===========================================================
.___ __ __
_________________ __ __ __| _/|__|/ |_
/ ___\_` __ \__ \ | | \/ __ | | \\_ __\
/ /_/ > | \// __ \| | / /_/ | | || |
\___ /|__| (____ /____/\____ | |__||__|
/_____/ \/ \/
grep rough audit - static analysis tool
v2.8 written by @Wireghoul
=================================[justanotherhacker.com]===
z-push-2.6.0/tools/gab-sync/gab-sync.php-119-
z-push-2.6.0/tools/gab-sync/gab-sync.php:120: include_once($file);
z-push-2.6.0/tools/gab-sync/gab-sync.php-121-
##############################################
z-push-2.6.0/tools/list-shared-folders.php-37- *
z-push-2.6.0/tools/list-shared-folders.php:38: * php list-shared-folders.php | awk -F',' '$6 == "13" && $7 != "" { system("z-push-admin -a resync -d " $1 " -u " $2 " -t " $5) }'
z-push-2.6.0/tools/list-shared-folders.php-39- * Resynchronizes all shared folders from type calendar (13) that are synchronized already
##############################################
z-push-2.6.0/tools/gab2contacts/gab2contacts.php-111-
z-push-2.6.0/tools/gab2contacts/gab2contacts.php:112: include_once($file);
z-push-2.6.0/tools/gab2contacts/gab2contacts.php-113-
##############################################
z-push-2.6.0/src/include/z_carddav.php-824-
z-push-2.6.0/src/include/z_carddav.php:825: $complete_response = curl_exec($this->curl);
z-push-2.6.0/src/include/z_carddav.php-826- $header_size = curl_getinfo($this->curl, CURLINFO_HEADER_SIZE);
##############################################
z-push-2.6.0/src/include/z_RFC822.php-655-
z-push-2.6.0/src/include/z_RFC822.php:656: if ($this->_validatePhrase($phrase) === false || ($route_addr = $this->_validateRouteAddr($route_addr)) === false) {
z-push-2.6.0/src/include/z_RFC822.php-657- return false;
##############################################
z-push-2.6.0/src/include/z_RFC822.php-703- */
z-push-2.6.0/src/include/z_RFC822.php:704: protected function _validateRouteAddr($route_addr)
z-push-2.6.0/src/include/z_RFC822.php-705- {
##############################################
z-push-2.6.0/src/include/iCalendar.php-141- if (!$inquote && $ch == $sep) {
z-push-2.6.0/src/include/iCalendar.php:142: //var_dump("Found sep `$sep` - Splitting from $cursor to $i from $len.");
z-push-2.6.0/src/include/iCalendar.php-143- // If we reached the maximal number of splits, we cut till the end and stop here.
##############################################
z-push-2.6.0/src/include/z_caldav.php-276- ZLog::Write(LOGLEVEL_WBXML, sprintf("CalDAVClient->DoRequest: '%s' request on %s using:\n%s\n", $method, $url, $content));
z-push-2.6.0/src/include/z_caldav.php:277: $response = curl_exec($this->curl);
z-push-2.6.0/src/include/z_caldav.php-278-// ZLog::Write(LOGLEVEL_DEBUG, sprintf("Reponse:\n%s\n", $response));
##############################################
z-push-2.6.0/src/lib/core/zlog.php-142- if (!class_exists($logger)) {
z-push-2.6.0/src/lib/core/zlog.php:143: $errmsg = 'The configured logging class `'.$logger.'` does not exist. Check your configuration.';
z-push-2.6.0/src/lib/core/zlog.php-144- error_log($errmsg);
##############################################
z-push-2.6.0/src/lib/core/zpush.php-567- ZLog::Write(LOGLEVEL_DEBUG, sprintf("Including backend file: '%s'", $toLoad));
z-push-2.6.0/src/lib/core/zpush.php:568: return include_once($toLoad);
z-push-2.6.0/src/lib/core/zpush.php-569- }
##############################################
z-push-2.6.0/src/lib/core/zpush.php-931- if (is_file($handlerclass))
z-push-2.6.0/src/lib/core/zpush.php:932: include($handlerclass);
z-push-2.6.0/src/lib/core/zpush.php-933-
##############################################
z-push-2.6.0/src/lib/core/topcollector.php-56- $this->latest = array( "pid" => self::$pid,
z-push-2.6.0/src/lib/core/topcollector.php:57: "ip" => Request::GetRemoteAddr(),
z-push-2.6.0/src/lib/core/topcollector.php-58- "user" => self::$user,
##############################################
z-push-2.6.0/src/lib/log/log.php-122- * Check that the current authUser ($this->GetAuthUser) is in the special log user array.
