Current File : /home/quantums/durdanatariq.com/scan_malware.php

<?php
set_time_limit(0);
error_reporting(0);

function scan_dir($dir, &$results = []) {
    $files = scandir($dir);
    foreach ($files as $key => $value) {
        $path = realpath($dir . DIRECTORY_SEPARATOR . $value);
        if (!$path) continue;
        if (!is_dir($path)) {
            if (pathinfo($path, PATHINFO_EXTENSION) === 'php') {
                $contents = file_get_contents($path);
                // Cek pola berbahaya umum
                $patterns = [
                    '/eval\s*\(/i',
                    '/base64_decode\s*\(/i',
                    '/shell_exec\s*\(/i',
                    '/passthru\s*\(/i',
                    '/system\s*\(/i',
                    '/exec\s*\(/i',
                    '/popen\s*\(/i',
                    '/proc_open\s*\(/i',
                    '/assert\s*\(/i',
                ];
                foreach ($patterns as $pattern) {
                    if (preg_match($pattern, $contents)) {
                        $results[] = $path;
                        break;
                    }
                }
            }
        } elseif ($value != "." && $value != "..") {
            scan_dir($path, $results);
        }
    }
    return $results;
}

$start_dir = __DIR__; // Mulai scan dari folder skrip ini diletakkan
$malicious_files = scan_dir($start_dir);

if (!empty($malicious_files)) {
    echo "Files potentially containing malicious code:\n";
    foreach ($malicious_files as $file) {
        echo $file . "\n";
    }
} else {
    echo "No suspicious PHP files found.\n";
}
?>