以下是在命令行的执行结果
[root@openvpn-server models]# sed -n '83,158 p ' /home/Joomla_3.8.1_full/administrator/components/com_content/models/articles.php |egrep "[$]search = [$]this->getUserStateFromRequest\([$]this->context . '.filter.search', 'filter_search'\)"
$search = $this->getUserStateFromRequest($this->context . '.filter.search', 'filter_search');
[root@openvpn-server models]# sed -n '83,158 p ' /home/Joomla_3.8.1_full/administrator/components/com_content/models/articles.php |egrep "[$]forcedLanguage = [$]app->input->get\('forcedLanguage', '', 'cmd'\)"
$forcedLanguage = $app->input->get('forcedLanguage', '', 'cmd');
[root@openvpn-server models]# sed -n '83,158 p ' /home/Joomla_3.8.1_full/administrator/components/com_content/models/articles.php |egrep "if \([$]formSubmited\)"
if ($formSubmited)
[root@openvpn-server models]# sed -n '83,158 p ' /home/Joomla_3.8.1_full/administrator/components/com_content/models/articles.php |egrep "[$]this->setState\('filter.forcedLanguage', [$]forcedLanguage\);"
$this->setState('filter.forcedLanguage', $forcedLanguage);
[root@openvpn-server models]# sed -n '83,158 p ' /home/Joomla_3.8.1_full/administrator/components/com_content/models/articles.php |egrep "parent::populateState\([$]ordering, [$]direction\)"
parent::populateState($ordering, $direction);
[root@openvpn-server models]# cat /home/Joomla_3.8.1_full/administrator/components/com_content/models/articles.php|grep "[[]'filter_fields'[]][[][]] = 'association';"
$config['filter_fields'][] = 'association';
[root@openvpn-server models]# cat /home/Joomla_3.8.1_full/administrator/components/com_content/models/articles.php|grep "[$]config[[][']filter_fields['][]][[][]] = 'association';"
$config['filter_fields'][] = 'association';
1. 遇到$, [, ], 左右单引号,<, > 都可以用[] 括起来
2. ( ,),? 用\ 转义
3.其他PHP符号如 -> :: . '' 原样输入即可
4. 在脚本里 遇到 '', '.' 不能匹配,但在命令行可以匹配
5. 在脚本中,变量传递参数的示例:
#subkeyname="[$]config[[][']filter_fields['][]][[][]] = [']association[']" 匹配模式两侧必须加“”
#subkeyname="[$]this->context .= '.' . [$]forcedLanguage;" 匹配模式两侧必须加“”
#subkeyname="[$]forcedLanguage = [$]app->input->get\('forcedLanguage', '', 'cmd'\);" 匹配模式两侧必须加“”
cat articles.php | grep -En "$subkeyname" 变量名两侧必须加“”
=======================================================================================
以下是在脚本里的示例:
1. 检测包含$, [, ]
#cat articles.php | grep -E "[$]config[[][']filter_fields['][]][[][]] = [']association[']"
2. 检测包含::, __, (, )
#cat articles.php | grep -E "parent::__construct\([$]config\)"
3. 检测包含 ())
#cat articles.php | grep -E "[$]app = JFactory::getApplication\(\)"
4. 检测包含 '单词', '单词'
#cat articles.php | grep -E "'rating_count', 'rating'"
5. 检测包含 空格
#cat articles.php | grep -E "if \(JLanguageAssociations::isEnabled\(\)\)"
6. 检测包含 ; [, ]
#cat articles.php | grep -E "[$]config[[]'filter_fields'[]][[][]] = 'association';"
7. 检测包含 ->
#cat articles.php | grep -E "[$]forcedLanguage = [$]app->input->get\('forcedLanguage',"
8. 检测包含 ('单词'))
#cat articles.php | grep -E "if \([$]layout = [$]app->input->get\('layout'\)\)"
9. 检测包含 '.单词'
#cat articles.php | grep -E "[$]search = [$]this->getUserStateFromRequest\([$]this->context . '.filter.search', 'filter_search'\);"
#cat articles.php | grep -E "[$]id .= ':' . [$]this->getState\('filter.search'\);"
10. 检测包含 连线空格
#cat articles.php | grep -E "[$]db = [$]this->getDbo\(\);"
11. 检测包含 单独句点 .
#cat articles.php | grep -E "', a.state, a.access, a.created, a.created_by, a.created_by_alias, a.modified, a.ordering, a.featured, a.language, a.hits' ."
12. 在脚本里不匹配的示例:
#cat articles.php | grep -E "[$]id .= ':' . [$]this->getState\('filter.search'\);"
原行: $forcedLanguage = $app->input->get('forcedLanguage', '', 'cmd');
这一行也无法匹配:
$this->context .= '.' . $forcedLanguage;
脚本执行报错如下
grep '[$]this->context .= '\''.'\'' . [$]forcedLanguage'
在脚本中执行时,自动在 ' 两侧加入了'\'
阅读(979) | 评论(0) | 转发(0) |
