mirror of
https://github.com/scr34m/php-malware-scanner.git
synced 2026-06-16 12:30:35 +00:00
Few improvements to make library like behaving to be composer friendly
This commit is contained in:
Gabor Gyorvari
21
composer.json
Normal file
21
composer.json
Normal file
@@ -0,0 +1,21 @@
|
||||
{
|
||||
"name": "scr34m/php-malware-scanner",
|
||||
"description": "Scans PHP files for malwares and known threats",
|
||||
"license": "GPL-3.0",
|
||||
"repositories": [
|
||||
{
|
||||
"type": "package",
|
||||
"package": {
|
||||
"name": "scr34m/php-malware-scanner",
|
||||
"version": "dev-master",
|
||||
"source": {
|
||||
"url": "git://github.com:scr34m/php-malware-scanner.git",
|
||||
"type": "git",
|
||||
"reference": "master"
|
||||
},
|
||||
"autoload": {
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
148
scan.php
148
scan.php
@@ -26,7 +26,7 @@ class MalwareScanner
|
||||
private $ANSI_OFF = "\033[0m";
|
||||
|
||||
private $dir = '';
|
||||
private $extension = array ('.php');
|
||||
private $extension = array('.php');
|
||||
private $flagBase64 = false;
|
||||
private $flagChecksum = false;
|
||||
private $flagComments = false;
|
||||
@@ -52,14 +52,28 @@ class MalwareScanner
|
||||
private $patterns_b64functions = array();
|
||||
private $patterns_b64keywords = array();
|
||||
|
||||
//Constructor - Likes to do as little as possible.
|
||||
public function __construct()
|
||||
/**
|
||||
* MalwareScanner constructor.
|
||||
*
|
||||
* @param bool $cli defines its calling from commandline or using as a library, default is true
|
||||
*/
|
||||
public function __construct($cli = true)
|
||||
{
|
||||
//Read Run Options
|
||||
$this->parseArgs();
|
||||
if ($cli === true) {
|
||||
//Read Run Options
|
||||
$this->parseArgs();
|
||||
|
||||
//Initiate Scan
|
||||
$this->run($this->dir);
|
||||
//Make sure a directory was specified.
|
||||
if ($this->dir === '') {
|
||||
$this->error('No directory specified');
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
//Initiate Scan
|
||||
if (!$this->run($this->dir)) {
|
||||
exit(-1);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
//Allows the -n/--no-color flag to easily remove color characters.
|
||||
@@ -79,7 +93,6 @@ class MalwareScanner
|
||||
echo $this->ANSI_RED . 'Error: ' . $msg . $this->ANSI_OFF . PHP_EOL;
|
||||
$this->showHelp();
|
||||
echo PHP_EOL . $this->ANSI_RED . 'Quiting' . PHP_EOL;
|
||||
exit(-1);
|
||||
}
|
||||
|
||||
//Handles pattern loading and saving to the class object
|
||||
@@ -203,61 +216,121 @@ class MalwareScanner
|
||||
if (!is_array($a)) {
|
||||
$a = array($a);
|
||||
}
|
||||
$this->extension = array();
|
||||
foreach ($a as $ext) {
|
||||
if ($ext[0] != '.') {
|
||||
$ext = '.' . $ext;
|
||||
}
|
||||
$this->extension[] = strtolower($ext);
|
||||
}
|
||||
$this->setExtensions($a);
|
||||
}
|
||||
if (isset($options['ignore']) || isset($options['i'])) {
|
||||
$tmp = isset($options['ignore']) ? $options['ignore'] : $options['i'];
|
||||
$this->ignore = is_array($tmp) ? $tmp : array($tmp);
|
||||
$this->setIgnore(is_array($tmp) ? $tmp : array($tmp));
|
||||
}
|
||||
|
||||
//Simple Flag Options
|
||||
if (isset($options['all-output']) || isset($options['a'])) {
|
||||
$this->flagChecksum = true;
|
||||
$this->flagComments = true;
|
||||
$this->flagPattern = true;
|
||||
$this->flagTime = true;
|
||||
$this->setFlagChecksum(true);
|
||||
$this->setFlagComments(true);
|
||||
$this->setFlagPattern(true);
|
||||
$this->setFlagTime(true);
|
||||
}
|
||||
if (isset($options['base64']) || isset($options['b'])) {
|
||||
$this->flagBase64 = true;
|
||||
$this->setFlagBase64(true);
|
||||
}
|
||||
if (isset($options['checksum']) || isset($options['m'])) {
|
||||
$this->flagChecksum = true;
|
||||
$this->setFlagChecksum(true);
|
||||
}
|
||||
if (isset($options['comment']) || isset($options['c'])) {
|
||||
$this->flagComments = true;
|
||||
$this->setFlagComments(true);
|
