GIT.Harvie.CZ / mirrors / Programs.git / blame
| Commit | Line | Data |
|---|---|---|
| 8de51304 H |
1 | #!/usr/bin/php |
| 2 | <?php | |
| 3 | //RFIFinder 0.1 (filter for crawlers) | |
| 4 | //<-Harvie 2oo7 | |
| 5 | /* | |
| 6 | *This thing will find urls with expected RFI hole in pages specified by STDIN lines. | |
| 7 | *Use it well... | |
| 8 | */ | |
| 9 | ||
| 10 | function is_rfi_positive($url) { | |
| 11 | $rfi_regexp = '(\?|&)(page|url|include|readfile|require|inc)=.*\.(html|htm|php|php.|txt)'; | |
| 12 | return eregi($rfi_regexp, $url); | |
| 13 | } | |
| 14 | ||
| 15 | $stdin = fopen('php://stdin', 'r'); | |
| 16 | while(!feof($stdin)) { | |
| 17 | $url = trim(fgets($stdin)); //echo($url); //Debug | |
| 18 | if(is_rfi_positive($url)) echo("$url\n"); | |
| 19 | $in = @file($url); if(!$in || !is_array($in)) continue; | |
| 20 | foreach($in as $line) { | |
| 21 | $line = spliti('href="http://', $line); | |
| 22 | if(sizeof($line) > 1) { | |
| 23 | array_shift($line); //print_r($line); //Debug | |
| 24 | foreach($line as $nurl) { | |
| 25 | //echo("#"); //debug | |
| 26 | $nurl = spliti('"', $nurl); | |
| 27 | $nurl = 'http://'.trim(htmlspecialchars_decode($nurl[0])); //echo($nurl."\n"); //Debug | |
| 28 | $test = @fopen($nurl, 'r'); | |
| 29 | if(is_rfi_positive($nurl) && $test) echo("$nurl\n"); | |
| 30 | } | |
| 31 | } | |
| 32 | } | |
| 33 | } | |
| 34 |