Correl Roush
4244ed6d8b
git-svn-id: file:///srv/svn/scanner/trunk@1 a0501263-5b7a-4423-a8ba-1edf086583e7
59 lines
1.4 KiB
PHP
59 lines
1.4 KiB
PHP
<?php
|
|
|
|
require_once( 'parser.php' );
|
|
|
|
$filters = array(
|
|
array(
|
|
'type' => PHPPARSER_EXPRESSION,
|
|
'desc' => 'Echoing Sql',
|
|
'pattern' => '/echo[\(\s].*?\$sql/i'
|
|
),
|
|
array(
|
|
'type' => PHPPARSER_LANGUAGE_CONSTRUCT,
|
|
'desc' => 'Evil Eval',
|
|
'pattern' => '/^eval$/i'
|
|
),
|
|
array(
|
|
'type' => PHPPARSER_FUNCTION_CALL,
|
|
'desc' => 'PRINT_R or VAR_DUMP',
|
|
'pattern' => '/^(print_r|var_dump)$/i'
|
|
),
|
|
array(
|
|
'type' => PHPPARSER_EXPRESSION,
|
|
'desc' => 'Developer Email',
|
|
'pattern' => '/(?<!dev|qa)@payquik\.com/'
|
|
),
|
|
);
|
|
|
|
$parser = new PHPParser( PHPPARSER_FETCH_EXPRESSIONS | PHPPARSER_FETCH_CALLS | PHPPARSER_FETCH_INTERNAL | PHPPARSER_FETCH_CONSTRUCTS );
|
|
$parser->parseFile( __FILE__ );
|
|
|
|
foreach( $parser->parsed_objects as $object ) {
|
|
foreach( $filters as $filter ) {
|
|
if( $object['type'] == $filter['type'] ) {
|
|
if( preg_match( $filter['pattern'], $object['name'] ) > 0 ) {
|
|
echo "Triggered Filter '{$filter['desc']}' at line {$object['line']}\n";
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
$sql = "select * from failure";
|
|
echo "Here's the $sql!\n";
|
|
mail( 'correl@payquik.com', 'subject', 'stuffs' );
|
|
eval( "echo \"here's eval!\n\";" );
|
|
print_r( $sql );
|
|
var_dump( $sql );
|
|
echo "done\n";
|
|
|
|
/* OUTPUT:
|
|
|
|
Triggered Filter 'Echoing Sql' at line 42
|
|
Triggered Filter 'Developer Email' at line 43
|
|
Triggered Filter 'Evil Eval' at line 44
|
|
Triggered Filter 'PRINT_R or VAR_DUMP' at line 45
|
|
Triggered Filter 'PRINT_R or VAR_DUMP' at line 46
|
|
|
|
*/
|
|
|
|
?>
|