mirror of
https://github.com/scr34m/php-malware-scanner.git
synced 2026-06-16 12:30:35 +00:00
Code style formatting
This commit is contained in:
51
scan.php
51
scan.php
@@ -85,15 +85,15 @@ class MalwareScanner
|
||||
//Handles pattern loading and saving to the class object
|
||||
private function initializePatterns()
|
||||
{
|
||||
$dir = dirname(__FILE__);
|
||||
//Loads either the primary scanning patterns or the base64 patterns depending on -b/--base64 flag
|
||||
if (!$this->flagBase64) {
|
||||
$this->patterns_raw = $this->loadPatterns(dirname(__FILE__) . '/definitions/patterns_raw.txt');
|
||||
$this->patterns_iraw = $this->loadPatterns(dirname(__FILE__) . '/definitions/patterns_iraw.txt');
|
||||
$this->patterns_re = $this->loadPatterns(dirname(__FILE__) . '/definitions/patterns_re.txt');
|
||||
}
|
||||
else {
|
||||
$this->patterns_b64functions = $this->loadPatterns(dirname(__FILE__). '/base64_patterns/php_functions.txt');
|
||||
$this->patterns_b64keywords = $this->loadPatterns(dirname(__FILE__). '/base64_patterns/php_keywords.txt');
|
||||
$this->patterns_raw = $this->loadPatterns($dir . '/definitions/patterns_raw.txt');
|
||||
$this->patterns_iraw = $this->loadPatterns($dir . '/definitions/patterns_iraw.txt');
|
||||
$this->patterns_re = $this->loadPatterns($dir . '/definitions/patterns_re.txt');
|
||||
} else {
|
||||
$this->patterns_b64functions = $this->loadPatterns($dir . '/base64_patterns/php_functions.txt');
|
||||
$this->patterns_b64keywords = $this->loadPatterns($dir . '/base64_patterns/php_keywords.txt');
|
||||
}
|
||||
|
||||
//Adds additional checks to patterns_raw
|
||||
@@ -166,7 +166,8 @@ class MalwareScanner
|
||||
//All flag handling stuff should be setup here.
|
||||
private function parseArgs()
|
||||
{
|
||||
$options = getopt( 'd:e:i:abmcxlhkwnspt',
|
||||
$options = getopt(
|
||||
'd:e:i:abmcxlhkwnspt',
|
||||
array(
|
||||
'directory:',
|
||||
'extension:',
|
||||
@@ -184,7 +185,8 @@ class MalwareScanner
|
||||
'no-stop',
|
||||
'pattern',
|
||||
'time'
|
||||
));
|
||||
)
|
||||
);
|
||||
|
||||
//Help Option should be first
|
||||
if (isset($options['help']) || isset($options['h'])) {
|
||||
@@ -210,7 +212,10 @@ class MalwareScanner
|
||||
|
||||
//Simple Flag Options
|
||||
if (isset($options['all-output']) || isset($options['a'])) {
|
||||
$this->flagChecksum = true; $this->flagComments = true; $this->flagPattern = true; $this->flagTime = true;
|
||||
$this->flagChecksum = true;
|
||||
$this->flagComments = true;
|
||||
$this->flagPattern = true;
|
||||
$this->flagTime = true;
|
||||
}
|
||||
if (isset($options['base64']) || isset($options['b'])) {
|
||||
$this->flagBase64 = true;
|
||||
@@ -289,18 +294,20 @@ class MalwareScanner
|
||||
|
||||
//OK
|
||||
if (!$found) {
|
||||
if ($this->flagHideOk){return;}
|
||||
if ($this->flagHideOk) {
|
||||
return;
|
||||
}
|
||||
$state = 'OK';
|
||||
$hash = ' ';
|
||||
$state_color = $this->ANSI_GREEN;
|
||||
}
|
||||
//WL
|
||||
} //WL
|
||||
elseif ($this->inWhitelist($hash)) {
|
||||
if ($this->flagHideWhitelist) {return;}
|
||||
if ($this->flagHideWhitelist) {
|
||||
return;
|
||||
}
|
||||
$state = 'WL';
|
||||
$state_color = $this->ANSI_YELLOW;
|
||||
}
|
||||
//ER
|
||||
} //ER
|
||||
else {
|
||||
$state = 'ER';
|
||||
$state_color = $this->ANSI_RED;
|
||||
@@ -427,8 +434,7 @@ class MalwareScanner
|
||||
$this->scanLoop('scanFunc_STR', $fileContent, $this->patterns_raw, $path, $found, $hash);
|
||||
$this->scanLoop('scanFunc_STRI', $fileContent, $this->patterns_iraw, $path, $found, $hash);
|
||||
$this->scanLoop('scanFunc_RE', $fileContent, $this->patterns_re, $path, $found, $hash);
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
$this->scanLoop('scanFunc_STR', $fileContent, $this->patterns_b64functions, $path, $found, $hash);
|
||||
$this->scanLoop('scanFunc_STR', $fileContent, $this->patterns_b64keywords, $path, $found, $hash);
|
||||
}
|
||||
@@ -483,9 +489,13 @@ class MalwareScanner
|
||||
//This allows multiple search/match functions to be used without duplicating the loop code.
|
||||
if ($this->$scanFunction($pattern, $fileContent)) {
|
||||
$found = true;
|
||||
if ($hash === ''){$hash = md5($fileContent);}
|
||||
if ($hash === '') {
|
||||
$hash = md5($fileContent);
|
||||
}
|
||||
$this->printPath($found, $path, $pattern, $comment, $hash);
|
||||
if (!$this->flagNoStop){return;}
|
||||
if (!$this->flagNoStop) {
|
||||
return;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -517,4 +527,3 @@ class MalwareScanner
|
||||
|
||||
//Creates a new MalwareScanner object which does all the work.
|
||||
new MalwareScanner();
|
||||
?>
|
||||
|
||||
Reference in New Issue
Block a user