<?php
class WebLogicBombDetector {
    private $suspiciousPatterns = [
        '/eval\s*\(/', // ตรวจสอบการใช้ eval
        '/\$_GET\s*\[/', // ตรวจสอบการใช้พารามิเตอร์ GET แบบไม่ปลอดภัย
        '/\$_POST\s*\[/', // ตรวจสอบการใช้พารามิเตอร์ POST แบบไม่ปลอดภัย
        '/exec\s*\(/', // ตรวจสอบการเรียกใช้คำสั่งระบบ
        '/system\s*\(/', // ตรวจสอบการเรียกใช้คำสั่งระบบ
        '/mysqli_query/' // ตรวจสอบการใช้ SQL แบบไม่ปลอดภัย
    ];
 
    public function scanDirectory($dir) {
        $files = new RecursiveIteratorIterator(
            new RecursiveDirectoryIterator($dir)
        );
 
        foreach ($files as $file) {
            if ($file->isFile() && $file->getExtension() == 'php') {
                $this->scanFile($file->getPathname());
            }
        }
    }
 
    private function scanFile($filePath) {
        $content = file_get_contents($filePath);
        foreach ($this->suspiciousPatterns as $pattern) {
            if (preg_match($pattern, $content)) {
                echo "พบรูปแบบที่น่าสงสัย: $pattern ในไฟล์: $filePath\n";
            }
        }
    }
}
?>
 

PD9waHAKY2xhc3MgV2ViTG9naWNCb21iRGV0ZWN0b3IgewogICAgcHJpdmF0ZSAkc3VzcGljaW91c1BhdHRlcm5zID0gWwogICAgICAgICcvZXZhbFxzKlwoLycsIC8vIOC4leC4o+C4p+C4iOC4quC4reC4muC4geC4suC4o+C5g+C4iuC5iSBldmFsCiAgICAgICAgJy9cJF9HRVRccypcWy8nLCAvLyDguJXguKPguKfguIjguKrguK3guJrguIHguLLguKPguYPguIrguYnguJ7guLLguKPguLLguKHguLTguYDguJXguK3guKPguYwgR0VUIOC5geC4muC4muC5hOC4oeC5iOC4m+C4peC4reC4lOC4oOC4seC4ogogICAgICAgICcvXCRfUE9TVFxzKlxbLycsIC8vIOC4leC4o+C4p+C4iOC4quC4reC4muC4geC4suC4o+C5g+C4iuC5ieC4nuC4suC4o+C4suC4oeC4tOC5gOC4leC4reC4o+C5jCBQT1NUIOC5geC4muC4muC5hOC4oeC5iOC4m+C4peC4reC4lOC4oOC4seC4ogogICAgICAgICcvZXhlY1xzKlwoLycsIC8vIOC4leC4o+C4p+C4iOC4quC4reC4muC4geC4suC4o+C5gOC4o+C4teC4ouC4geC5g+C4iuC5ieC4hOC4s+C4quC4seC5iOC4h+C4o+C4sOC4muC4mgogICAgICAgICcvc3lzdGVtXHMqXCgvJywgLy8g4LiV4Lij4Lin4LiI4Liq4Lit4Lia4LiB4Liy4Lij4LmA4Lij4Li14Lii4LiB4LmD4LiK4LmJ4LiE4Liz4Liq4Lix4LmI4LiH4Lij4Liw4Lia4LiaCiAgICAgICAgJy9teXNxbGlfcXVlcnkvJyAvLyDguJXguKPguKfguIjguKrguK3guJrguIHguLLguKPguYPguIrguYkgU1FMIOC5geC4muC4muC5hOC4oeC5iOC4m+C4peC4reC4lOC4oOC4seC4ogogICAgXTsKCiAgICBwdWJsaWMgZnVuY3Rpb24gc2NhbkRpcmVjdG9yeSgkZGlyKSB7CiAgICAgICAgJGZpbGVzID0gbmV3IFJlY3Vyc2l2ZUl0ZXJhdG9ySXRlcmF0b3IoCiAgICAgICAgICAgIG5ldyBSZWN1cnNpdmVEaXJlY3RvcnlJdGVyYXRvcigkZGlyKQogICAgICAgICk7CgogICAgICAgIGZvcmVhY2ggKCRmaWxlcyBhcyAkZmlsZSkgewogICAgICAgICAgICBpZiAoJGZpbGUtPmlzRmlsZSgpICYmICRmaWxlLT5nZXRFeHRlbnNpb24oKSA9PSAncGhwJykgewogICAgICAgICAgICAgICAgJHRoaXMtPnNjYW5GaWxlKCRmaWxlLT5nZXRQYXRobmFtZSgpKTsKICAgICAgICAgICAgfQogICAgICAgIH0KICAgIH0KCiAgICBwcml2YXRlIGZ1bmN0aW9uIHNjYW5GaWxlKCRmaWxlUGF0aCkgewogICAgICAgICRjb250ZW50ID0gZmlsZV9nZXRfY29udGVudHMoJGZpbGVQYXRoKTsKICAgICAgICBmb3JlYWNoICgkdGhpcy0+c3VzcGljaW91c1BhdHRlcm5zIGFzICRwYXR0ZXJuKSB7CiAgICAgICAgICAgIGlmIChwcmVnX21hdGNoKCRwYXR0ZXJuLCAkY29udGVudCkpIHsKICAgICAgICAgICAgICAgIGVjaG8gIuC4nuC4muC4o+C4ueC4m+C5geC4muC4muC4l+C4teC5iOC4meC5iOC4suC4quC4h+C4quC4seC4ojogJHBhdHRlcm4g4LmD4LiZ4LmE4Lif4Lil4LmMOiAkZmlsZVBhdGhcbiI7CiAgICAgICAgICAgIH0KICAgICAgICB9CiAgICB9Cn0KPz4K