[
  {
    "path": ".gitignore",
    "content": "# Byte-compiled / optimized / DLL files\n__pycache__/\n*.py[cod]\n*$py.class\n\n# C extensions\n*.so\n\n# Distribution / packaging\n.Python\nenv/\nbuild/\ndevelop-eggs/\ndist/\ndownloads/\neggs/\n.eggs/\nlib/\nlib64/\nparts/\nsdist/\nvar/\nwheels/\n*.egg-info/\n.installed.cfg\n*.egg\n\n# PyInstaller\n#  Usually these files are written by a python script from a template\n#  before PyInstaller builds the exe, so as to inject date/other infos into it.\n*.manifest\n*.spec\n\n# Installer logs\npip-log.txt\npip-delete-this-directory.txt\n\n# Unit test / coverage reports\nhtmlcov/\n.tox/\n.coverage\n.coverage.*\n.cache\nnosetests.xml\ncoverage.xml\n*.cover\n.hypothesis/\n\n# Translations\n*.mo\n*.pot\n\n# Django stuff:\n*.log\nlocal_settings.py\n\n# Flask stuff:\ninstance/\n.webassets-cache\n\n# Scrapy stuff:\n.scrapy\n\n# Sphinx documentation\ndocs/_build/\n\n# PyBuilder\ntarget/\n\n# Jupyter Notebook\n.ipynb_checkpoints\n\n# pyenv\n.python-version\n\n# celery beat schedule file\ncelerybeat-schedule\n\n# SageMath parsed files\n*.sage.py\n\n# dotenv\n.env\n\n# virtualenv\n.venv\nvenv/\nENV/\n\n# Spyder project settings\n.spyderproject\n.spyproject\n\n# Rope project settings\n.ropeproject\n\n# mkdocs documentation\n/site\n\n# mypy\n.mypy_cache/\n"
  },
  {
    "path": "RCEScanner.py",
    "content": "#!/usr/bin/python\n\n'''\nauthor : Mohammad Askar | @mohammadaskar2\n\nDescription : This script will help you to find unsafe functions on any\nphp script and give you information about it\n\nRequiremnets : termcolor, tabulate\n'''\n\nimport os\nimport sys\nimport time\nimport re\nfrom termcolor import cprint\nfrom tabulate import tabulate\n\nif len(sys.argv) != 3:\n    cprint(\"[+] Usage : ./{0} path extension\".format(sys.argv[0]), \"red\")\n    cprint(\"[+] Example : ./{0} /var/www/plugin php\".format(sys.argv[0]), \"red\")\n    sys.exit(0)\n\npath = sys.argv[1]\nextension = sys.argv[2]\nfinal_files = []\nreg = '''\\((.*)\\);'''\nunsafe = [\"system\", \"shell_exec\", \"exec\", \"passthru\", \"eval\"]\n\n\ndef spider(script_path):\n    if os.path.exists(path) is False:\n        cprint(\"[-]Directory not exist\", \"red\")\n        sys.exit(0)\n    cprint(\"[+] Scanning started for the script ..\", \"green\")\n    for root, dirs, files in os.walk(script_path, topdown=False):\n            for fi in files:\n                dfile = os.path.join(root, fi)\n                if dfile.endswith(\".php\"):\n                    final_files.append(dfile)\n    cprint(\"[+] {0} php files found\".format(len(final_files)), \"green\")\n\n\ndef scanner(files_list):\n    results = []\n    for fi in files_list:\n        f = open(fi, \"r\")\n        data = f.readlines()\n        for line in data:\n            linen = data.index(line) + 1\n            for unsafe_function in unsafe:\n                line_no = line.strip(\"\\n\")\n                final_reg = unsafe_function + reg\n                if bool(re.search(final_reg, line_no)):\n                    file_result = [fi, unsafe_function, linen]\n                    results.append(file_result)\n    print tabulate(results,\n     headers=['File Name', 'Function Name', \"Line Number\"],\n     tablefmt='psql', numalign=\"center\", stralign=\"center\")\n\n\n\nspider(path)\nscanner(final_files)\n"
  },
  {
    "path": "README.md",
    "content": "# RCEScanner\n\nThis script will help you to perform a quick source code review for php web applications\nand try to extract any unsafe functions on the project and print them out to you\n \n## Usage : \npython RCEScanner.py path/to/project extension\n\n* current supported extensions is php\n"
  }
]