mirror of
https://github.com/scr34m/php-malware-scanner.git
synced 2026-06-16 12:30:35 +00:00
Code style formatting
This commit is contained in:
51
scan.php
51
scan.php
@@ -85,15 +85,15 @@ class MalwareScanner
|
|||||||
//Handles pattern loading and saving to the class object
|
//Handles pattern loading and saving to the class object
|
||||||
private function initializePatterns()
|
private function initializePatterns()
|
||||||
{
|
{
|
||||||
|
$dir = dirname(__FILE__);
|
||||||
//Loads either the primary scanning patterns or the base64 patterns depending on -b/--base64 flag
|
//Loads either the primary scanning patterns or the base64 patterns depending on -b/--base64 flag
|
||||||
if (!$this->flagBase64) {
|
if (!$this->flagBase64) {
|
||||||
$this->patterns_raw = $this->loadPatterns(dirname(__FILE__) . '/definitions/patterns_raw.txt');
|
$this->patterns_raw = $this->loadPatterns($dir . '/definitions/patterns_raw.txt');
|
||||||
$this->patterns_iraw = $this->loadPatterns(dirname(__FILE__) . '/definitions/patterns_iraw.txt');
|
$this->patterns_iraw = $this->loadPatterns($dir . '/definitions/patterns_iraw.txt');
|
||||||
$this->patterns_re = $this->loadPatterns(dirname(__FILE__) . '/definitions/patterns_re.txt');
|
$this->patterns_re = $this->loadPatterns($dir . '/definitions/patterns_re.txt');
|
||||||
}
|
} else {
|
||||||
else {
|
$this->patterns_b64functions = $this->loadPatterns($dir . '/base64_patterns/php_functions.txt');
|
||||||
$this->patterns_b64functions = $this->loadPatterns(dirname(__FILE__). '/base64_patterns/php_functions.txt');
|
$this->patterns_b64keywords = $this->loadPatterns($dir . '/base64_patterns/php_keywords.txt');
|
||||||
$this->patterns_b64keywords = $this->loadPatterns(dirname(__FILE__). '/base64_patterns/php_keywords.txt');
|
|
||||||
}
|
}
|
||||||
|
|
||||||
//Adds additional checks to patterns_raw
|
//Adds additional checks to patterns_raw
|
||||||
@@ -166,7 +166,8 @@ class MalwareScanner
|
|||||||
//All flag handling stuff should be setup here.
|
//All flag handling stuff should be setup here.
|
||||||
private function parseArgs()
|
private function parseArgs()
|
||||||
{
|
{
|
||||||
$options = getopt( 'd:e:i:abmcxlhkwnspt',
|
$options = getopt(
|
||||||
|
'd:e:i:abmcxlhkwnspt',
|
||||||
array(
|
array(
|
||||||
'directory:',
|
'directory:',
|
||||||
'extension:',
|
'extension:',
|
||||||
@@ -184,7 +185,8 @@ class MalwareScanner
|
|||||||
'no-stop',
|
'no-stop',
|
||||||
'pattern',
|
'pattern',
|
||||||
'time'
|
'time'
|
||||||
));
|
)
|
||||||
|
);
|
||||||
|
|
||||||
//Help Option should be first
|
//Help Option should be first
|
||||||
if (isset($options['help']) || isset($options['h'])) {
|
if (isset($options['help']) || isset($options['h'])) {
|
||||||
@@ -210,7 +212,10 @@ class MalwareScanner
|
|||||||
|
|
||||||
//Simple Flag Options
|
//Simple Flag Options
|
||||||
if (isset($options['all-output']) || isset($options['a'])) {
|
if (isset($options['all-output']) || isset($options['a'])) {
|
||||||
$this->flagChecksum = true; $this->flagComments = true; $this->flagPattern = true; $this->flagTime = true;
|
$this->flagChecksum = true;
|
||||||
|
$this->flagComments = true;
|
||||||
|
$this->flagPattern = true;
|
||||||
|
$this->flagTime = true;
|
||||||
}
|
}
|
||||||
