Added wordpress files md5sum whitelisting

README.md

@@ -32,6 +32,7 @@ Usage: php scan.php -d <directory>
     -t                   --time             Show time of last file change
     -L                   --line-number      Display matching pattern line number in file
     -o                   --output-format    Custom defined output format
+    -j                   --wordpress-version  Version of wordpress to get md5 signatures
 ```
 
 Ignore argument could be used multiple times and accept glob style matching ex.: "`cache*`", "`??-cache.php`" or "`/cache`" etc.
@@ -70,6 +71,15 @@ Whitelisting
 
 See [whitelist.txt](https://github.com/scr34m/php-malware-scanner/blob/master/whitelist.txt) file for a predefined MD5 hash list. Only the first 32 characters are used, rest of the line ignored so feel free to leave a comment.
 
+Wordpress md5 sum whitelisting
+-------------
+You can automatically add md5sum from wordpress core files by specifing version as argument to --wordpress-version or -j. 
+Example:
+```
+scan -d . -j 4.9.2
+```
+That will automatically get md5sums from wordpress api (https://api.wordpress.org/core/checksums/1.0/?version=x.x.x) and add it to whitelist. To check your version simply check wp-includes/version.php file of your wordpress
+
 Tools
 -----
 

scan.php

@@ -177,12 +177,28 @@ class MalwareScanner
         }
     }
 
+    private function addWordpressChecksums($wp_version) {
+        $apiurl = 'https://api.wordpress.org/core/checksums/1.0/?version=' . $wp_version;
+        $json = json_decode ( file_get_contents ( $apiurl ) );
+        $checksums = $json->checksums;
+
+        if ($checksums->$wp_version == false) { #no checksum returned
+             $this->error('Cannot load wordpress checksums from: '.$apiurl);
+             exit(-1);
+        }
+        
+        foreach( $checksums->$wp_version as $file => $checksum ) {
+            $this->whitelist[] = $checksum;
+
+        }
+    }
+
     //Handles the getopt() function call, sets attributes according to flags.
     //All flag handling stuff should be setup here.
     private function parseArgs()
     {
         $options = getopt(
-            'd:e:i:o:abmcxlhkwnsptL',
+            'd:e:i:o:abmcxlhkwnsptLj:',
             array(
                 'directory:',
                 'extension:',
@@ -201,7 +217,8 @@ class MalwareScanner
                 'pattern',
                 'time',
                 'line-number',
-                'output-format:'
+                'output-format:',
+                'wordpress-version:'
             )
         );
 
@@ -270,10 +287,15 @@ class MalwareScanner
         if (isset($options['line-number']) || isset($options['L'])) {
             $this->setFlagLineNumber(true);
         }
+
         if (isset($options['output-format']) || isset($options['o'])) {
             $tmp = isset($options['output-format']) ? $options['output-format'] : $options['o'];
             $this->setOutputFormat(is_array($tmp) ? $tmp : array($tmp));
         }
+        if (isset($options['wordpress-version']) || isset($options['j'])) {
+            $tmp = isset($options['wordpress-version']) ? $options['wordpress-version'] : $options['j'];
+            $this->addWordpressChecksums($tmp);
+        }       
     }
 
     public function setExtensions(array $a)
@@ -664,6 +686,8 @@ class MalwareScanner
         echo '    -t                   --time               Show time of last file change' . PHP_EOL;
         echo '    -L                   --line-number        Display matching pattern line number in file' . PHP_EOL;
         echo '    -o                   --output-format      Custom defined output format' . PHP_EOL;
+        echo '    -j                   --wordpress-version  Version of wordpress to get md5 signatures' . PHP_EOL;
+
     }
 
 }