Pecker Scanner Code
A static source code analyser for vulnerabilities in PHP.
Brought to you by:
cfc4nx
Menu
▾
▴
Tree [a196ee] master 0.4.2 / History
| File | Date | Author | Commit |
|---|---|---|---|
| Pecker | 2014-03-03 |
CFC4N
|
[9b1951] fix bugs |
| PeckerLite | 2014-03-03 |
CFC4N
|
[9b1951] fix bugs |
| test | 2014-03-03 |
CFC4N
|
[9b1951] fix bugs |
| .gitignore | 2013-09-18 |
cnxct
|
[6aff0b] add ignore file |
| CHANGES.cn | 2014-03-04 |
陈驰
|
[b32605] Update CHANGES.cn |
| LICENSE | 2013-09-12 |
陈驰
|
[885e74] Initial commit |
| README.md | 2013-11-14 |
陈驰
|
[218460] Update README.md |
| index.php | 2014-03-03 |
CFC4N
|
[9b1951] fix bugs |
| template.html | 2014-03-04 |
陈驰
|
[a196ee] update |
Read Me
Pecker Scanner
A scanner named pecker, written in php,It can check dangerous functions with lexical analysis.
Use:
Config:
$config = array(
'scandir' => dirname(__FILE__),
'extend' => array('php','inc','php5'),
'function' => array('exec','system','create_function','passthru','shell_exec','proc_open','popen','curl_exec','parse_ini_file','show_source','include','preg_replace'),
);
Main:
$scaner = new Pecker_Scanner();
$scaner->setPath($config['scandir']); // set directory to scan
$scaner->setExtend($config['extend']);
$scaner->setFunction($config['function']);
$scaner->run();
$result = $scaner->getReport();
Result:
Array
(
[Pecker\test\1.php] => Array
(
[parser] => 1
[message] =>
[function] => Array
(
[eval] => Array
(
[0] => Array
(
[line] => 23
[code] => ( //get it
gzinflate ( $str ($str1)))
)
[1] => Array
(
[line] => 35
[code] => ('$str = time();')
)
)
[exec] => Array
(
[0] => Array
(
[line] => 25
[code] => ('dir')
)
[1] => Array
(
[line] => 36
[code] => ('dir')
)
)
)
)
[Pecker\test\111.php] => Array
(
[parser] => 1
[message] =>
[function] => Array
(
)
)
[Pecker\test\3.php] => Array
(
[parser] => 1
[message] =>
[function] => Array
(
)
)
)
Info
- Home Page:http://www.cnxct.com/pecker-scanner/
- WeiBo:http://weibo.com/n/CFC4N