Security
|
|
|
|
<?
/*
Coded By Charlichaplin
charlichaplin@gmail.com
irc.fr.worldnet.net #s-c
29/03/05
Script Desitin� aux Webmasters soucieux de la
securit� de leur site.
###########################################
#Ce script permet de detecter la presence
#d'intrus dans le systeme grace au controle
#de l'integret� des fichiers.
#Le script vous informera de toutes les
#modifications, creations, suppretions des
#fichiers.
#Il vous suffit de verifier si c'est vous
#ou un intru qui a effect� les actions sur
#les differents fichiers.
##########################################
PhpSecurityFile v0.1
PhpSecurityFile v0.1
PhpSecurityFile v0.1
*/
class phpsecurityfile {
public $dossier;
public $log;
public $scann;
public $info;
public $verif;
public $unse;
public $error;
public $rapport;
public function debut() {
$pwd = $_SERVER['SCRIPT_FILENAME'];
$pwd2 = explode("/",$pwd);
$n = count($pwd2);
$n = $n - 1;
$pwd = "";
for ($i = 0;$i != $n;$i = $i+1) {
$pwd .= "/".$pwd2[$i];
}
$pwd3 = realpath($pwd."/".$this->dossier);
unset($pwd2);
$this->dossier = $pwd3;
$pwd2 = str_replace("/","-",$pwd3);
$this->log = $pwd2.".phpsecurityfile.txt";
if(file_exists($this->log)) {
$this->verif();
} else {
$this->scann();
}
}
public function scann() {
$this->info = array();
$this->scann = glob($this->dossier."/*");
foreach ($this->scann as $key => $file) {
if(is_file($file)) {
$this->info[$file] = array($file,
'name' => $file,
'md5' => md5_file($file),
'creation' => filectime($file),
'modification' => filemtime($file),
'size' => filesize($file),
'owner' => fileowner($file),
'nomowne' => posix_getpwuid(fileowner($file)),
'groupe' => filegroup($file),
'nomgroupe' => posix_getgrgid(filegroup($file)));
}
}
$this->info['date'] = time();
$fp = fopen($this->log,"w");
fwrite($fp,serialize($this->info));
fclose($fp);
print ("le scann a �t� effectu�! Merci d'actualiser");
}
public function verif() {
$this->verif = array();
$fp = fopen($this->log,"r");
$read = fread($fp,filesize($this->log));
$this->unse = unserialize($read);
$this->scann = glob($this->dossier."/*");
foreach ($this->scann as $key => $file) {
if(is_file($file)) {
$this->verif[$file] = array('name' => $file,
'md5' => md5_file($file),
'creation' => filectime($file),
'modification' => filemtime($file),
'size' => filesize($file),
'owner' => fileowner($file),
'nomowne' => posix_getpwuid(fileowner($file)),
'groupe' => filegroup($file),
'nomgroupe' => posix_getgrgid(filegroup($file)));
}
}
$n = count($this->verif);
$a = count($this->unse);
if($n > $a ) {
$this->error[] = "Des fichiers ont �t� rajout� !";
} elseif($n < $a ) {
$this->error[] = "Des fichiers ont �t� supprim�";
} else {
}
foreach ($this->verif as $key => $file) {
if(!@in_array($file['name'],$this->unse[$file['name']])) {
$this->error[] = "IMPORTANT !!! ";
$this->error[] = "Le fichier ".$file['name']." a �t� cr�� le ".date("d-m-Y � H:i:s",$file['creation'])." par ".$file['nomowne']['name'];
} else {
if($file['md5'] != $this->unse[$file['name']]['md5']) {
$this->error[] = "ATTENTION !!! ";
$this->error[] = "Le fichier ".$file['name']." a �t� modifi� le hash md5 ne correspond pas";
}
if($file['creation'] != $this->unse[$file['name']]['creation']) {
$this->error[] = "La date de creation a �t� modifi�";
}
if($file['size'] > $this->unse[$file['name']]['size']) {
$this->error[] = "La taille du fichier a augment� donc il est possible qu'un intru l'ai modifi�";
} elseif($file['size'] < $this->unse[$file['name']]['size']) {
$this->error[] = "La taille du fichier a diminu�";
} else {
}
if($file['owner'] != $this->unse[$file['name']]['owner']) {
$this->error[] = "Le fichier a chang� de propriaitaire!";
}
}
}
foreach ($this->unse as $key => $result) {
if(!@in_array($result['name'],$this->verif[$result['name']])) {
$this->error[] = "Le fichier ".$result['name']." a �t� supprim� !!!";
}
}
$header = "# PhpSecurityFilen# Coded By Charlichaplinnn# Gener� le ".date("d-m-Y")." � ".date("H:i:s")."nnNomduscript a verifier les fichier de ".$this->dossier." en s'appuyant sur la sauvegarde d'un scannneffectu�e le ".date("d-m-Y � H:i:s",$this->unse['date'])."nnLes resultats sont les suivants:nnn";
$add = implode("n",$this->error);
$header .= $add;
$name = date("d-m-Y-H-i-s").".rapport.phpsecurityfile.txt";
$fp = fopen($name,"w");
fwrite($fp,$header);
fclose($fp);
echo "La verification a �t� effectu� plus d'information sur <a href="".$name."">le rapport</a>";
}
public function listerapport() {
$scann = glob("./*.rapport.phpsecurityfile.txt");
$this->rapport = $scann;
}
}
$dossier = $_REQUEST['dossier'];
$securityfile = new phpsecurityfile();
$securityfile->dossier = $dossier;
print ("<html><head><title>PHP SecurityFile V0.1</title></head>");
print ("<HR noshade align="left" width="80%">");
if(empty($dossier)){
print ("<form action="".$_SERVER['PHP_SELF']."" method="POST" title="securityfile">Dossier a Scanner ou verifier: <input value="./" type="text" name="dossier"><input type="submit" title="Scann"></form>");
} else {
$securityfile->debut();
}
print ("<HR noshade align="left" width="80%">");
print ("Liste des rapports:<br>");
$securityfile->listerapport();
if(!empty($securityfile->rapport)) {
foreach ($securityfile->rapport as $key => $result) {
$date = explode(".",$result);
$date2 = $date[1];
$date2 = str_replace("/","",$date2);
print ("<a href="".$result."">Rapport effectu� le ".$date2."</a><br>");
}
}
print ("<br><br>");
print ("<pre>Coded By Charlichaplin</pre>");
?>
|
|
|
Usage Example
|
|
|
Rate This Script
|
|
|
|
Store
Your email: