External/php-malware-scanner
1
0
Fork 0
mirror of https://github.com/scr34m/php-malware-scanner.git synced 2026-06-16 12:30:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

Adding str_, function, echo and include in base64

Browse Source 
str_ will match 13 separate php functions, many of which can be used for string/modifcation aka obfuscation
function added to catch function defining.
echo added as it is a  common php  keyword, though experimental... may cause a of false positives
include added as it is often used to link in other malware files.
This commit is contained in:
nichogenius
2017-07-31 12:56:15 -06:00
committed by GitHub
parent 32e2f68e92
commit 4d9bcd171b
1 changed files with 20 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
patterns_raw.txt
View File

@@ -62,11 +62,31 @@ cmVwbGFjZ
JlcGxhY2
yZXBsYWNl
# "str_" in base64
c3RyX
N0cl
zdHJf
# "exec" in base64
ZXhlYy
V4ZWMo
leGVjK
# "echo" in base64
ZWNob
VjaG
lY2hv
# "function" in base64
ZnVuY3Rpb2
Z1bmN0aW9u
mdW5jdGlvb
# "include" in base64
aW5jbHVkZ
luY2x1ZG
pbmNsdWRl
# "base64" in base64
YmFzZTY0
Jhc2U2N