All pastes #2106256 Raw Edit

php remover cleaner eval base64_

public php v1 · immutable
#2106256 ·published 2012-01-26 03:54 UTC
rendered paste body
<?php/** * Cleaner PHP (Wordpress Hack Fix) * Author: Nino Paolo Amarillento * Version: 2.0 * URL: http://www.php-beginners.com/solve-wordpress-malware-script-attack-fix.html *  * If you have problem of your site just let me know and I'll be happy to help you!. */ini_set('memory_limit','128M'); // If you have memory_limit problem just adjust to a higher value, like 256Mset_time_limit(0);ob_start();// header("Content-type:text/plain");$root = "./";$find ="\s*eval\s*\([^\)]+\)\)\;";$except = array("rar", "zip", "mp3", "mp4", "mp3", "mov", "flv", "wmv", "swf", "png", "gif", "jpg", "bmp", "avi");$only = array("php", "shtml", "html", "htm", "js", "css", "htaccess", "txt");$infectedFiles = null;$showOnlyInfectedFiles = true;$cleanInfected = true;echo "<h1>Scanning Files...</h1>";echo "After scanning files is done <a href='#infected-files' title='Found Infected Files'>click here to view found Infected files.</a>";echo "<ol>";$infectedFiles = startScan($root);echo "</ol>";echo "<br /><br /><h1 id='infected-files'>". count($infectedFiles) ." Found Infected Files</h1>";echo "<ol>";if(is_array($infectedFiles))foreach($infectedFiles AS $iFile){	echo "<li>{$iFile}</li>";}echo "</ol>";/* functions */function getAllFiles($dir){global $except, $only;	$filenames = null;	if ($handle = opendir($dir)){		while (false !== ($file = readdir($handle))) 			if ($file != "." && $file != ".." && !is_dir($dir.$file) && ($dir != "." && $file != basename(__FILE__))){				$path_parts = pathinfo($file);				if(isset($path_parts['extension']) && array_search(strtolower($path_parts['extension']), $except) === false)					if(array_search(strtolower($path_parts['basename']), $only) !== false || array_search(strtolower($path_parts['extension']), $only) !== false || sizeof($only) < 1)						$filenames[] = $file;			}		closedir($handle);	}	return $filenames;}function getAllDirectories($dir){	$directories = null;	if ($handle = opendir($dir)) {		while (false !== ($file = readdir($handle)))			if ($file != "." && $file != ".." && is_dir($dir.$file))				$directories[] = $dir.$file;		closedir($handle);	}	return $directories;}function startScan($root){global $find, $infectedFiles, $showOnlyInfectedFiles, $cleanInfected;	$time_start = microtime_float();	$root = str_replace("//", "/", $root);	echo "<li>".$root;	$directories = getAllDirectories($root);		ob_implicit_flush();	ob_flush();	sleep(1);		if(is_array($directories)){			// get all files		if(($tmp = getAllFiles($root)) !== null){			echo "<ul>";			$files = $tmp;			foreach($files AS $file){				$numMatches = checkMalware($root.$file, $find);				if(!empty($numMatches)){					if($cleanInfected)						cleanInfected($root.$file, $find);											echo "<li style='background-color:c00'><p style='padding:0 0 0 5px; margin:0; color:#fff'>".$infectedFiles[] = $root.$file;					echo " - ".(microtime_float() - $time_start)."</p></li>";				}elseif(!$showOnlyInfectedFiles){					$infectedFiles[] = $root.$file;					echo "<li>".$file."</li>"; // $root.$file				}			}			echo "</ul>";		}						echo "<ol>";		foreach($directories AS $dir){			echo "<li>".$dir;			 ob_implicit_flush();			 ob_flush();			 sleep(1);			 			// get all files			if(($tmp = getAllFiles($dir)) !== null){				echo "<ul>";				$files = $tmp;				foreach($files AS $file){					if($dir[strlen($dir)-1] === "/") $dir = substr($dir, 0, -1); 					$numMatches = checkMalware($dir."/".$file, $find);					if(!empty($numMatches)){						if($cleanInfected)							cleanInfected($dir."/".$file, $find);													echo "<li style='background-color:c00'><p style='padding:0 0 0 5px; margin:0; color:#fff'>".$infectedFiles[] = $dir."/".$file;						echo " - ".(microtime_float() - $time_start)."</p></li>";					}elseif(!$showOnlyInfectedFiles){						$infectedFiles[] = $dir."/".$file;						echo "<li>".$file."</li>";					}				}				echo "</ul>";			}						// gel all directories			if($root[strlen($root)-1] === "/") $tmp_root = substr($root, 0, -1); 			if(($tmp = getAllDirectories($dir."/")) !== null && $dir !== $tmp_root){				foreach($tmp AS $d){					$a = startScan($d."/");					if(is_array($a))						array_merge($infectedFiles, $a);				}							}			echo "</li>";		}		echo "</ol>";	}else{		// get all files		if(($tmp = getAllFiles($root)) !== null){			echo "<ul>";			$files = $tmp;			foreach($files AS $file){				$numMatches = checkMalware($root.$file, $find);				if(!empty($numMatches)){					if($cleanInfected)						cleanInfected($root.$file, $find);											echo "<li style='background-color:c00'><p style='padding:0 0 0 5px; margin:0; color:#fff'>".$infectedFiles[] = $root.$file;					echo " - ".(microtime_float() - $time_start)."</p></li>";				}elseif(!$showOnlyInfectedFiles){					$infectedFiles[] = $root.$file;					echo "<li>".$file."</li>"; // $root.$file				}			}			echo "</ul>";		}	}	echo "</li>";	 return $infectedFiles;}function checkMalware($filename, $find){	$numMatches = null;	$handle = fopen($filename, "r");	if(filesize($filename) > 0){		$contents = fread($handle, filesize($filename));		$numMatches = preg_match('/'.$find.'/i', $contents, $matches);	}	fclose($handle);	return $numMatches;}function cleanInfected($filename, $find){	$handle = fopen($filename, "r");	if(filesize($filename) > 0){		$contents = fread($handle, filesize($filename));		fclose($handle);				$handle = fopen($filename, "w");		$contents = preg_replace('/'.$find.'/i', '', $contents);		fwrite($handle, $contents);	}	fclose($handle);}function microtime_float(){    list($usec, $sec) = explode(" ", microtime());    return ((float)$usec + (float)$sec);}ob_end_flush();