Few improvements to make library like behaving to be composer friendly

This commit is contained in:
Gabor Gyorvari
2018-03-02 19:28:03 +01:00
parent c91819e22f
commit 072189bd8e
2 changed files with 131 additions and 38 deletions

21
composer.json Normal file
View File

@@ -0,0 +1,21 @@
{
"name": "scr34m/php-malware-scanner",
"description": "Scans PHP files for malwares and known threats",
"license": "GPL-3.0",
"repositories": [
{
"type": "package",
"package": {
"name": "scr34m/php-malware-scanner",
"version": "dev-master",
"source": {
"url": "git://github.com:scr34m/php-malware-scanner.git",
"type": "git",
"reference": "master"
},
"autoload": {
}
}
}
]
}

162
scan.php
View File

@@ -52,14 +52,28 @@ class MalwareScanner
private $patterns_b64functions = array(); private $patterns_b64functions = array();
private $patterns_b64keywords = array(); private $patterns_b64keywords = array();
//Constructor - Likes to do as little as possible. /**
public function __construct() * MalwareScanner constructor.
*
* @param bool $cli defines its calling from commandline or using as a library, default is true
*/
public function __construct($cli = true)
{ {
if ($cli === true) {
//Read Run Options //Read Run Options
$this->parseArgs(); $this->parseArgs();
//Make sure a directory was specified.
if ($this->dir === '') {
$this->error('No directory specified');
exit(-1);
}
//Initiate Scan //Initiate Scan
$this->run($this->dir); if (!$this->run($this->dir)) {
exit(-1);
}
}
} }
//Allows the -n/--no-color flag to easily remove color characters. //Allows the -n/--no-color flag to easily remove color characters.
@@ -79,7 +93,6 @@ class MalwareScanner
echo $this->ANSI_RED . 'Error: ' . $msg . $this->ANSI_OFF . PHP_EOL; echo $this->ANSI_RED . 'Error: ' . $msg . $this->ANSI_OFF . PHP_EOL;
$this->showHelp(); $this->showHelp();
echo PHP_EOL . $this->ANSI_RED . 'Quiting' . PHP_EOL; echo PHP_EOL . $this->ANSI_RED . 'Quiting' . PHP_EOL;
exit(-1);
} }
//Handles pattern loading and saving to the class object //Handles pattern loading and saving to the class object
@@ -203,6 +216,57 @@ class MalwareScanner
if (!is_array($a)) { if (!is_array($a)) {
$a = array($a); $a = array($a);
} }
$this->setExtensions($a);
}
if (isset($options['ignore']) || isset($options['i'])) {
$tmp = isset($options['ignore']) ? $options['ignore'] : $options['i'];
$this->setIgnore(is_array($tmp) ? $tmp : array($tmp));
}
//Simple Flag Options
if (isset($options['all-output']) || isset($options['a'])) {
$this->setFlagChecksum(true);
$this->setFlagComments(true);
$this->setFlagPattern(true);
$this->setFlagTime(true);
}
if (isset($options['base64']) || isset($options['b'])) {
$this->setFlagBase64(true);
}
if (isset($options['checksum']) || isset($options['m'])) {
$this->setFlagChecksum(true);
}
if (isset($options['comment']) || isset($options['c'])) {
$this->setFlagComments(true);
}
if (isset($options['extra-check']) || isset($options['x'])) {
$this->setFlagExtraCheck(true);
}
if (isset($options['follow-symlink']) || isset($options['l'])) {
$this->setFlagFollowSymlink(true);
}
if (isset($options['hide-ok']) || isset($options['k'])) {
$this->setFlagHideOk(true);
}
if (isset($options['hide-whitelist']) || isset($options['w'])) {
$this->setFlagHideWhitelist(true);
}
if (isset($options['no-color']) || isset($options['n'])) {
$this->disableColor();
}
if (isset($options['no-stop']) || isset($options['s'])) {
$this->setFlagNoStop(true);
}
if (isset($options['pattern']) || isset($options['p'])) {
$this->setFlagPattern(true);
}
if (isset($options['time']) || isset($options['t'])) {
$this->setFlagTime(true);
}
}
public function setExtensions(array $a)
{
$this->extension = array(); $this->extension = array();
foreach ($a as $ext) { foreach ($a as $ext) {