z-push-2.6.0/src/lib/log/log.php:123: * This call is equivalent to `$this->IsUserInSpecialLogUsers($this->GetAuthUser())` at the exception that this
z-push-2.6.0/src/lib/log/log.php-124- * call uses cache so there won't be more than one check to the specialLogUser for the AuthUser.
##############################################
z-push-2.6.0/src/lib/request/getattachment.php-51- self::$topCollector->AnnounceInformation("Starting attachment streaming", true);
z-push-2.6.0/src/lib/request/getattachment.php:52: $l = fpassthru($stream);
z-push-2.6.0/src/lib/request/getattachment.php-53- fclose($stream);
##############################################
z-push-2.6.0/src/lib/request/request.php-511- */
z-push-2.6.0/src/lib/request/request.php:512: static public function GetRemoteAddr() {
z-push-2.6.0/src/lib/request/request.php-513- if (isset(self::$remoteAddr))
##############################################
z-push-2.6.0/src/index.php-51- sprintf("cmd='%s' devType='%s' devId='%s' getUser='%s' from='%s' version='%s' method='%s'",
z-push-2.6.0/src/index.php:52: Request::GetCommand(), Request::GetDeviceType(), Request::GetDeviceID(), Request::GetGETUser(), Request::GetRemoteAddr(), @constant('ZPUSH_VERSION'), Request::GetMethod() ));
z-push-2.6.0/src/index.php-53-
##############################################
z-push-2.6.0/src/index.php-195- if (defined('LOGAUTHFAIL') && LOGAUTHFAIL != false)
z-push-2.6.0/src/index.php:196: ZLog::Write(LOGLEVEL_WARN, sprintf("IP: %s failed to authenticate user '%s'", Request::GetRemoteAddr(), Request::GetAuthUser()? Request::GetAuthUser(): Request::GetGETUser() ));
z-push-2.6.0/src/index.php-197- }
##############################################
z-push-2.6.0/src/index.php-230- number_format(microtime(true) - $_SERVER["REQUEST_TIME_FLOAT"], 2),
z-push-2.6.0/src/index.php:231: Request::GetDeviceType(), Request::GetDeviceID(), Request::GetGETUser(), Request::GetRemoteAddr(),
z-push-2.6.0/src/index.php-232- RequestProcessor::GetWaitTime(), @constant('ZPUSH_VERSION'), Request::GetMethod(), http_response_code() ));
##############################################
z-push-2.6.0/src/z-push-top.php-446- private function readLineProcess() {
z-push-2.6.0/src/z-push-top.php:447: $ans = explode("^^", `bash -c "read -n 1 -t 1 ANS ; echo \\\$?^^\\\$ANS;"`);
z-push-2.6.0/src/z-push-top.php-448-
##############################################
z-push-2.6.0/src/z-push-top.php-526- else {
z-push-2.6.0/src/z-push-top.php:527: system('bash -c "fgrep -a '.escapeshellarg($cmds[1]).' '. LOGFILE .' | less +G" > `tty`');
z-push-2.6.0/src/z-push-top.php-528- $this->status = "Returning from log, updating data";
##############################################
z-push-2.6.0/src/z-push-top.php-542- if (isset($cmds[1])) $secondary = " -n 200 | grep ".escapeshellarg($cmds[1]);
z-push-2.6.0/src/z-push-top.php:543: system('bash -c "tail -f '. LOGFILE . $secondary . '" > `tty`');
z-push-2.6.0/src/z-push-top.php-544- $this->doingTail = false;
##############################################
z-push-2.6.0/src/z-push-top.php-559- if (isset($cmds[1])) $secondary = " -n 200 | grep ".escapeshellarg($cmds[1]);
z-push-2.6.0/src/z-push-top.php:560: system('bash -c "tail -f '. LOGERRORFILE . $secondary . '" > `tty`');
z-push-2.6.0/src/z-push-top.php-561- $this->doingTail = false;
##############################################
z-push-2.6.0/src/version.php-27- $path = escapeshellarg(dirname(realpath($_SERVER['SCRIPT_FILENAME'])));
