Skip to content

Commit

Permalink
Merge remote-tracking branch 'origin/dev'
Browse files Browse the repository at this point in the history
  • Loading branch information
@Glomberg
Glomberg committed May 7, 2024
2 parents c370363 + 02e2a0e commit 2968a60
Show file tree
Hide file tree
Showing 3 changed files with 71 additions and 15 deletions.
3 changes: 2 additions & 1 deletion HeuristicAnalyser.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -328,6 +328,7 @@ public function processContent()
$this->mathematics->evaluateMathExpressions();
$this->strings->convertToSimple($key);
$this->strings->convertChrFunctionToString($key);
$this->strings->convertFileGetContentsToString($this->path);
}

foreach ( $this->tokens as $key => $_current_token ) {
Expand All @@ -351,7 +352,7 @@ public function processContent()

// Executing decoding functions
// @ToDo there was many false positives!
// $this->transformations->decodeData($key);
$this->transformations->decodeData($key);
}

$this->variables->concatenate(); // Concatenates variable content if it's possible
Expand Down
58 changes: 58 additions & 0 deletions Modules/Strings.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -105,6 +105,64 @@ static function ($elem) {
return false;
}

/**
* Convert file_get_contents(__DIR__ . '/file.example') to gathered content string
*
* @param string $current_file_path
* @return void
*/
public function convertFileGetContentsToString($current_file_path)
{
if (
$this->tokens->current->type === 'T_STRING' &&
$this->tokens->current->value === 'file_get_contents' &&
$this->tokens->next1->value === '('
) {
$start_position = $this->tokens->next1[3];
$closing_bracket_position = $this->tokens->searchForward($start_position, ')');
$tokens_inside_brackets = $this->tokens->getRange($start_position + 1, $closing_bracket_position - 1);

// Check against of nested bracers.
// @ToDo implement nested bracers values calculating
$is_nested_bracers = false;
foreach ( $tokens_inside_brackets as $token ) {
if ( $token->value === '(' ) {
$is_nested_bracers = true;
}
}

if ( $is_nested_bracers ) {
return;
}

// Calculate path string
$path = '';
foreach ($tokens_inside_brackets as $token) {
if ( $token->isTypeOf('could_be_concatenated') ) {
$path .= trim((string)$token->value, '\'');
}
if ( $token->type === 'T_DIR' ) {
$path .= dirname($current_file_path);
}
}

if ( $path && file_exists($path) ) {
// Delete tokens which contained the file_get_contents expression
for ( $i = $start_position; $i <= $closing_bracket_position; $i++ ) {
$this->tokens->unsetTokens($i);
}

// Insert newly calculated token with gathered content string
$this->tokens['current'] = new Token(
'T_LNUMBER',
@file_get_contents($path),
$this->tokens->current->line,
$this->tokens->current->key
);
}
}
}

/**
* Concatenates simple strings with type T_CONSTANT_ENCAPSED_STRING
*
Expand Down
25 changes: 11 additions & 14 deletions Modules/Transformations.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -132,23 +132,20 @@ private function transformHexStringIntoTokens($hex_string)
$data = @hex2bin($data);
}
if ( $data ) {
//tokenize data to from parts
$data = @token_get_all('<?php ' . $data);
//unset unnecessary tokens
$this->tokens->unsetTokens('prev1', 'next1', 'next2', 'next3', 'next4');

//add new tokens to the line
for ( $i = 0; $i < count($data); $i++ ) {
$new_token_value = is_array($data[$i]) && isset($data[$i][1]) ? $data[$i][1] : $data[$i];
$this->tokens['current'] = new Token(
'T_STRING',
'' . $new_token_value . '',
$this->tokens->current->line,
$this->tokens->current->key
);
$this->tokens->next();
if ( $this->tokens->prev1->value === '@' ) {
$this->tokens->unsetTokens($this->tokens->prev1[3]);
}

$this->tokens->unsetTokens('next1', 'next2');

//add new tokens to the line
$this->tokens['current'] = new Token(
'T_CONSTANT_ENCAPSED_STRING',
'"' . $data . '"',
$this->tokens->current->line,
$this->tokens->current->key
);
return true;
}
}
Expand Down

0 comments on commit 2968a60

Please sign in to comment.