Advance Backdoor Scanner for Your Website

Description

Key Features:

1. Recursive Directory Scanning: The script recursively scans all files and directories starting from the current directory (.) to identify files for analysis.
2. ZIP File Extraction and Scanning: The script extracts ZIP files into a temporary directory and scans the contents of these files for any potential backdoor threats.
3. File Content Analysis: The script reads the content of PHP files and checks for common backdoor patterns such as eval, base64_decode, shell_exec, and many others.
4. Image File Checking: It checks if a file is an image and attempts to read its metadata. If the image’s metadata can’t be read or if there’s an error, it flags the image as potentially unsafe.
5. Logging Results: The script writes results into an HTML file (result-scanner.html) and provides feedback directly on the page, highlighting which files are safe and which ones may contain backdoors.

Analysis Process:

• File Types Handled: PHP scripts, images, and ZIP archives.
• Backdoor Detection: The script uses a list of predefined patterns to check if any of these backdoor signatures exist in the PHP files.
• Image Metadata: The script attempts to read image metadata, and if it fails or encounters an error, the image is flagged as potentially unsafe.

Example of How to Use:

1. Replace Your index.php: Replace your current index.php file with this script or include this script in your project directory.
2. Run the Scanner: Open your website’s URL in a browser. The script will automatically start scanning the files in the directory.
3. Check the Results: The script will output its findings directly on the webpage, with potential backdoors highlighted in red. It will also create a file result-scanner.html where you can see a summary of the findings.

Things to Note:

• Performance: The script might take some time to scan all files, especially if you have a large number of files or large ZIP archives.
• Potential False Positives: While the script can flag files with certain patterns as potentially dangerous, it’s important to review flagged files manually before taking action.
• Further Action: For flagged files, it’s recommended to consult with a security expert to remove or clean any detected backdoors.

Code Review:

This script is useful for quickly identifying potentially harmful files within your project, but it should not replace a comprehensive security review. The script is lightweight and easy to integrate, making it a valuable tool for developers concerned about potential security issues.