I recently had a malicious php file placed on my server. I've since removed it. But I was wondering if there was a program that can search through all the php files on my server looking for whatever code snippet I insert. I want to make sure it didn't insert anything in other files, but it will take me ages if I have to manually open each file and do it.
Program to search through multiple php files on a server?
most modern text editors worth there weight have multi-file search functions built in. some even contain RegEx capable search/replace.
on a linux server use grep
If you can login to a linux command line on your server and you want to look for the word foobar in ALL of the files in a given directory, grep is your best friend. This command will search every file in the current directory and all of its subdirectories for all case variations of the word foobar:
grep -ir 'foobar' *If you want to examine the contents of every PHP file in a given directory using PHP then you could do something like this:
<?php
function recursive_list($dir, $regex=NULL) {
$dirs = array();
if ($dh = opendir($dir)) {
while (false !== ($file = readdir($dh))) {
if ($file != "." && $file != "..") {
$full_path = $dir . DIRECTORY_SEPARATOR . $file;
if (is_dir($full_path)) {
echo "listing $full_path\n";
$more_files = recursive_list($full_path, $regex);
$dirs = array_merge($dirs, $more_files);
} else {
if (!is_null($regex)) {
if (preg_match($regex, $full_path)) {
$dirs[] = $full_path;
}
} else {
$dirs[] = $full_path;
}
}
}
}
} else {
die('unable to open dir ' . $dir);
}
closedir($dh);
return $dirs;
}
// get an array of all the php files in the directory where this script lives
$list = recursive_list('.', '/.*\.php/');
foreach($list as $file) {
$file_contents = file_get_contents($file);
// do your check on the file here
}
?>