Anjing Webshells

Website : rimsha.abasa.com

: / var / www / thomaskeith.school /

Filename : scan_sql.sh

back

#!/bin/bash

SQL_FILE="$1"

if [ -z "$SQL_FILE" ]; then
  echo "Usage: ./scan_sql.sh yourfile.sql"
  exit 1
fi

echo "Scanning $SQL_FILE for suspicious patterns..."

# Common suspicious functions and patterns
grep -Ei --color=always \
  -e 'eval\s*\(' \
  -e 'base64_decode\s*\(' \
  -e 'gzinflate\s*\(' \
  -e 'shell_exec\s*\(' \
  -e 'system\s*\(' \
  -e 'passthru\s*\(' \
  -e 'exec\s*\(' \
  -e 'php\s+base64' \
  -e 'create user' \
  -e 'insert into wp_users' \
  -e 'insert into .*admin.*' \
  -e 'load_file\s*\(' \
  -e 'union.*select' \
  "$SQL_FILE"