||||
}
|
||||
if (isset($options['extra-check']) || isset($options['x'])) {
|
||||
$this->extraCheck = true;
|
||||
$this->setFlagExtraCheck(true);
|
||||
}
|
||||
if (isset($options['follow-symlink']) || isset($options['l'])) {
|
||||
$this->followSymlink = true;
|
||||
$this->setFlagFollowSymlink(true);
|
||||
}
|
||||
if (isset($options['hide-ok']) || isset($options['k'])) {
|
||||
$this->flagHideOk = true;
|
||||
$this->setFlagHideOk(true);
|
||||
}
|
||||
if (isset($options['hide-whitelist']) || isset($options['w'])) {
|
||||
$this->flagHideWhitelist = true;
|
||||
$this->setFlagHideWhitelist(true);
|
||||
}
|
||||
if (isset($options['no-color']) || isset($options['n'])) {
|
||||
$this->disableColor();
|
||||
}
|
||||
if (isset($options['no-stop']) || isset($options['s'])) {
|
||||
$this->flagNoStop = true;
|
||||
$this->setFlagNoStop(true);
|
||||
}
|
||||
if (isset($options['pattern']) || isset($options['p'])) {
|
||||
$this->flagPattern = true;
|
||||
$this->setFlagPattern(true);
|
||||
}
|
||||
if (isset($options['time']) || isset($options['t'])) {
|
||||
$this->flagTime = true;
|
||||
$this->setFlagTime(true);
|
||||
}
|
||||
}
|
||||
|
||||
public function setExtensions(array $a)
|
||||
{
|
||||
$this->extension = array();
|
||||
foreach ($a as $ext) {
|
||||
if ($ext[0] != '.') {
|
||||
$ext = '.' . $ext;
|
||||
}
|
||||
$this->extension[] = strtolower($ext);
|
||||
}
|
||||
}
|
||||
|
||||
public function setIgnore(array $a)
|
||||
{
|
||||
$this->ignore = $a;
|
||||
}
|
||||
|
||||
public function setFlagChecksum($b)
|
||||
{
|
||||
$this->flagChecksum = $b;
|
||||
}
|
||||
|
||||
public function setFlagComments($b)
|
||||
{
|
||||
$this->flagComments = $b;
|
||||
}
|
||||
|
||||
public function setFlagPattern($b)
|
||||
{
|
||||
$this->flagPattern = $b;
|
||||
}
|
||||
|
||||
public function setFlagTime($b)
|
||||
{
|
||||
$this->flagTime = $b;
|
||||
}
|
||||
|
||||
public function setFlagBase64($b)
|
||||
{
|
||||
$this->flagBase64 = $b;
|
||||
}
|
||||
|
||||
public function setFlagExtraCheck($b)
|
||||
{
|
||||
$this->extraCheck = $b;
|
||||
}
|
||||
|
||||
public function setFlagFollowSymlink($b)
|
||||
{
|
||||
$this->followSymlink = $b;
|
||||
}
|
||||
|
||||
public function setFlagHideOk($b)
|
||||
{
|
||||
$this->flagHideOk = $b;
|
||||
}
|
||||
|
||||
public function setFlagHideWhitelist($b)
|
||||
{
|
||||
$this->flagHideWhitelist = $b;
|
||||
}
|
||||
|
||||
public function setFlagNoStop($b)
|
||||
{
|
||||
$this->flagNoStop = $b;
|
||||
}
|
||||
|
||||
// @see http://stackoverflow.com/a/13914119
|
||||
private function pathMatches($path, $pattern, $ignoreCase = false)
|
||||
{
|
||||
@@ -401,17 +474,13 @@ class MalwareScanner
|
||||
//Validates the input directory
|
||||
//Calls the load pattern and load whitelist functions
|
||||
//Calls the process and report functions.
|
||||
private function run($dir)
|
||||
public function run($dir)
|
||||
{
|
||||
//Make sure a directory was specified.
|
||||
if ($this->dir === '') {
|
||||
$this->error('No directory specified');
|
||||
}
|
||||
|
||||
//Make sure the input is a valid directory path.
|
||||
$dir = rtrim($dir, '/');
|
||||
if (!is_dir($dir)) {
|
||||
$this->error('Specified path is not a directory: ' . $dir);
|
||||
return false;
|
||||
}
|
||||
|
||||
//Load Patterns
|
||||
@@ -423,6 +492,7 @@ class MalwareScanner
|
||||
$start = time();
|
||||
$this->process($dir . '/');
|
||||
$this->report($start, $dir . '/');
|
||||
return true;
|
||||
}
|
||||
|
||||
//Loads target file contents for scanning
|
||||
@@ -531,5 +601,7 @@ class MalwareScanner
|
||||
|
||||
}
|
||||
|
||||
//Creates a new MalwareScanner object which does all the work.
|
||||
new MalwareScanner();
|
||||
// script it's self called and not included
|
||||
if (isset($argv[0]) && realpath($argv[0]) == realpath(__FILE__)) {
|
||||
new MalwareScanner();
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user