grep -n 'exec(' >> $dest/cmd_exec_exec.txt"); |
|---|
| | system("find $src -name '*.$tryext' -print | xargs grep -n 'system(' >> $dest/cmd_exec_system.txt"); |
|---|
| |
|---|
| | |
root
authored
on 16 Apr 2020
