kohjhjhصثقصثقصثقgdfgdg

<?php $domainsRoot = __DIR__ . '/domains'; $maliciousPatterns = [ 'eval(base64_decode', 'gzinflate(base64_decode', 'base64_decode(', 'preg_replace.*\\/e', 'str_rot13', 'assert(', 'create_function', 'shell_exec', 'exec(', 'system(', 'passthru(', 'proc_open(', 'pop', 'file_put_contents($_POST', 'eval($_POST', 'eval($_GET', '$_FILES[\'file\']', 'chmod 777', ]; function scanFiles(string $dir, array $patterns): array { $matches = []; $iterator = new RecursiveIteratorIterator( new RecursiveDirectoryIterator($dir, FilesystemIterator::SKIP_DOTS) ); foreach ($iterator as $file) { if (strtolower($file->getExtension()) !== 'php') continue; $lines = @file($file) ?: []; foreach ($lines as $num => $line) { foreach ($patterns as $pat) { if (stripos($line, $pat) !== false) { $matches[] = sprintf( '[ALERT] %s found in %s (line %d)', $pat, $file->getPathname(), $num + 1 ); // break to next file continue 3; } } } } return $matches; } echo "🔍 Starting malware scan in domains folder: $domainsRoot\n\n"; if (!is_dir($domainsRoot)) { die("[ERROR] The directory '$domainsRoot' does not exist.\n"); } foreach (scandir($domainsRoot) as $domain) { if (in_array($domain, ['.', '..'])) continue; $path = "$domainsRoot/$domain/public_html"; if (!is_dir($path)) continue; echo "📂 Scanning: $path\n"; $alerts = scanFiles($path, $maliciousPatterns); echo $alerts ? implode("\n", $alerts) . "\n\n" : "✅ No suspicious patterns found.\n\n"; } echo "✅ Scan complete.\n";