Repository: mhaskar/RCEScanner
Branch: master
Commit: ce5c9ecbbccb
Files: 3
Total size: 3.2 KB

Directory structure:
gitextract_ltbkicvj/

├── .gitignore
├── RCEScanner.py
└── README.md

================================================
FILE CONTENTS
================================================

================================================
FILE: .gitignore
================================================
# Byte-compiled / optimized / DLL files
__pycache__/
*.py[cod]
*$py.class

# C extensions
*.so

# Distribution / packaging
.Python
env/
build/
develop-eggs/
dist/
downloads/
eggs/
.eggs/
lib/
lib64/
parts/
sdist/
var/
wheels/
*.egg-info/
.installed.cfg
*.egg

# PyInstaller
#  Usually these files are written by a python script from a template
#  before PyInstaller builds the exe, so as to inject date/other infos into it.
*.manifest
*.spec

# Installer logs
pip-log.txt
pip-delete-this-directory.txt

# Unit test / coverage reports
htmlcov/
.tox/
.coverage
.coverage.*
.cache
nosetests.xml
coverage.xml
*.cover
.hypothesis/

# Translations
*.mo
*.pot

# Django stuff:
*.log
local_settings.py

# Flask stuff:
instance/
.webassets-cache

# Scrapy stuff:
.scrapy

# Sphinx documentation
docs/_build/

# PyBuilder
target/

# Jupyter Notebook
.ipynb_checkpoints

# pyenv
.python-version

# celery beat schedule file
celerybeat-schedule

# SageMath parsed files
*.sage.py

# dotenv
.env

# virtualenv
.venv
venv/
ENV/

# Spyder project settings
.spyderproject
.spyproject

# Rope project settings
.ropeproject

# mkdocs documentation
/site

# mypy
.mypy_cache/


================================================
FILE: RCEScanner.py
================================================
#!/usr/bin/python

'''
author : Mohammad Askar | @mohammadaskar2

Description : This script will help you to find unsafe functions on any
php script and give you information about it

Requiremnets : termcolor, tabulate
'''

import os
import sys
import time
import re
from termcolor import cprint
from tabulate import tabulate

if len(sys.argv) != 3:
    cprint("[+] Usage : ./{0} path extension".format(sys.argv[0]), "red")
    cprint("[+] Example : ./{0} /var/www/plugin php".format(sys.argv[0]), "red")
    sys.exit(0)

path = sys.argv[1]
extension = sys.argv[2]
final_files = []
reg = '''\((.*)\);'''
unsafe = ["system", "shell_exec", "exec", "passthru", "eval"]


def spider(script_path):
    if os.path.exists(path) is False:
        cprint("[-]Directory not exist", "red")
        sys.exit(0)
    cprint("[+] Scanning started for the script ..", "green")
    for root, dirs, files in os.walk(script_path, topdown=False):
            for fi in files:
                dfile = os.path.join(root, fi)
                if dfile.endswith(".php"):
                    final_files.append(dfile)
    cprint("[+] {0} php files found".format(len(final_files)), "green")


def scanner(files_list):
    results = []
    for fi in files_list:
        f = open(fi, "r")
        data = f.readlines()
        for line in data:
            linen = data.index(line) + 1
            for unsafe_function in unsafe:
                line_no = line.strip("\n")
                final_reg = unsafe_function + reg
                if bool(re.search(final_reg, line_no)):
                    file_result = [fi, unsafe_function, linen]
                    results.append(file_result)
    print tabulate(results,
     headers=['File Name', 'Function Name', "Line Number"],
     tablefmt='psql', numalign="center", stralign="center")



spider(path)
scanner(final_files)


================================================
FILE: README.md
================================================
# RCEScanner

This script will help you to perform a quick source code review for php web applications
and try to extract any unsafe functions on the project and print them out to you
 
## Usage : 
python RCEScanner.py path/to/project extension

* current supported extensions is php