diff options
| author | jvoisin | 2017-10-08 23:23:02 +0200 |
|---|---|---|
| committer | jvoisin | 2017-10-08 23:23:02 +0200 |
| commit | 50bb0ed72d5c221d40f16690d980db5e7ccee46a (patch) | |
| tree | aae6ee2622a51c4d755f2a25625fb2e31fe1afe8 /scripts | |
| parent | a152f79eed1bc01f553b7ab2a317281adc6e11c8 (diff) | |
Improve a bit the script to generate rules
Diffstat (limited to '')
| -rw-r--r-- | scripts/generate_rules.php | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/scripts/generate_rules.php b/scripts/generate_rules.php index e286ef1..a14198e 100644 --- a/scripts/generate_rules.php +++ b/scripts/generate_rules.php | |||
| @@ -11,10 +11,12 @@ $functions_blacklist = ['shell_exec', 'exec', 'passthru', 'php_uname', 'popen', | |||
| 11 | 'proc_terminate', 'proc_open', 'proc_get_status', 'dl', 'pnctl_exec', | 11 | 'proc_terminate', 'proc_open', 'proc_get_status', 'dl', 'pnctl_exec', |
| 12 | 'pnctl_fork', 'assert', 'system']; | 12 | 'pnctl_fork', 'assert', 'system']; |
| 13 | 13 | ||
| 14 | $extensions = ['php', 'php7', 'php5']; | 14 | $extensions = ['php', 'php7', 'php5', 'inc']; |
| 15 | 15 | ||
| 16 | $path = realpath($argv[1]); | 16 | $path = realpath($argv[1]); |
| 17 | 17 | ||
| 18 | $output = Array(); | ||
| 19 | |||
| 18 | $objects = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($path)); | 20 | $objects = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($path)); |
| 19 | foreach($objects as $name => $object){ | 21 | foreach($objects as $name => $object){ |
| 20 | if (FALSE === in_array (pathinfo($name, PATHINFO_EXTENSION), $extensions, true)) { | 22 | if (FALSE === in_array (pathinfo($name, PATHINFO_EXTENSION), $extensions, true)) { |
| @@ -33,11 +35,14 @@ foreach($objects as $name => $object){ | |||
| 33 | if ('' === $hash) { | 35 | if ('' === $hash) { |
| 34 | $hash = hash('sha256', $file_content); | 36 | $hash = hash('sha256', $file_content); |
| 35 | } | 37 | } |
| 36 | echo 'sp.disable_function.function("' . $token[1] . '").filename("' . $name . '").hash("' . $hash . '").allow();' . "\n"; | 38 | $output[] = 'sp.disable_function.function("' . $token[1] . '").filename("' . $name . '").hash("' . $hash . '").allow();' . "\n"; |
| 37 | } | 39 | } |
| 38 | } | 40 | } |
| 39 | } | 41 | } |
| 40 | foreach($functions_blacklist as $fun) { | 42 | foreach($functions_blacklist as $fun) { |
| 41 | echo 'sp.disable_function.function("' . $fun . '").drop();' . "\n"; | 43 | $output[] = 'sp.disable_function.function("' . $fun . '").drop();' . "\n"; |
| 42 | |||
| 43 | } | 44 | } |
| 45 | |||
| 46 | foreach (array_unique($output) as $line) { | ||
| 47 | echo $line; | ||
| 48 | } | ||