mirror of
https://github.com/scr34m/php-malware-scanner.git
synced 2026-06-16 12:30:35 +00:00
New ignore argument to exclude files and folders with glob style matching
This commit is contained in:
Gabor Gyorvari
17
README.md
17
README.md
@@ -9,15 +9,18 @@ How to use?
|
|||||||
|
|
||||||
```
|
```
|
||||||
$ php ./scan.php -h
|
$ php ./scan.php -h
|
||||||
Usage scan.php -d <directory> [-e=.php] [--hide-ok] [--hide-whitelist]
|
Usage scan.php -d <directory> [-i=<directory|file>] [-e=.php] [--hide-ok] [--hide-whitelist]
|
||||||
-d Directory for searching
|
-d Directory for searching
|
||||||
-e=.php Extension
|
-e=.php Extension
|
||||||
--hide-ok Hide OK aka not infected messages
|
-i=<directory|file> Directory of file to igonre
|
||||||
--hide-whitelist Hide whitelisted messages
|
--hide-ok Hide OK aka not infected messages
|
||||||
--extra-check Adds GoogleBot and htaccess to Scan List
|
--hide-whitelist Hide whitelisted messages
|
||||||
--follow-symlink Follow symlinked directories
|
--extra-check Adds GoogleBot and htaccess to Scan List
|
||||||
|
--follow-symlink Follow symlinked directories
|
||||||
```
|
```
|
||||||
|
|
||||||
|
Ignore argument could be used multiple times and accept glob style matching ex.: "cache*", "??-cache.php" or "/cache" etc.
|
||||||
|
|
||||||
Whitelisting
|
Whitelisting
|
||||||
------------
|
------------
|
||||||
|
|
||||||
|
|||||||
63
scan.php
63
scan.php
@@ -28,6 +28,7 @@ class MalwareScanner
|
|||||||
private $flagHideWhitelist = false;
|
private $flagHideWhitelist = false;
|
||||||
private $extraCheck = false;
|
private $extraCheck = false;
|
||||||
private $whitelist = array();
|
private $whitelist = array();
|
||||||
|
private $ignore = array();
|
||||||
private $stat = array(
|
private $stat = array(
|
||||||
'directories' => 0,
|
'directories' => 0,
|
||||||
'files_scanned' => 0,
|
'files_scanned' => 0,
|
||||||
@@ -37,7 +38,7 @@ class MalwareScanner
|
|||||||
|
|
||||||
public function __construct()
|
public function __construct()
|
||||||
{
|
{
|
||||||
$options = getopt('hd:e::', array('hide-ok', 'hide-whitelist', 'extra-check', 'follow-symlink'));
|
$options = getopt('hd:e::i::', array('hide-ok', 'hide-whitelist', 'extra-check', 'follow-symlink'));
|
||||||
if (isset($options['h'])) {
|
if (isset($options['h'])) {
|
||||||
$this->showHelp();
|
$this->showHelp();
|
||||||
} else {
|
} else {
|
||||||
@@ -48,6 +49,9 @@ class MalwareScanner
|
|||||||
}
|
}
|
||||||
$this->extension = strtolower($ext);
|
$this->extension = strtolower($ext);
|
||||||
}
|
}
|
||||||
|
if (isset($options['i'])) {
|
||||||
|
$this->ignore = is_array($options['i']) ? $options['i'] : array($options['i']);
|
||||||
|
}
|
||||||
if (isset($options['hide-ok'])) {
|
if (isset($options['hide-ok'])) {
|
||||||
$this->flagHideOk = true;
|
$this->flagHideOk = true;
|
||||||
}
|
}
|
||||||
@@ -110,6 +114,9 @@ class MalwareScanner
|
|||||||
if ($file == '.' || $file == '..') {
|
if ($file == '.' || $file == '..') {
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
if ($this->isIgnored($dir . $file)) {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
if (!$this->followSymlink && is_link($dir . $file)) {
|
if (!$this->followSymlink && is_link($dir . $file)) {
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
@@ -384,6 +391,45 @@ class MalwareScanner
|
|||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private function isIgnored($pathname)
|
||||||
|
{
|
||||||
|
foreach ($this->ignore as $pattern) {
|
||||||
|
$match = $this->pathMatches($pathname, $pattern);
|
||||||
|
if ($match) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @see http://stackoverflow.com/a/13914119
|
||||||
|
*/
|
||||||
|
private function pathMatches($path, $pattern, $ignoreCase = false)
|
||||||
|
{
|
||||||
|
$expr = preg_replace_callback(
|
||||||
|
'/[\\\\^$.[\\]|()?*+{}\\-\\/]/',
|
||||||
|
function ($matches) {
|
||||||
|
switch ($matches[0]) {
|
||||||
|
case '*':
|
||||||
|
return '.*';
|
||||||
|
case '?':
|
||||||
|
return '.';
|
||||||
|
default:
|
||||||
|
return '\\' . $matches[0];
|
||||||
|
}
|
||||||
|
},
|
||||||
|
$pattern
|
||||||
|
);
|
||||||
|
|
||||||
|
$expr = '/' . $expr . '/';
|
||||||
|
if ($ignoreCase) {
|
||||||
|
$expr .= 'i';
|
||||||
|
}
|
||||||
|
|
||||||
|
return (bool)preg_match($expr, $path);
|
||||||
|
}
|
||||||
|
|
||||||
private function out($color, $serv, $text)
|
private function out($color, $serv, $text)
|
||||||
{
|
{
|
||||||
echo $color . ' ' . $serv . ' ' . self::ANSI_OFF . $text . PHP_EOL;
|
echo $color . ' ' . $serv . ' ' . self::ANSI_OFF . $text . PHP_EOL;
|
||||||
@@ -391,13 +437,14 @@ class MalwareScanner
|
|||||||
|
|
||||||
private function showHelp()
|
private function showHelp()
|
||||||
{
|
{
|
||||||
echo 'Usage scan.php -d <directory> [-e=.php] [--hide-ok] [--hide-whitelist]' . PHP_EOL;
|
echo 'Usage scan.php -d <directory> [-i=<directory|file>] [-e=.php] [--hide-ok] [--hide-whitelist]' . PHP_EOL;
|
||||||
echo ' -d Directory for searching' . PHP_EOL;
|
echo ' -d Directory for searching' . PHP_EOL;
|
||||||
echo ' -e=.php Extension' . PHP_EOL;
|
echo ' -e=.php Extension' . PHP_EOL;
|
||||||
echo ' --hide-ok Hide OK aka not infected messages' . PHP_EOL;
|
echo ' -i=<directory|file> Directory of file to igonre' . PHP_EOL;
|
||||||
echo ' --hide-whitelist Hide whitelisted messages' . PHP_EOL;
|
echo ' --hide-ok Hide OK aka not infected messages' . PHP_EOL;
|
||||||
echo ' --extra-check Adds GoogleBot and htaccess to Scan List' . PHP_EOL;
|
echo ' --hide-whitelist Hide whitelisted messages' . PHP_EOL;
|
||||||
echo ' --follow-symlink Follow symlinked directories' . PHP_EOL;
|
echo ' --extra-check Adds GoogleBot and htaccess to Scan List' . PHP_EOL;
|
||||||
|
echo ' --follow-symlink Follow symlinked directories' . PHP_EOL;
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user