Php code for detecting image Trojans (multi-base programming)

Php code for detecting image Trojans (multi-base programming)

This article shares a piece of code for detecting image Trojans implemented by php. it can be used to detect hexadecimal-encoded Trojans. For more information, see. This php program detects Image Trojans and analyzes the Trojan program from the creation principle. Some Trojans are written in hexadecimal encoding, so you need to spend some time to perform detection, so this php Trojan Detection class is implemented. Code: 'No error occurs. the file is uploaded successfully. ', '1' =>' the uploaded file exceeds the limit of the upload_max_filesize option in php. ini. ', '2' =>' the size of the uploaded file exceeds the value specified by the MAX_FILE_SIZE option in the HTML form. ', '3' =>' only part of the file is uploaded. ', '4' =>' no file is uploaded. ', '5' =>' file failed to pass the security check. ', '6' =>' cannot find the temporary folder. ', '7' =>' file writing failed. ', '8' => 'File type not supported', '9' => 'the temporary file to be uploaded is lost. ',); // @ Start to execute the file upload public static function start ($ feild = 'file') {if (! Empty ($ _ FILES) {self: $ status = $ _ FILES [$ feild] ['error']; if (self: $ status> 0) return array ('status' => self: $ status, 'MSG '=> self: $ message [self: $ status]); self :: $ image = $ _ FILES [$ feild] ['tmp _ name']; self :: $ suffix = strtolower (strrchr ($ _ FILES [$ feild] ['name'], '. '); return array ('status' => self: _ upload (), 'path' => self: $ image, 'MSG' => self :: $ message [self ::$ status]);} else {return array ('status' => self: $ status, 'MSG '=> self :: $ message [self: $ status]) ;}// @ start private static function _ upload ($ path = '. /upload/') {date_default_timezone_set ('prc'); $ newFile = $ path. date ('Y/m/d/His '). rand (100,999 ). self: $ suffix; self: umkdir (dirname ($ newFile); if (is_uploaded_file (self: $ image) & move_uploaded_file (self: $ image, $ newFile) {self ::$ image = $ newFile; if (in_array (self ::$ suffix, self ::$ imageType) return self :: checkHex (); else return self: $ status = 0;} else {return self: $ status = 9 ;}/// @ private hexadecimal check private static function checkHex () {if (file_exists (self ::$ image) {$ resource = fopen (self ::$ image, 'RB'); $ fileSize = filesize (self :: $ image); fseek ($ resource, 0); if ($ fileSize> 512) {// Get the header and tail $ hexCode = bin2hex (fread ($ resource, 512 )); fseek ($ resource, $ fileSize-512); $ hexCode. = bin2hex (fread ($ resource, 512);} else {// retrieve all $ hexCode = bin2hex (fread ($ resource, $ fileSize ));} fclose ($ resource);/* matches <% () %> * // * matches in hexadecimal notation * // * Match the hexadecimal value