diff --git a/src/ai-bolit.php b/src/ai-bolit.php index b196ba7..1b3e229 100644 --- a/src/ai-bolit.php +++ b/src/ai-bolit.php @@ -841,7 +841,7 @@ function hsig(id) { echo "#####################################################\n"; } -define('AI_VERSION', '20151014_BEGET'); +define('AI_VERSION', '20151019_BEGET'); //////////////////////////////////////////////////////////////////////////// @@ -1868,6 +1868,10 @@ function needIgnore($par_FN, $par_CRC) { return false; } +function makeSafeFn($par_Str) { + return htmlspecialchars($par_Str, ENT_SUBSTITUTE | ENT_QUOTES); +} + /////////////////////////////////////////////////////////////////////////// function printList($par_List, $par_Details = null, $par_NeedIgnore = false, $par_SigId = null, $par_TableName = null) { global $g_Structure, $g_NoPrefix, $g_AddPrefix; @@ -1930,9 +1934,9 @@ function printList($par_List, $par_Details = null, $par_NeedIgnore = false, $par if (is_file($g_Structure['n'][$l_Pos])) { // $l_Result .= '
' . $g_Structure['n'][$l_Pos] . '
' . $l_Body . ''; - $l_Result .= '
' . $g_AddPrefix . str_replace($g_NoPrefix, '', $g_Structure['n'][$l_Pos]) . '
' . $l_Body . ''; + $l_Result .= '
' . makeSafeFn($g_AddPrefix . str_replace($g_NoPrefix, '', $g_Structure['n'][$l_Pos])) . '
' . $l_Body . ''; } else { - $l_Result .= '
' . $g_AddPrefix . str_replace($g_NoPrefix, '', $g_Structure['n'][$par_List[$i]]) . '
'; + $l_Result .= '
' . makeSafeFn($g_AddPrefix . str_replace($g_NoPrefix, '', $g_Structure['n'][$par_List[$i]])) . '
'; } $l_Result .= '
' . $l_Creat . '
'; @@ -2224,7 +2228,7 @@ function getFragment($par_Content, $par_Pos) { '__AI_MARKER__' . substr($par_Content, $par_Pos, $l_RightPos - $par_Pos - 1); - $l_Res = htmlspecialchars(UnwrapObfu($l_Res), ENT_COMPAT|ENT_IGNORE); + $l_Res = makeSafeFn(UnwrapObfu($l_Res)); $l_Res = str_replace('~', 'ยท', $l_Res); return $l_Res; @@ -3634,7 +3638,7 @@ function CriticalPHP($l_FN, $l_Index, $l_Content, &$l_Pos, &$l_SigId) if (count($g_Vulnerable) > 0) { $l_Result .= '
' . AI_STR_081 . ' (' . count($g_Vulnerable) . ')
'; foreach ($g_Vulnerable as $l_Item) { - $l_Result .= '
  • ' . $g_Structure['n'][$l_Item['ndx']] . ' - ' . $l_Item['id'] . '
    • '; + $l_Result .= '
  • ' . makeSafeFn($g_Structure['n'][$l_Item['ndx']]) . ' - ' . $l_Item['id'] . '
    • '; $l_PlainResult .= 'VULNERABILITY: ' . $g_Structure['n'][$l_Item['ndx']] . ' - ' . $l_Item['id'] . "\n"; } @@ -3680,7 +3684,7 @@ function CriticalPHP($l_FN, $l_Index, $l_Content, &$l_Pos, &$l_SigId) if (count($g_UnixExec) > 0) { $l_Result .= '
    ' . AI_STR_019 . ' (' . count($g_UnixExec) . ')
    '; - $l_Result .= implode("
    ", $g_UnixExec); + $l_Result .= implode("
    ", makeSafeFn($g_UnixExec)); $l_PlainResult .= implode("\n", $g_UnixExec); $l_Result .= "
    " . PHP_EOL; @@ -3730,7 +3734,7 @@ function CriticalPHP($l_FN, $l_Index, $l_Content, &$l_Pos, &$l_SigId) if (count($g_SymLinks) > 0) { $l_Result .= '
    ' . AI_STR_022 . ' (' . count($g_SymLinks) . ')
    '; - $l_Result .= implode("
    ", $g_SymLinks); + $l_Result .= implode("
    ", makeSafeFn($g_SymLinks)); $l_Result .= "
    "; } @@ -3743,7 +3747,7 @@ function CriticalPHP($l_FN, $l_Index, $l_Content, &$l_Pos, &$l_SigId) if (count($g_HeuristicDetected) > 0) { $l_Result .= '
    ' . AI_STR_052 . ' (' . count($g_HeuristicDetected) . ')
    '; for ($i = 0; $i < count($g_HeuristicDetected); $i++) { - $l_Result .= '
  • ' . $g_Structure['n'][$g_HeuristicDetected[$i]] . ' (' . get_descr_heur($g_HeuristicType[$i]) . ')
    • '; + $l_Result .= '
  • ' . makeSafeFn($g_Structure['n'][$g_HeuristicDetected[$i]]) . ' (' . get_descr_heur($g_HeuristicType[$i]) . ')
    • '; } $l_Result .= '
    ' . PHP_EOL; @@ -3754,7 +3758,7 @@ function CriticalPHP($l_FN, $l_Index, $l_Content, &$l_Pos, &$l_SigId) stdOut("Building list of hidden files " . count($g_HiddenFiles)); if (count($g_HiddenFiles) > 0) { $l_Result .= '
    ' . AI_STR_023 . ' (' . count($g_HiddenFiles) . ')
    '; - $l_Result .= implode("
    ", $g_HiddenFiles); + $l_Result .= implode("
    ", makeSafeFn($g_HiddenFiles)); $l_Result .= "
    " . PHP_EOL; } @@ -3807,7 +3811,7 @@ function CriticalPHP($l_FN, $l_Index, $l_Content, &$l_Pos, &$l_SigId) for ($i = 0; $i < count($g_EmptyLink); $i++) { $l_Idx = $g_EmptyLink[$i]; for ($j = 0; $j < count($g_EmptyLinkSrc[$l_Idx]); $j++) { - $l_Result .= '' . $g_Structure['n'][$g_EmptyLink[$i]] . ' → ' . htmlspecialchars($g_EmptyLinkSrc[$l_Idx][$j]) . '
    '; + $l_Result .= '' . makeSafeFn($g_Structure['n'][$g_EmptyLink[$i]]) . ' → ' . htmlspecialchars($g_EmptyLinkSrc[$l_Idx][$j]) . '
    '; } } @@ -3846,13 +3850,13 @@ function CriticalPHP($l_FN, $l_Index, $l_Content, &$l_Pos, &$l_SigId) stdOut("Building list of skipped dirs " . count($g_SkippedFolders)); if (count($g_SkippedFolders) > 0) { $l_Result .= '
    ' . AI_STR_036 . '
    '; - $l_Result .= implode("
    ", $g_SkippedFolders); + $l_Result .= implode("
    ", makeSafeFn($g_SkippedFolders)); $l_Result .= "
    " . PHP_EOL; } */ if (count($g_CMS) > 0) { $l_Result .= "
    " . AI_STR_037 . "
    "; - $l_Result .= implode("
    ", $g_CMS); + $l_Result .= implode("
    ", makeSafeFn($g_CMS)); $l_Result .= "
    "; }