#!/bin/bash
SCAN_DIR="/path/to/scan"
<p>find "$SCAN_DIR" -type f -executable -print | while read filepath; do
echo "发现可执行文件: $filepath"</p><h1>可进一步调用 file 命令判断实际类型</h1><pre class='brush:php;toolbar:false;'>file_type=$(file "$filepath")
echo "  类型: $file_type"

find "$SCAN_DIR" -type f -name "*.txt" -o -name "*.conf" | \
xargs grep -l "password" 2>/dev/null || echo "未找到匹配项"

import os
import magic  # 需安装 python-magic
import datetime
<p>def scan_files(root_dir, output_log="scan_report.log"):
with open(output<em>log, "w") as log:
for dirpath, </em>, filenames in os.walk(root_dir):
for f in filenames:
filepath = os.path.join(dirpath, f)
try:</p><h1>检查文件权限（例如是否全局可写）</h1><pre class='brush:php;toolbar:false;'>                st = os.stat(filepath)
                perm = oct(st.st_mode)[-3:]
                if perm == '666' or perm == '777':
                    log.write(f"[危险] 全局可读写文件: {filepath} (权限: {perm})\n")

                # 使用magic检测真实文件类型
                mime = magic.from_file(filepath, mime=True)
                if mime == "text/plain":
                    with open(filepath, 'r', errors='ignore') as ff:
                        content = ff.read(1024)  # 读取头部内容
                        if "password" in content.lower():
                            log.write(f"[警告] 文件含敏感词: {filepath}\n")

            except Exception as e:
                log.write(f"[错误] 无法读取 {filepath}: {e}\n")

print(f"扫描完成，报告已保存至 {output_log}")

pip install python-magic