前不久,我申请加入了某开源组织,他们要我写一个功能用来检测图片中是否有木马脚本。
其实一开始我什么也不知道,只是后来在网上查了一些资料,找到的全是有制作图片木马的教程,并没有找到检测的程序。
经过几番思索之后,决定从制作原理来分析这种木马程序。这种木马程序是十六进制编码写的,我灵机一动,写了以下这个上传类。最终通过了组织测验。呵呵
现在把它拿出来给大家分享,有什么不好的地方,还请指正! anyon@139.com;
复制代码 代码如下:

自己刚开始尝试,对大神来说可能入不了法眼,希望有用。

<?php
/**
*TTR上传类
*2007-09-22
*[url=]
*QQ:252319874
**/

* @version $Id: Upload.class.php 2013-3-20 21:47:23 Anyon $
+——————————————————————————
*/ class Upload { private static $image = null; private static $status
= 0; private static $suffix = null; private static $imageType =
array(‘.jpg’, ‘.bmp’,’.gif’,’.png’); private static $message = array(
‘0’ => ‘没有错误发生,文件上传成功。’, ‘1’ => ‘上传的文件超过了
php.ini 中 upload_max_filesize 选项限制的值。’, ‘2’ =>
‘上传文件的大小超过了 HTML 表单中 MAX_FILE_SIZE 选项指定的值。’, ‘3’
=> ‘文件只有部分被上传。’, ‘4’ => ‘没有文件上传。’, ‘5’ =>
‘未能通过安全检查的文件。’, ‘6’ => ‘找不到临时文件夹。’, ‘7’ =>
‘文件写入失败。’, ‘8’ => ‘文件类型不支持’, ‘9’ =>
‘上传的临时文件丢失。’, ); //@ 开始执行文件上传 public static function
start { if { self::$status = $_FILES[$feild][‘error’]; if return
array(‘status’ => self::$status, ‘msg’ =>
self::$message[self::$status]); self::$image =
$_FILES[$feild][‘tmp_name’]; self::$suffix =
strtolower(strrchr($_FILES[$feild][‘name’], ‘.’)); return
array(‘status’ => self::_upload(), ‘path’ => self::$image, ‘msg’
=> self::$message[self::$status]); } else { return array(‘status’
=> self::$status, ‘msg’ => self::$message[self::$status]); } }
//@ 私有 上传开始 private static function _upload {
date_default_timezone_set; $newFile = $path . date . rand .
self::$suffix; self::umkdir; if (is_uploaded_file &&
move_uploaded_file(self::$image, $newFile)) { self::$image = $newFile;
if (in_array(self::$suffix, self::$imageType)) return self::checkHex();
else return self::$status = 0; } else { return self::$status = 9; } }
//@ 私有 16进制检测 private static function checkHex() { if
(file_exists { $resource = fopen; $fileSize = filesize; fseek; if { //
取头和尾 $hexCode = bin2hex); fseek($resource, $fileSize – 512);
$hexCode .= bin2hex); } else { // 取全部 $hexCode = bin2hex(fread); }
fclose; /* 匹配16进制中的 */ /* 匹配16进制中的 ?> */ /*
匹配16进制中的

步骤:一、在网址

class TTRUpload extends Error
{
        const filesize=81200000;
        private $uploadpath=”uploadfile/”;
        private $savepath=null;
        private $uploadfilename=null;                                //单个文件为文件名,批量文件为xxxx|xxxx格式,请注意
        private $ext=array(“jpg”,”gif”,”png”);
        private $error=null;
        private $file=null;        
        private $uploadtype=null;
        private $filename=null;
        
        //构造函数,$type:ONE单个上传 ANY批量上传;
        public function __construct($file,$type=”ONE”)
        {
                if($type!=”ONE” && $type!=”ANY”)
                {
                        echo “<script language=’javascript’>alert(‘初始化请选择ONE或者ANY’)</script>”;
                        exit;
                }
                $this->uploadtype=$type;
                $this->file=$file;
        }
        
        private function createFileName()
        {
                return $this->filename=”TTR_”.time().$this->getRandomN(4);
        }
                
        private function getUploadPath()
        {
                if(substr($this->uploadpath,-1,1)!=”/”) 
                {
                        $this->savepath=$this->uploadpath.”/”.date(“Ym”);
                }else{
                        $this->savepath=$this->uploadpath.date(“Ym”);
                }
                $this->savepath=$this->getFolder($this->savepath);
                return true;
        }
        
        private function getFileExt($tempfilename)
        {
                return end(explode(“.”,$tempfilename));
        }
        
        private function getExt()
        {
                if(in_array(strtolower($this->getFileExt($tempfilename)),$this->ext))
                {
                        return true;
                }else{
                        return false;        
                }
        }
        
        private function getFolder($folder)
        {
                if(!is_dir($folder))
                {
                        mkdir($folder);
                }
                return $folder.”/”;
        }
        
        
        public function upload()
        {
                if($this->uploadtype==”ONE”)
                {
                        

        二、编写代码并引入phpqrcode.php文件,实现生成二维码。

                        if($this->getExt($this->file[“type”]))
                        {
                                
                                parent::errorExt();
                                
                        }else if($this->file[“size”]>self::filesize){
                                
                                parent::errorFileSize();
                                
                        }else if(!$this->getUploadPath()){
                                
                                parent::errorUploadPath();
                                
                        }else{
                                $filenametemp=$this->createFileName();
                                $filename=$this->savepath.$filenametemp.”.”.$this->getFileExt($this->file[“name”]);
                                if(move_uploaded_file($this->file[“tmp_name”],$filename))
                                {        
                                        $this->uploadfilename=$filenametemp;
                                        parent::okMoved();                        
                                        
                                
                                }else{
                                        parent::errorMoveUpload();
                                }
                        }
                }else if($this->uploadtype==”ANY”){

代码:

                        for($i=0;$i<count($this->file);$i++)
                        {
                        
                                if($this->getExt($this->file[$i][“type”]))
                                {
                                        parent::errorExt();
                                        
                                }else if($this->file[$i][“size”]>self::filesize){
                                        
                                        parent::errorFileSize();
                                        
                                }else if(!$this->getUploadPath()){
                                        
                                        parent::errorUploadPath();
                                        
                                }else{
                                        $filenametemp=$this->createFileName();
                                        $filename=$this->savepath.$filenametemp.”.”.$this->getFileExt($this->file[$i][“name”]);
                                        if(move_uploaded_file($this->file[$i][“tmp_name”],$filename))
                                        {        
                                                $str.=$filenametemp.”|”;
                                                
                                        }else{
                                                parent::errorMoveUpload();
                                        }
                                        
                                }
                                
                        }
                        $this->uploadfilename=substr($str,0,strlen($str)-1);        
                        parent::okMoved();
                }
        }
        
        public function getUploadFileName()
        {
                return $this->uploadfilename;
        }
        
        public function setUploadPath($path)
        {
                $this->uploadpath=$path;
        }
        
        
        private function getRandomN($n)
        {
                if ($n < 1 || $n>10)  return “”;
        
                $ary_num= array(0,1,2,3,4,5,6,7,8,9);
                $return =””;
                for ($i=0;$i<$n;$i++)
                {
                        $randn = rand(0,9-$i);
                        $return .= $ary_num[$randn];
                        $ary_num[$randn] = $ary_num[9-$i];
                }
                return $return;
        }

发表评论

电子邮件地址不会被公开。 必填项已用*标注