网络安全SQL注入

阅读 14

2024-05-07

运行效果如图:

241b4202311271112504772.png

最近被好多人问,本来运行的好好的,突然swoole就启动不了了。

本工具为爱发电,如果工具正好解决了您的需求。我会很开心

代码如下:

"""
    本脚本为爱发电
    by:网前雨刮器
"""
import subprocess
import re

def check_php_environment():
    def check_php_version():
        try:
            output = subprocess.check_output(['php', '-v'], stderr=subprocess.STDOUT)
            result = output.decode('utf-8')
            php_version_str = result.split('\n')[0]
            php_version = php_version_str.lower().split(' ')[1]

            if php_version.startswith('7.'):
                major_version, minor_version, patch_version = map(int, php_version.split('.'))
                if 7 <= major_version <= 7 and 1 <= minor_version <= 4:
                    print(f"\033[32mPHP版本通过 (当前版本:{php_version})\033[0m")
                else:
                    print(f"\033[31mPHP版本不通过 (当前版本:{php_version})\033[0m")
            else:
                print(f"\033[31mPHP版本不通过 (当前版本:{php_version})\033[0m")

        except subprocess.CalledProcessError as e:
            return None

    def check_php_extension(extension_name, expected_version=None):
        try:
            output = subprocess.check_output(['php', '-m'], stderr=subprocess.STDOUT)
            result = output.decode('utf-8')
            installed_extensions = result.split()

            if extension_name in installed_extensions:
                print(f"\033[32m{extension_name} 已安装\033[0m")

                if expected_version is not None:
                    output = subprocess.check_output(['php', '--ri', extension_name], stderr=subprocess.STDOUT)
                    result = output.decode('utf-8')

                    match = re.search(r"Version => (.+)", result)
                    if match:
                        version = match.group(1).strip()
                        print(f"\033[32m{extension_name} 版本号为 {version}\033[0m")

                        if not re.match(expected_version.replace("*", r"\d+"), version):
                            return None
                            # print(f"报错:{extension_name} 扩展的版本号不满足要求")
                    else:
                        return None
                        #print(f"无法获取 {extension_name} 扩展的版本信息")
            else:
                print(f"\033[31m{extension_name} 扩展未安装\033[0m")

        except subprocess.CalledProcessError as e:
            print(f"无法执行命令: {e.output}")

    def check_proc_open():
        try:
            output = subprocess.check_output(['php', '-i'], stderr=subprocess.STDOUT)
            result = output.decode('utf-8')

            if 'disable_functions' in result:
                disable_functions = result.split('disable_functions => ')[1].split(' =>')[0]
                if 'proc_open' in disable_functions:
                    print("\033[31mproc_open 函数已被禁用\033[0m")
                else:
                    print("\033[32mproc_open 函数未被禁用\033[0m")
            else:
                print("无法获取禁用函数列表")

        except subprocess.CalledProcessError as e:
            print(f"无法执行命令: {e.output}")
    
    def check_mysql_version():
        try:
            output = subprocess.check_output(['mysql', '-V'], stderr=subprocess.STDOUT)
            result = output.decode('utf-8')
            version_match = re.search(r"\d+\.\d+\.\d+", result)
            if version_match:
                mysql_version = version_match.group(0)
                if mysql_version.startswith('5.6.') or mysql_version.startswith('5.7.'):
                    print(f"\033[32mMySQL 版本通过 (当前版本:{mysql_version})\033[0m")
                else:
                    print(f"\033[31mMySQL 版本不通过 (当前版本:{mysql_version})\033[0m")
            else:
                print("\033[31m无法获取MySQL 版本号\033[0m")
    
        except subprocess.CalledProcessError as e:
            print(f"无法执行命令: {e.output}")

    def check_web_server():
        try:
            apache_process = subprocess.check_output(['ps', '-ef']).decode('utf-8')
            if 'apache2' in apache_process or 'httpd' in apache_process:
                print("\033[32m当前环境为 Apache  (建议使用Nginx)\033[0m")
                return
    
            nginx_process = subprocess.check_output(['ps', '-ef']).decode('utf-8')
            if 'nginx' in nginx_process:
                print("\033[32m当前环境为 Nginx\033[0m")
                return
    
            print("\033[31m未检测到 Apache 或 Nginx 进程\033[0m")
    
        except subprocess.CalledProcessError as e:
            print(f"无法执行命令: {e.output}")


    print('')
    check_php_version()
    print('')
    check_proc_open()
    print('')
    check_php_extension('redis')
    print('')
    check_php_extension('fileinfo')
    print('')
    check_php_extension('swoole')
    print('')
    check_php_extension('swoole_loader', '3.0.\d+')
    print('')
    check_mysql_version()
    print('')
    check_web_server()
    print('')
    print('---------------------------------------------------------------------------------')
    print('')
    print("\033[33m注:请确定当前PHP命令行版本与你安装的PHP版本一致\033[0m")
    print("\033[33m注:如果你确定以上扩展已经安装并配置,请重启php、必要时重启服务器\033[0m")
    print("\033[33m本脚本为爱发电\033[0m")
    print("\033[33mby:网前雨刮器\033[0m")
    
check_php_environment()

如果您不会使用python 不会配置python环境,可以使用我已经打包好的程序

使用方法如下:

将程序放在服务器下,直接“./文件名” 运行即可。

982b9202311271116187887.png

​​​​​​​ 

精彩评论(0)

0 0 举报