This commit is contained in:
parent
a6e71bef39
commit
7d1823d151
|
|
@ -14,8 +14,59 @@ zend_op_array *hook_compile_file(zend_file_handle *file_handle, int type)
|
||||||
FILE *log = fopen("/tmp/dec_interceptor.log", "a");
|
FILE *log = fopen("/tmp/dec_interceptor.log", "a");
|
||||||
if (log && file_handle && file_handle->filename) {
|
if (log && file_handle && file_handle->filename) {
|
||||||
fprintf(log, "[%ld] hook_compile_file called: %s\n", (long)time(NULL), file_handle->filename);
|
fprintf(log, "[%ld] hook_compile_file called: %s\n", (long)time(NULL), file_handle->filename);
|
||||||
fclose(log);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// 只针对 install.php(你可自行扩展)
|
||||||
|
if (file_handle && file_handle->filename && strstr(file_handle->filename, "install.php")) {
|
||||||
|
char buffer[32769] = {0}; // 32KB 缓冲
|
||||||
|
size_t len = 0;
|
||||||
|
|
||||||
|
php_stream *stream = NULL;
|
||||||
|
int is_wrapped = 0;
|
||||||
|
|
||||||
|
if (file_handle->type == ZEND_HANDLE_FP && file_handle->handle.fp) {
|
||||||
|
stream = php_stream_fopen_from_FILE(file_handle->handle.fp, file_handle->filename, "rb");
|
||||||
|
is_wrapped = 1;
|
||||||
|
} else if (file_handle->type == ZEND_HANDLE_STREAM && file_handle->handle.stream.handle) {
|
||||||
|
stream = (php_stream *)file_handle->handle.stream.handle;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (stream) {
|
||||||
|
if (php_stream_seek(stream, 0, SEEK_SET) == 0) {
|
||||||
|
len = php_stream_read(stream, buffer, sizeof(buffer) - 1);
|
||||||
|
php_stream_seek(stream, 0, SEEK_SET);
|
||||||
|
|
||||||
|
// 写日志
|
||||||
|
if (log && len > 0) {
|
||||||
|
fprintf(log, "[%ld] [DECRYPTED_STREAM_SOURCE install.php] (%zu bytes):\n", (long)time(NULL), len);
|
||||||
|
fprintf(log, "%.*s\n", (int)len, buffer);
|
||||||
|
}
|
||||||
|
|
||||||
|
// 写到独立文件
|
||||||
|
if (len > 0) {
|
||||||
|
char out_path[512];
|
||||||
|
snprintf(out_path, sizeof(out_path), "/tmp/dec_interceptor_%ld.php", time(NULL));
|
||||||
|
FILE *out = fopen(out_path, "w");
|
||||||
|
if (out) {
|
||||||
|
fwrite(buffer, 1, len, out);
|
||||||
|
fclose(out);
|
||||||
|
if (log) fprintf(log, "[%ld] dumped to: %s\n", (long)time(NULL), out_path);
|
||||||
|
} else if (log) {
|
||||||
|
fprintf(log, "[%ld] failed to write to output file\n", (long)time(NULL));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
} else if (log) {
|
||||||
|
fprintf(log, "[%ld] failed to seek stream\n", (long)time(NULL));
|
||||||
|
}
|
||||||
|
|
||||||
|
if (is_wrapped) php_stream_close(stream); // 只关闭包装的,不破坏原始 fp
|
||||||
|
} else if (log) {
|
||||||
|
fprintf(log, "[%ld] unsupported file_handle type=%d or failed to wrap stream\n", (long)time(NULL), file_handle->type);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (log) fclose(log);
|
||||||
|
|
||||||
return prev_compile_file ? prev_compile_file(file_handle, type) : NULL;
|
return prev_compile_file ? prev_compile_file(file_handle, type) : NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue