scan.php
<?php
set_time_limit(0);
// error_reporting(0);
/**
* AbdalMalwareScanner
*/
final class AbdalMalwareScanner
{
private static $path = '.';
private static $extensions = array('php');
public static $files = array();
public static $filtered = array();
public static $replace_path = '';
function __construct()
{
}
public function setExtensions($extensions)
{
self::$extensions = $extensions;
}
public function getExtensions()
{
return self::$extensions;
}
public function setPath($path)
{
self::$path = $path;
}
public function getPath()
{
return self::$path;
}
public function getFiles()
{
$directory = new recursiveDirectoryIterator(self::$path);
self::$files = new RecursiveIteratorIterator($directory);
$extensions = implode('|', self::$extensions);
self::$files = new RegexIterator(self::$files, '/^.+\.(' . $extensions . ')$/i', RecursiveRegexIterator::GET_MATCH);
return self::$files;
}
public function getFileInfo($filename)
{
clearstatcache();
return array(
'crc' => crc32(file_get_contents($filename)),
'filemtime' => filemtime($filename),
'filectime' => filectime($filename),
'filesize' => filesize($filename),
'fileperms' => fileperms($filename)
);
}
public function getList()
{
$file_list = self::getFiles();
$files = array();
foreach ($file_list as $filename => $file_data) {
$short_filename = str_replace(self::$replace_path, '', realpath($filename));
$files[$short_filename] = self::getFileInfo($filename);
}
return $files;
}
public function mergeFiles($old_files, $new_files)
{
$new = array();
$changed = array();
$deleted = array();
// $renamed = array();
$crc32_key = array();
foreach ($old_files as $filename => $file_data) {
$crc32_key[$file_data['crc']] = $file_data;
if (isset($new_files[$filename])) {
$diff = array_diff_assoc($new_files[$filename], $file_data);
if ($diff) {
$changed[$filename] = array(
'old' => $file_data,
'diff' => $diff,
'new' => $new_files[$filename]
);
unset($new_files[$filename]);
}else{
unset($new_files[$filename]);
}
}else{
$new[$filename] = $file_data;
}
}
$deleted = $new_files;
// foreach ($deleted as $filename => $file_data) {
// if (isset($crc32_key[$file_data['crc']])) {
// $renamed[$filename] = array(
// 'old' => $crc32_key[$file_data['crc']],
// 'new' => $file_data
// );
// unset($deleted[$filename]);
// }
// }
// foreach ($new as $filename => $file_data) {
// if (isset($crc32_key[$file_data['crc']])) {
// $renamed[$filename] = array(
// 'old' => $crc32_key[$file_data['crc']],
// 'new' => $file_data
// );
// unset($new[$filename]);
// }
// }
return array(
'new' => $new,
'changed' => $changed,
'deleted' => $deleted,
// 'renamed' => $renamed
);
}
}
$ams = new AbdalMalwareScanner();
if (file_exists('./last_scan.json')) {
$old_files = json_decode(file_get_contents('./last_scan.json'), true);
$new_files = $ams->getList();
$diff = $ams->mergeFiles($new_files, $old_files);
var_export($diff);
} else {
file_put_contents('./last_scan.json', json_encode($ams->getList()));
}
?>