z-push-2.6.0/src/version.php:28: $branch = trim(exec("hash git 2>/dev/null && cd $path >/dev/null 2>&1 && git branch --no-color 2>/dev/null | sed -e '/^[^*]/d' -e \"s/* \(.*\)/\\1/\""));
z-push-2.6.0/src/version.php:29: $version = exec("hash git 2>/dev/null && cd $path >/dev/null 2>&1 && git describe --always 2>/dev/null");
z-push-2.6.0/src/version.php-30- if ($branch && $version) {
##############################################
z-push-2.6.0/src/backend/imap/Mail/sendmail.php-187-
z-push-2.6.0/src/backend/imap/Mail/sendmail.php:188: $mail = @popen($this->sendmail_path . (!empty($this->sendmail_args) ? ' ' . $this->sendmail_args : '') . " -f$from -- $recipients", 'w');
z-push-2.6.0/src/backend/imap/Mail/sendmail.php-189- if (!$mail) {
##############################################
z-push-2.6.0/src/backend/imap/Auth/SASL.php-127-
z-push-2.6.0/src/backend/imap/Auth/SASL.php:128: require_once($filename);
z-push-2.6.0/src/backend/imap/Auth/SASL.php-129- if (isset($parameter))
##############################################
z-push-2.6.0/src/backend/imap/imap.php-238- $this->setFromHeaderValue($message->headers);
z-push-2.6.0/src/backend/imap/imap.php:239: $fromaddr = $this->parseAddr($Mail_RFC822->parseAddressList($message->headers["from"]));
z-push-2.6.0/src/backend/imap/imap.php-240-
z-push-2.6.0/src/backend/imap/imap.php-241- if (isset($message->headers["to"])) {
z-push-2.6.0/src/backend/imap/imap.php:242: $toaddr = $this->parseAddr($Mail_RFC822->parseAddressList($message->headers["to"]));
z-push-2.6.0/src/backend/imap/imap.php-243- ZLog::Write(LOGLEVEL_DEBUG, sprintf("BackendIMAP->SendMail(): To defined: %s", $toaddr));
##############################################
z-push-2.6.0/src/backend/imap/imap.php-2390- */
z-push-2.6.0/src/backend/imap/imap.php:2391: protected function parseAddr($ad) {
z-push-2.6.0/src/backend/imap/imap.php-2392- $addr_string = "";
##############################################
z-push-2.6.0/src/backend/stickynote/stickynote.php-198- array_push($_param, $this->_user, $this->_domain, $cutoffdate);
z-push-2.6.0/src/backend/stickynote/stickynote.php:199: $this->_result = pg_query_params($this->_dbconn, "select ordinal, extract(epoch from modified)::integer from note where modified <= timestamptz 'epoch' + $3 * interval '1 second' and login=$1 and domain=$2 and deleted is false", $_param);
z-push-2.6.0/src/backend/stickynote/stickynote.php-200- } else {
z-push-2.6.0/src/backend/stickynote/stickynote.php-201- array_push($_param, $this->_user, $this->_domain);
z-push-2.6.0/src/backend/stickynote/stickynote.php:202: $this->_result = pg_query_params($this->_dbconn, "select ordinal, extract(epoch from modified)::integer from note where login=$1 and domain=$2 and deleted is false", $_param);
z-push-2.6.0/src/backend/stickynote/stickynote.php-203- }
##############################################
z-push-2.6.0/src/backend/stickynote/stickynote.php-232-
z-push-2.6.0/src/backend/stickynote/stickynote.php:233: $this->_result = pg_query_params($this->_dbconn, "select *, extract(epoch from modified)::integer as changed from note where ordinal = $1 and login = $2 and domain = $3 and deleted is false", $_params);
z-push-2.6.0/src/backend/stickynote/stickynote.php-234- if (pg_result_status($this->_result) != PGSQL_TUPLES_OK) {
##############################################
z-push-2.6.0/src/backend/stickynote/stickynote.php-263- array_push($_params, $id);
z-push-2.6.0/src/backend/stickynote/stickynote.php:264: $this->_result = pg_query_params($this->_dbconn, "select tag from categories where ordinal=$1", $_params);
z-push-2.6.0/src/backend/stickynote/stickynote.php-265- $_affected = pg_affected_rows($this->_result);
