Last active
March 11, 2019 17:21
-
-
Save MantisSTS/6c9ec57ea8b330843e3eae6df170b386 to your computer and use it in GitHub Desktop.
Find High Entropy Strings in Web Pages
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| class Entropy { | |
| protected $minEntropy = 30; | |
| protected $minStrLength = 12; | |
| protected $found = []; | |
| protected $chars = []; | |
| protected $fileContents = []; | |
| protected $plusWeight = 5; | |
| protected $prevChar = 5; | |
| protected $prevGroup = 2; | |
| public function __construct($minEntropy = 30, $minStrLength = 12) { | |
| $this->minEntropy = $minEntropy; | |
| $this->minStrLength = $minStrLength; | |
| $upperChars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'; | |
| $lowerChars = 'abcdefghijklmnopqrstuvwxyz'; | |
| $digits = '0123456789'; | |
| $special = '!"£$%^&*()_+-={}[]:@~;\'#<>,.?|\\'; | |
| $hex = 'ABCDEF0123456789abcdef'; | |
| $this->chars['upper'] = str_split($upperChars); | |
| $this->chars['lower'] = str_split($lowerChars); | |
| $this->chars['digits'] = str_split($digits); | |
| $this->chars['special'] = str_split($special); | |
| $this->chars['hex'] = str_split($hex); | |
| return $this; | |
| } | |
| public function loadFile($file) { | |
| if(strtolower(substr($file, 0, 4)) === 'http') { | |
| $ch = curl_init(); | |
| curl_setopt($ch, CURLOPT_URL, $file); | |
| curl_setopt($ch, CURLOPT_FOLLOWLOCATION, $file); | |
| curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); | |
| $data = curl_exec($ch); | |
| $this->fileContents[] = $data; | |
| } else { | |
| $this->fileContents[] = file_get_contents($file); | |
| } | |
| return $this; | |
| } | |
| public function findEntropy() { | |
| $final = []; | |
| if(!empty($this->fileContents)) { | |
| foreach($this->fileContents as $data) { | |
| $matches = []; | |
| preg_match_all('/([a-zA-Z0-9=._+-\/]{'.$this->minStrLength.',})/i', $data, $matches); | |
| if(!empty($matches)) { | |
| foreach($matches[0] as $match) { | |
| $entropy = 0; | |
| $charEntropyArr = str_split($match); | |
| foreach($charEntropyArr as $key => $char) { | |
| $idx = ($key == 0 ? 0 : $key - 1); | |
| $prev = $charEntropyArr[$idx]; | |
| foreach($this->chars as $key => $charGroup) { | |
| if(in_array($char, $this->chars[$key])) { | |
| $entropy += $this->plusWeight; | |
| // Check if it was in the same as the previous character's group | |
| if(!in_array($prev, $this->chars[$key])) { | |
| if($prev == $char) { | |
| $entropy -= $this->prevChar; | |
| } else { | |
| $entropy -= $this->prevGroup; | |
| } | |
| } | |
| } | |
| } | |
| } | |
| $this->found[] = ['string' => $match, 'entropy' => $entropy]; | |
| } | |
| } | |
| } | |
| } | |
| $return = []; | |
| if(!empty($this->found)) { | |
| foreach($this->found as $found) { | |
| if($found['entropy'] >= $this->minEntropy) { | |
| $return[] = $found; | |
| } | |
| } | |
| } | |
| return $return; | |
| } | |
| } | |
| $entropy = new Entropy(220, 20); | |
| $found = $entropy->loadFile('http://writing-backend.playground.easybib.com/config')->findEntropy(); | |
| foreach($found as $f) { | |
| printf("%s has the entropy of %d\n", $f['string'], $f['entropy']); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment