I was reviewing a huge spaghetti PHP repo some days back and I needed to have a general understanding of what’s what.
So I compiled a list of things I was interested in and made a grep command to search for them.
This is not by any means complete, at least not in its current form, I’m just leaving it here for future references, I may change/update it later on.
It might also help someone too.\
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
grep -inr \
-e "phpinfo" \
-e "echo" \
-e "\$_GET" \
-e "\$_POST" \
-e "\$_REQUEST" \
-e "\$_SERVER" \
-e "shell_exec(" \
-e "system("\
-e "exec("\
-e "popen("\
-e "passthru("\
-e "proc_open("\
-e "pcntl_exec("\
-e "eval("\
-e "assert(" \
-e "preg_replace" \
-e "create_function(" \
-e "\$sql" \
-e "debug" \
-e "file_include" \
-e "include" \
-e "require" \
-e "require_once" \
-e "file_get_contents" \
-e "require_once" \
-e "require_once" \
--exclude="*.js" --exclude=\*.{md,scss,css,json,js,map,sql,xml,html,rb,sh,markdown,txt,less,yml,toml,config,} --exclude-dir={node_modules,assets} .
|