if (isset($options['base64']) || isset($options['b'])) {
|
if (isset($options['base64']) || isset($options['b'])) {
|
||||||
$this->flagBase64 = true;
|
$this->flagBase64 = true;
|
||||||
@@ -289,18 +294,20 @@ class MalwareScanner
|
|||||||
|
|
||||||
//OK
|
//OK
|
||||||
if (!$found) {
|
if (!$found) {
|
||||||
if ($this->flagHideOk){return;}
|
if ($this->flagHideOk) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
$state = 'OK';
|
$state = 'OK';
|
||||||
$hash = ' ';
|
$hash = ' ';
|
||||||
$state_color = $this->ANSI_GREEN;
|
$state_color = $this->ANSI_GREEN;
|
||||||
}
|
} //WL
|
||||||
//WL
|
|
||||||
elseif ($this->inWhitelist($hash)) {
|
elseif ($this->inWhitelist($hash)) {
|
||||||
if ($this->flagHideWhitelist) {return;}
|
if ($this->flagHideWhitelist) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
$state = 'WL';
|
$state = 'WL';
|
||||||
$state_color = $this->ANSI_YELLOW;
|
$state_color = $this->ANSI_YELLOW;
|
||||||
}
|
} //ER
|
||||||
//ER
|
|
||||||
else {
|
else {
|
||||||
$state = 'ER';
|
$state = 'ER';
|
||||||
$state_color = $this->ANSI_RED;
|
$state_color = $this->ANSI_RED;
|
||||||
@@ -427,8 +434,7 @@ class MalwareScanner
|
|||||||
$this->scanLoop('scanFunc_STR', $fileContent, $this->patterns_raw, $path, $found, $hash);
|
$this->scanLoop('scanFunc_STR', $fileContent, $this->patterns_raw, $path, $found, $hash);
|
||||||
$this->scanLoop('scanFunc_STRI', $fileContent, $this->patterns_iraw, $path, $found, $hash);
|
$this->scanLoop('scanFunc_STRI', $fileContent, $this->patterns_iraw, $path, $found, $hash);
|
||||||
$this->scanLoop('scanFunc_RE', $fileContent, $this->patterns_re, $path, $found, $hash);
|
$this->scanLoop('scanFunc_RE', $fileContent, $this->patterns_re, $path, $found, $hash);
|
||||||
}
|
} else {
|
||||||
else {
|
|
||||||
$this->scanLoop('scanFunc_STR', $fileContent, $this->patterns_b64functions, $path, $found, $hash);
|
$this->scanLoop('scanFunc_STR', $fileContent, $this->patterns_b64functions, $path, $found, $hash);
|
||||||
$this->scanLoop('scanFunc_STR', $fileContent, $this->patterns_b64keywords, $path, $found, $hash);
|
$this->scanLoop('scanFunc_STR', $fileContent, $this->patterns_b64keywords, $path, $found, $hash);
|
||||||
}
|
}
|
||||||
@@ -483,9 +489,13 @@ class MalwareScanner
|
|||||||
//This allows multiple search/match functions to be used without duplicating the loop code.
|
//This allows multiple search/match functions to be used without duplicating the loop code.
|
||||||
if ($this->$scanFunction($pattern, $fileContent)) {
|
if ($this->$scanFunction($pattern, $fileContent)) {
|
||||||
$found = true;
|
$found = true;
|
||||||
if ($hash === ''){$hash = md5($fileContent);}
|
if ($hash === '') {
|
||||||
|
$hash = md5($fileContent);
|
||||||
|
}
|
||||||
$this->printPath($found, $path, $pattern, $comment, $hash);
|
$this->printPath($found, $path, $pattern, $comment, $hash);
|
||||||
if (!$this->flagNoStop){return;}
|
if (!$this->flagNoStop) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -517,4 +527,3 @@ class MalwareScanner
|
|||||||
|
|
||||||
//Creates a new MalwareScanner object which does all the work.
|
//Creates a new MalwareScanner object which does all the work.
|
||||||
new MalwareScanner();
|
new MalwareScanner();
|
||||||
?>
|
|
||||||
|
|||||||
Reference in New Issue
Block a user