Code style formatting

This commit is contained in:
Gabor Gyorvari
2018-03-02 18:36:24 +01:00
parent 7b2b1068e1
commit 99801506e7

View File

@@ -85,15 +85,15 @@ class MalwareScanner
//Handles pattern loading and saving to the class object //Handles pattern loading and saving to the class object
private function initializePatterns() private function initializePatterns()
{ {
$dir = dirname(__FILE__);
//Loads either the primary scanning patterns or the base64 patterns depending on -b/--base64 flag //Loads either the primary scanning patterns or the base64 patterns depending on -b/--base64 flag
if (!$this->flagBase64) { if (!$this->flagBase64) {
$this->patterns_raw = $this->loadPatterns(dirname(__FILE__) . '/definitions/patterns_raw.txt'); $this->patterns_raw = $this->loadPatterns($dir . '/definitions/patterns_raw.txt');
$this->patterns_iraw = $this->loadPatterns(dirname(__FILE__) . '/definitions/patterns_iraw.txt'); $this->patterns_iraw = $this->loadPatterns($dir . '/definitions/patterns_iraw.txt');
$this->patterns_re = $this->loadPatterns(dirname(__FILE__) . '/definitions/patterns_re.txt'); $this->patterns_re = $this->loadPatterns($dir . '/definitions/patterns_re.txt');
} } else {
else { $this->patterns_b64functions = $this->loadPatterns($dir . '/base64_patterns/php_functions.txt');
$this->patterns_b64functions = $this->loadPatterns(dirname(__FILE__). '/base64_patterns/php_functions.txt'); $this->patterns_b64keywords = $this->loadPatterns($dir . '/base64_patterns/php_keywords.txt');
$this->patterns_b64keywords = $this->loadPatterns(dirname(__FILE__). '/base64_patterns/php_keywords.txt');
} }
//Adds additional checks to patterns_raw //Adds additional checks to patterns_raw
@@ -166,7 +166,8 @@ class MalwareScanner
//All flag handling stuff should be setup here. //All flag handling stuff should be setup here.
private function parseArgs() private function parseArgs()
{ {
$options = getopt( 'd:e:i:abmcxlhkwnspt', $options = getopt(
'd:e:i:abmcxlhkwnspt',
array( array(
'directory:', 'directory:',
'extension:', 'extension:',
@@ -184,7 +185,8 @@ class MalwareScanner
'no-stop', 'no-stop',
'pattern', 'pattern',
'time' 'time'
)); )
);
//Help Option should be first //Help Option should be first
if (isset($options['help']) || isset($options['h'])) { if (isset($options['help']) || isset($options['h'])) {
@@ -210,7 +212,10 @@ class MalwareScanner
//Simple Flag Options //Simple Flag Options
if (isset($options['all-output']) || isset($options['a'])) { if (isset($options['all-output']) || isset($options['a'])) {
$this->flagChecksum = true; $this->flagComments = true; $this->flagPattern = true; $this->flagTime = true; $this->flagChecksum = true;
$this->flagComments = true;
$this->flagPattern = true;
$this->flagTime = true;
} }
if (isset($options['base64']) || isset($options['b'])) { if (isset($options['base64']) || isset($options['b'])) {
$this->flagBase64 = true; $this->flagBase64 = true;
@@ -289,18 +294,20 @@ class MalwareScanner
//OK //OK
if (!$found) { if (!$found) {
if ($this->flagHideOk){return;} if ($this->flagHideOk) {
return;
}
$state = 'OK'; $state = 'OK';
$hash = ' '; $hash = ' ';
$state_color = $this->ANSI_GREEN; $state_color = $this->ANSI_GREEN;
} } //WL
//WL
elseif ($this->inWhitelist($hash)) { elseif ($this->inWhitelist($hash)) {
if ($this->flagHideWhitelist) {return;} if ($this->flagHideWhitelist) {
return;
}
$state = 'WL'; $state = 'WL';
$state_color = $this->ANSI_YELLOW; $state_color = $this->ANSI_YELLOW;
} } //ER
//ER
else { else {
$state = 'ER'; $state = 'ER';
$state_color = $this->ANSI_RED; $state_color = $this->ANSI_RED;
@@ -427,8 +434,7 @@ class MalwareScanner
$this->scanLoop('scanFunc_STR', $fileContent, $this->patterns_raw, $path, $found, $hash); $this->scanLoop('scanFunc_STR', $fileContent, $this->patterns_raw, $path, $found, $hash);
$this->scanLoop('scanFunc_STRI', $fileContent, $this->patterns_iraw, $path, $found, $hash); $this->scanLoop('scanFunc_STRI', $fileContent, $this->patterns_iraw, $path, $found, $hash);
$this->scanLoop('scanFunc_RE', $fileContent, $this->patterns_re, $path, $found, $hash); $this->scanLoop('scanFunc_RE', $fileContent, $this->patterns_re, $path, $found, $hash);
} } else {
else {
$this->scanLoop('scanFunc_STR', $fileContent, $this->patterns_b64functions, $path, $found, $hash); $this->scanLoop('scanFunc_STR', $fileContent, $this->patterns_b64functions, $path, $found, $hash);
$this->scanLoop('scanFunc_STR', $fileContent, $this->patterns_b64keywords, $path, $found, $hash); $this->scanLoop('scanFunc_STR', $fileContent, $this->patterns_b64keywords, $path, $found, $hash);
} }
@@ -483,9 +489,13 @@ class MalwareScanner
//This allows multiple search/match functions to be used without duplicating the loop code. //This allows multiple search/match functions to be used without duplicating the loop code.
if ($this->$scanFunction($pattern, $fileContent)) { if ($this->$scanFunction($pattern, $fileContent)) {
$found = true; $found = true;
if ($hash === ''){$hash = md5($fileContent);} if ($hash === '') {
$hash = md5($fileContent);
}
$this->printPath($found, $path, $pattern, $comment, $hash); $this->printPath($found, $path, $pattern, $comment, $hash);
if (!$this->flagNoStop){return;} if (!$this->flagNoStop) {
return;
}
} }
} }
} }
@@ -517,4 +527,3 @@ class MalwareScanner
//Creates a new MalwareScanner object which does all the work. //Creates a new MalwareScanner object which does all the work.
new MalwareScanner(); new MalwareScanner();
?>