if ($ext[0] != '.') { if ($ext[0] != '.') {
@@ -211,51 +275,60 @@ class MalwareScanner
$this->extension[] = strtolower($ext); $this->extension[] = strtolower($ext);
} }
} }
if (isset($options['ignore']) || isset($options['i'])) {
$tmp = isset($options['ignore']) ? $options['ignore'] : $options['i']; public function setIgnore(array $a)
$this->ignore = is_array($tmp) ? $tmp : array($tmp); {
$this->ignore = $a;
} }
//Simple Flag Options public function setFlagChecksum($b)
if (isset($options['all-output']) || isset($options['a'])) { {
$this->flagChecksum = true; $this->flagChecksum = $b;
$this->flagComments = true;
$this->flagPattern = true;
$this->flagTime = true;
} }
if (isset($options['base64']) || isset($options['b'])) {
$this->flagBase64 = true; public function setFlagComments($b)
{
$this->flagComments = $b;
} }
if (isset($options['checksum']) || isset($options['m'])) {
$this->flagChecksum = true; public function setFlagPattern($b)
{
$this->flagPattern = $b;
} }
if (isset($options['comment']) || isset($options['c'])) {
$this->flagComments = true; public function setFlagTime($b)
{
$this->flagTime = $b;
} }
if (isset($options['extra-check']) || isset($options['x'])) {
$this->extraCheck = true; public function setFlagBase64($b)
{
$this->flagBase64 = $b;
} }
if (isset($options['follow-symlink']) || isset($options['l'])) {
$this->followSymlink = true; public function setFlagExtraCheck($b)
{
$this->extraCheck = $b;
} }
if (isset($options['hide-ok']) || isset($options['k'])) {
$this->flagHideOk = true; public function setFlagFollowSymlink($b)
{
$this->followSymlink = $b;
} }
if (isset($options['hide-whitelist']) || isset($options['w'])) {
$this->flagHideWhitelist = true; public function setFlagHideOk($b)
{
$this->flagHideOk = $b;
} }
if (isset($options['no-color']) || isset($options['n'])) {
$this->disableColor(); public function setFlagHideWhitelist($b)
} {
if (isset($options['no-stop']) || isset($options['s'])) { $this->flagHideWhitelist = $b;
$this->flagNoStop = true;
}
if (isset($options['pattern']) || isset($options['p'])) {
$this->flagPattern = true;
}
if (isset($options['time']) || isset($options['t'])) {
$this->flagTime = true;
} }
public function setFlagNoStop($b)
{
$this->flagNoStop = $b;
} }
// @see http://stackoverflow.com/a/13914119 // @see http://stackoverflow.com/a/13914119
@@ -401,17 +474,13 @@ class MalwareScanner
//Validates the input directory //Validates the input directory
//Calls the load pattern and load whitelist functions //Calls the load pattern and load whitelist functions
//Calls the process and report functions. //Calls the process and report functions.
private function run($dir) public function run($dir)
{ {
//Make sure a directory was specified.
if ($this->dir === '') {
$this->error('No directory specified');
}
//Make sure the input is a valid directory path. //Make sure the input is a valid directory path.
$dir = rtrim($dir, '/'); $dir = rtrim($dir, '/');
if (!is_dir($dir)) { if (!is_dir($dir)) {
$this->error('Specified path is not a directory: ' . $dir); $this->error('Specified path is not a directory: ' . $dir);
return false;
} }
//Load Patterns //Load Patterns
@@ -423,6 +492,7 @@ class MalwareScanner
$start = time(); $start = time();
$this->process($dir . '/'); $this->process($dir . '/');
$this->report($start, $dir . '/'); $this->report($start, $dir . '/');
return true;
} }
//Loads target file contents for scanning //Loads target file contents for scanning
@@ -531,5 +601,7 @@ class MalwareScanner
} }
//Creates a new MalwareScanner object which does all the work. // script it's self called and not included
if (isset($argv[0]) && realpath($argv[0]) == realpath(__FILE__)) {
new MalwareScanner(); new MalwareScanner();
}