Find corrupted php source
Publié le 27 Sep 2012, 10:14 pm dans php
I was given a CD containing a website that the owner wanted to transfer to my Madagascar web hosting dot.mg. Well, I don't know how they did burn this disk, but when the copy and installation was completed, the site showed gibberish content and at the bottom of the page a sensitive part of the PHP source were exposed. Some of the PHP source were corrupted, and the
<?phpmarkers along with some code were replaced with binary lettersalad. I spotted only one file corrupted, but since this corruption could leak sensitive information, I needed a way to list all corrupted files so that I could reclaim them from the website owner. So, basically, what I want is a tool that checks all php files and list which ones of them contains binary data. The quick solution I created was this very simple command :
My pattern is
grep -r $'[\x0e-\x1f]' * | grep php
$'[\x0e-\x1f'], any character between ascii code hex 0E and 1F. I could have listed all character that cannot appear in normal text files, but somehow, this was sufficient. The option
-riterates through subfolders, and for this, I could not use
*.phpas file pattern. The first part of this command finds binary characters from 0E to 1F in all files. If a match is found, it outputs texts like
Look! grep considered file inc/connexion.php as binary file. What remains is to filter this output and show only php files, that's what piping to
Binary file images/test.jpg matches Binary file inc/connexion.php matches
grep phpstands for. And voilà!
Les commentaires sont fermés pour ce billet.