Skip to content
This repository has been archived by the owner on Mar 3, 2024. It is now read-only.
/ woodpecker Public archive

A scanner named pecker, written in php,It can check dangerous functions with lexical analysis.

License

Notifications You must be signed in to change notification settings

cfc4n/woodpecker

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

40 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Pecker Scanner

A scanner named pecker, written in php,It can check dangerous functions with lexical analysis.

Use:

Config:

    $config = array(
        'scandir' => dirname(__FILE__),
        'extend' => array('php','inc','php5'),
        'function' => array('exec','system','create_function','passthru','shell_exec','proc_open','popen','curl_exec','parse_ini_file','show_source','include','preg_replace'),
    );

Main:

    $scaner = new Pecker_Scanner();
    $scaner->setPath($config['scandir']);    // set directory to scan
    $scaner->setExtend($config['extend']);
    $scaner->setFunction($config['function']);
    $scaner->run();
    $result = $scaner->getReport();

Result:

Array
(
    [Pecker\test\1.php] => Array
        (
            [parser] => 1
            [message] => 
            [function] => Array
                (
                    [eval] => Array
                        (
                            [0] => Array
                                (
                                    [line] => 23
                                    [code] => (       //get it
gzinflate    ( $str   ($str1)))
                                )

                            [1] => Array
                                (
                                    [line] => 35
                                    [code] => ('$str = time();')
                                )

                        )

                    [exec] => Array
                        (
                            [0] => Array
                                (
                                    [line] => 25
                                    [code] => ('dir')
                                )

                            [1] => Array
                                (
                                    [line] => 36
                                    [code] => ('dir')
                                )

                        )

                )

        )

    [Pecker\test\111.php] => Array
        (
            [parser] => 1
            [message] => 
            [function] => Array
                (
                )

        )

    [Pecker\test\3.php] => Array
        (
            [parser] => 1
            [message] => 
            [function] => Array
                (
                )

        )

)

Info

Reference

Other

About

A scanner named pecker, written in php,It can check dangerous functions with lexical analysis.

Resources

License

Stars

Watchers

Forks

Packages

No packages published