diff --git a/scan.php b/scan.php index e61e04a..d2cbc08 100644 --- a/scan.php +++ b/scan.php @@ -39,7 +39,7 @@ class MalwareScanner private $flagFollowSymlink = false; private $flagLineNumber = false; private $flagScanEverything = false; - private $flagBigData = false; + private $flagCombinedWhitelist = false; private $outputFormat = ''; private $whitelist = array(); private $ignore = array(); @@ -55,8 +55,8 @@ class MalwareScanner private $patterns_re = array(); private $patterns_b64functions = array(); private $patterns_b64keywords = array(); - private $bigdata = array(); - private $bigdata_count = 0; + private $combined_whitelist = array(); + private $combined_whitelist_count = 0; /** * MalwareScanner constructor. @@ -127,8 +127,8 @@ class MalwareScanner //Check if the md5 checksum exists in the whitelist and returns true if it does. private function inWhitelist($hash) { - if ($this->flagBigData) { - if ($this->binarySearch($hash, $this->bigdata, $this->bigdata_count) > -1) { + if ($this->flagCombinedWhitelist) { + if ($this->binarySearch($hash, $this->combined_whitelist, $this->combined_whitelist_count) > -1) { return true; } } @@ -230,7 +230,7 @@ class MalwareScanner 'output-format:', 'wordpress-version:', 'scan-everything', - 'big-data' + 'combined-whitelist' ) ); @@ -310,8 +310,8 @@ class MalwareScanner if (isset($options['scan-everything']) || isset($options['E'])) { $this->setFlagScanEverything(true); } - if (isset($options['big-data'])) { - $this->setFlagBigData(true); + if (isset($options['combined-whitelist'])) { + $this->setFlagCombinedWhitelist(true); } } @@ -396,9 +396,9 @@ class MalwareScanner $this->flagScanEverything = $b; } - public function setFlagBigData($b) + public function setFlagCombinedWhitelist($b) { - $this->flagBigData = $b; + $this->flagCombinedWhitelist = $b; } // @see http://stackoverflow.com/a/13914119 @@ -578,7 +578,7 @@ class MalwareScanner * Validates the input directory * * - Calls the load pattern and load whitelist functions - * - Fetch and load big data white list + * - Fetch and load combined whitelist * - Calls the process and report functions. * * @param $dir @@ -597,7 +597,7 @@ class MalwareScanner $this->loadWhitelist(); - if ($this->flagBigData && !$this->updateBigData()) { + if ($this->flagCombinedWhitelist && !$this->updateCombinedWhitelist()) { return false; } @@ -725,7 +725,7 @@ class MalwareScanner return $key; } - private function updateBigData($url = 'https://scr34m.github.io/php-malware-scanner') + private function updateCombinedWhitelist($url = 'https://scr34m.github.io/php-malware-scanner') { $latest_hash = trim(file_get_contents($url . '/database/compressed.sha256')); if ($latest_hash === false) { @@ -733,7 +733,7 @@ class MalwareScanner return false; } - $file = __DIR__ . '/bigdata.dat'; + $file = __DIR__ . '/whitelist.dat'; if (is_readable($file)) { $hash = hash_file('sha256', $file); if ($hash != $latest_hash) { @@ -760,16 +760,16 @@ class MalwareScanner } $content = gzdecode(file_get_contents($file)); - $this->bigdata = []; - $this->bigdata_count = 0; + $this->combined_whitelist = []; + $this->combined_whitelist_count = 0; foreach (explode("\n", $content) as $line) { // faster than strtok, but needs more memory if ($line) { - $this->bigdata[] = $line; - $this->bigdata_count++; + $this->combined_whitelist[] = $line; + $this->combined_whitelist_count++; } } - $this->bigdata_count -= 1; // -1 because we use indexes in binary search - echo 'Big data loaded hash count: ' . ($this->bigdata_count + 1) . PHP_EOL; + $this->combined_whitelist_count -= 1; // -1 because we use indexes in binary search + echo 'Combined whitelist records count: ' . ($this->combined_whitelist_count + 1) . PHP_EOL; return true; } @@ -797,7 +797,7 @@ class MalwareScanner echo ' -L --line-number Display matching pattern line number in file' . PHP_EOL; echo ' -o --output-format Custom defined output format' . PHP_EOL; echo ' -j --wordpress-version Version of wordpress to get md5 signatures' . PHP_EOL; - echo ' --big-data General whitelist' . PHP_EOL; + echo ' --combined-whitelist Combined whitelist' . PHP_EOL; }