##############################################
z-push-2.6.0/src/backend/stickynote/stickynote.php-287- array_push($_params, $id, $this->_user, $this->_domain);
z-push-2.6.0/src/backend/stickynote/stickynote.php:288: $this->_result = pg_query_params($this->_dbconn, "select extract(epoch from modified)::integer from note where ordinal=$1 and login=$2 and domain=$3 and deleted is false", $_params);
z-push-2.6.0/src/backend/stickynote/stickynote.php-289- if (pg_result_status($this->_result) != PGSQL_TUPLES_OK) {
##############################################
z-push-2.6.0/src/backend/stickynote/stickynote.php-374- array_push($_params, $message->subject, $_contents, $id, $this->_user, $this->_domain);
z-push-2.6.0/src/backend/stickynote/stickynote.php:375: $this->_result = pg_query_params($this->_dbconn, "update note set subject=$1, content=$2, modified=now() where ordinal=$3 and login=$4 and domain=$5", $_params);
z-push-2.6.0/src/backend/stickynote/stickynote.php-376- if (pg_result_status($this->_result) != PGSQL_COMMAND_OK) {
##############################################
z-push-2.6.0/src/backend/stickynote/stickynote.php-388- array_push($_params, $id);
z-push-2.6.0/src/backend/stickynote/stickynote.php:389: $this->_result = pg_query_params($this->_dbconn, "delete from categories where ordinal=$1", $_params);
z-push-2.6.0/src/backend/stickynote/stickynote.php-390- if (pg_result_status($this->_result) != PGSQL_COMMAND_OK) {
##############################################
z-push-2.6.0/src/backend/stickynote/stickynote.php-444- if (defined('STICKYNOTE_REALLYDELETE')) {
z-push-2.6.0/src/backend/stickynote/stickynote.php:445: $this->_result = pg_query_params($this->_dbconn, "delete from note where ordinal=$1 and login=$2 and domain=$3");
z-push-2.6.0/src/backend/stickynote/stickynote.php-446- if (pg_affected_rows($this->_result) != 1) {
##############################################
z-push-2.6.0/src/backend/stickynote/stickynote.php-451- } else {
z-push-2.6.0/src/backend/stickynote/stickynote.php:452: $this->_result = pg_query_params($this->_dbconn, "update note set deleted = true where ordinal=$1 and login=$2 and domain=$3", $_params);
z-push-2.6.0/src/backend/stickynote/stickynote.php-453- if (pg_affected_rows($this->_result) != 1) {
##############################################
z-push-2.6.0/src/backend/stickynote/stickynote.php-520- array_push($_param, $this->_user, $this->_domain);
z-push-2.6.0/src/backend/stickynote/stickynote.php:521: $this->_result = pg_query_params($this->_dbconn, "select extract(epoch from modified)::integer from note where login=$1 and domain=$2 and deleted is false order by modified desc limit 1", $_param);
z-push-2.6.0/src/backend/stickynote/stickynote.php-522- if (pg_result_status($this->_result) != PGSQL_TUPLES_OK) {
##############################################
z-push-2.6.0/src/backend/sqlstatemachine/sqlstatemachine.php-182- $params = $this->getParams($devid, $type, $key, $counter);
z-push-2.6.0/src/backend/sqlstatemachine/sqlstatemachine.php:183: $sql = "SELECT state_data FROM {$this->states_table} WHERE device_id = :devid AND state_type = :type AND uuid". $this->getSQLOp($params, ':key') ." AND counter = :counter";
z-push-2.6.0/src/backend/sqlstatemachine/sqlstatemachine.php-184-
##############################################
z-push-2.6.0/src/backend/sqlstatemachine/sqlstatemachine.php-235- $params = $this->getParams($devid, $type, $key, $counter);
