$_SERVER['DOCUMENT_ROOT'],);
//////////////////////////////////
// DO NOT EDIT BELOW THIS LINE! //
//////////////////////////////////
function output() {
flush();
ob_flush();
}
echo 'EVALBASE64DECODE Malware Detector
Please wait, we are currently searching for possible infected files...
';
output();
$contents_list = array("base64_decode", "eval"); // removing eval, just incase hacker decides to use spaces in syntax
$directory = $config['dir'];
function getDirContents($dir, &$results = array()){
$files = scandir($dir);
foreach($files as $key => $value){
$path = realpath($dir.DIRECTORY_SEPARATOR.$value);
if(!is_dir($path)) {
$results[] = $path;
} else
if(is_dir($path) && $value != "." && $value != "..") {
getDirContents($path, $results);
$results[] = $path;
}
}
return $results;
}
$files = getDirContents($directory);
foreach ($files as $filename) {
if($filename != __FILE__) {
$file_content = file($filename);
foreach ($file_content as $line) {
foreach($contents_list as $content) {
if(strpos($line, $content) !== false) {
echo 'Possible Infection Found: '.$filename.'
';
output();
}
}
}
}
}