z-push-2.6.0/src/backend/sqlstatemachine/sqlstatemachine.php:236: $sql = "SELECT device_id FROM {$this->states_table} WHERE device_id = :devid AND state_type = :type AND uuid". $this->getSQLOp($params, ':key') ." AND counter = :counter";
z-push-2.6.0/src/backend/sqlstatemachine/sqlstatemachine.php-237-
##############################################
z-push-2.6.0/src/backend/sqlstatemachine/sqlstatemachine.php-255- // Existing record, we update it
z-push-2.6.0/src/backend/sqlstatemachine/sqlstatemachine.php:256: $sql = "UPDATE {$this->states_table} SET state_data = :data, updated_at = :updated_at WHERE device_id = :devid AND state_type = :type AND uuid ". $this->getSQLOp($params, ':key') ." AND counter = :counter";
z-push-2.6.0/src/backend/sqlstatemachine/sqlstatemachine.php-257-
##############################################
z-push-2.6.0/src/backend/sqlstatemachine/sqlstatemachine.php-307- // Remove all the states. Counter are 0 or >0, then deleting >= 0 deletes all
z-push-2.6.0/src/backend/sqlstatemachine/sqlstatemachine.php:308: $sql = "DELETE FROM {$this->states_table} WHERE device_id = :devid AND state_type = :type AND uuid". $this->getSQLOp($params, ':key') ." AND counter >= :counter";
z-push-2.6.0/src/backend/sqlstatemachine/sqlstatemachine.php-309- }
z-push-2.6.0/src/backend/sqlstatemachine/sqlstatemachine.php-310- else if ($counter !== false && $thisCounterOnly === true) {
z-push-2.6.0/src/backend/sqlstatemachine/sqlstatemachine.php:311: $sql = "DELETE FROM {$this->states_table} WHERE device_id = :devid AND state_type = :type AND uuid". $this->getSQLOp($params, ':key') ." AND counter = :counter";
z-push-2.6.0/src/backend/sqlstatemachine/sqlstatemachine.php-312- }
z-push-2.6.0/src/backend/sqlstatemachine/sqlstatemachine.php-313- else {
z-push-2.6.0/src/backend/sqlstatemachine/sqlstatemachine.php:314: $sql = "DELETE FROM {$this->states_table} WHERE device_id = :devid AND state_type = :type AND uuid". $this->getSQLOp($params, ':key') ." AND counter < :counter";
z-push-2.6.0/src/backend/sqlstatemachine/sqlstatemachine.php-315- }
##############################################
z-push-2.6.0/src/backend/sqlstatemachine/sqlstatemachine.php-701- if (!isset($this->stateHashStatement) || $this->stateHashStatement == null) {
z-push-2.6.0/src/backend/sqlstatemachine/sqlstatemachine.php:702: $sql = "SELECT updated_at FROM {$this->states_table} WHERE device_id = :devid AND state_type = :type AND uuid ". $this->getSQLOp($params, $key) ." AND counter = :counter";
z-push-2.6.0/src/backend/sqlstatemachine/sqlstatemachine.php-703- $this->stateHashStatement = $this->getDbh()->prepare($sql);
##############################################
z-push-2.6.0/src/backend/kopano/kopano.php-31-if ($config_path !== false) {
z-push-2.6.0/src/backend/kopano/kopano.php:32: require_once($config_path);
z-push-2.6.0/src/backend/kopano/kopano.php-33-}
##############################################
z-push-2.6.0/.pc/Set-absolute-path-to-z-push-in-gab2contacts.patch/tools/gab2contacts/gab2contacts.php-111-
z-push-2.6.0/.pc/Set-absolute-path-to-z-push-in-gab2contacts.patch/tools/gab2contacts/gab2contacts.php:112: include_once($file);
z-push-2.6.0/.pc/Set-absolute-path-to-z-push-in-gab2contacts.patch/tools/gab2contacts/gab2contacts.php-113-
##############################################
z-push-2.6.0/.pc/Set-absolute-path-to-z-push-in-gab-sync.patch/tools/gab-sync/gab-sync.php-119-
z-push-2.6.0/.pc/Set-absolute-path-to-z-push-in-gab-sync.patch/tools/gab-sync/gab-sync.php:120: include_once($file);
z-push-2.6.0/.pc/Set-absolute-path-to-z-push-in-gab-sync.patch/tools/gab-sync/gab-sync.php-121-