External/php-malware-scanner
1
0
Fork 0
mirror of https://github.com/scr34m/php-malware-scanner.git synced 2026-06-16 12:30:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

Case insensitive extension check, removed problematic whitelist

Browse Source
This commit is contained in:
Gabor Gyorvari
2016-12-29 08:31:27 +01:00
parent 5675fb8e79
commit b522a23a74
2 changed files with 3 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
scan.php
View File

@@ -46,7 +46,7 @@ class MalwareScanner
if ($ext[0] != '.') { if ($ext[0] != '.') {
$ext = '.' . $ext; $ext = '.' . $ext;
} }
$this->extension = $ext; $this->extension = strtolower($ext);
} }
if (isset($options['hide-ok'])) { if (isset($options['hide-ok'])) {
$this->flagHideOk = true; $this->flagHideOk = true;
@@ -116,7 +116,7 @@ class MalwareScanner
if (is_dir($dir . $file)) { if (is_dir($dir . $file)) {
$this->process($dir . $file . '/'); $this->process($dir . $file . '/');
} elseif (is_file($dir . $file)) { } elseif (is_file($dir . $file)) {
$ext = substr($file, strrpos($file, '.')); $ext = strtolower(substr($file, strrpos($file, '.')));
if ($ext == $this->extension) { if ($ext == $this->extension) {
$this->scan($dir . $file); $this->scan($dir . $file);
} }

3
whitelist.txt
View File

@@ -27,7 +27,6 @@ a6cce6be28fd8c451e54280aaa88bfcc wp-content/plugins/nextgen-gallery/products/pho
e9cf6421fe6afc7b724bf0372697e1c4 wp-includes/formatting.php -> (chr\(\d+\)\.){4,} e9cf6421fe6afc7b724bf0372697e1c4 wp-includes/formatting.php -> (chr\(\d+\)\.){4,}
eb034c991aee49aa232f6d50372f8b4a wp-content/themes/enfold/framework/php/function-set-avia-frontend.php -> (\$[a-z0-9]{3,}\[\d+\]\.){4,} eb034c991aee49aa232f6d50372f8b4a wp-content/themes/enfold/framework/php/function-set-avia-frontend.php -> (\$[a-z0-9]{3,}\[\d+\]\.){4,}
5311094f43c7252b22c71fd4dee43f03 wp-includes/formatting.php -> (chr\(\d+\)\.){4,} 5311094f43c7252b22c71fd4dee43f03 wp-includes/formatting.php -> (chr\(\d+\)\.){4,}
d2865536f339150ee54a81811ca80128 wp-includes/rss.php -> (\$[a-z0-9]{3,}\[\d+\]\.){4,}
279d3f9add6b50ccdb7e07803e713618 wp-content/plugins/wp-simple-firewall/src/common/googleauthenticator/googleauthenticator.php -> (chr\(\d+\)\.){4,} 279d3f9add6b50ccdb7e07803e713618 wp-content/plugins/wp-simple-firewall/src/common/googleauthenticator/googleauthenticator.php -> (chr\(\d+\)\.){4,}
1d1490c6c99b8ea03688428d8a22bb4a wp-content/plugins/wp-simple-firewall/src/features/firewall.php -> /etc/passwd 1d1490c6c99b8ea03688428d8a22bb4a wp-content/plugins/wp-simple-firewall/src/features/firewall.php -> /etc/passwd
7b41326263c3868548a54d34eb595750 wp-content/plugins/google-calendar-events/vendor/mexitek/phpcolors/src/Mexitek/PHPColors/Color.php -> (\$[a-z0-9]{3,}\[\d+\]\.){4,} 7b41326263c3868548a54d34eb595750 wp-content/plugins/google-calendar-events/vendor/mexitek/phpcolors/src/Mexitek/PHPColors/Color.php -> (\$[a-z0-9]{3,}\[\d+\]\.){4,}
@@ -53,9 +52,9 @@ ebb2fe179c852ce247418925743ee7b0 wp-includes/formatting.php -> (chr\(\d+\)\.){4,
d77cecbe949c76a1d54a70cba5bf8df0 wp-includes/formatting.php -> (chr\(\d+\)\.){4,} d77cecbe949c76a1d54a70cba5bf8df0 wp-includes/formatting.php -> (chr\(\d+\)\.){4,}
1a8664f9385c28fc01c4224c51fcb72c wp-includes/formatting.php -> (chr\(\d+\)\.){4,} 1a8664f9385c28fc01c4224c51fcb72c wp-includes/formatting.php -> (chr\(\d+\)\.){4,}
edd1548e1908e445eeae6ca465d1c259 wp-includes/formatting.php -> (chr\(\d+\)\.){4,} edd1548e1908e445eeae6ca465d1c259 wp-includes/formatting.php -> (chr\(\d+\)\.){4,}
7f95646cc4c16b9b5e1c1d3f7e6bb1df wp-includes/formatting.php -> (chr\(\d+\)\.){4,}
124ee8826072a166503ccca21b954e48 wp-content/plugins/ultimate-security-checker/securitycheck.class.php -> uname -a 124ee8826072a166503ccca21b954e48 wp-content/plugins/ultimate-security-checker/securitycheck.class.php -> uname -a
380ae5f3190f2b2e38477e2d52c09a3b wp-content/plugins/wordfence/lib/wordfenceURLHoover.php -> @preg_replace 380ae5f3190f2b2e38477e2d52c09a3b wp-content/plugins/wordfence/lib/wordfenceURLHoover.php -> @preg_replace
b2f59fc0fcc1e40561e3ca485d5569a2 wp-content/plugins/s2member/includes/classes/tracking-codes.inc.php -> eval("?> b2f59fc0fcc1e40561e3ca485d5569a2 wp-content/plugins/s2member/includes/classes/tracking-codes.inc.php -> eval("?>
0af39249db48e6c5c274cb0a085b530d wp-content/plugins/buddypress/bp-forums/bbpress/bb-includes/backpress/functions.formatting.php -> (chr\(\d+\)\.){4,} 0af39249db48e6c5c274cb0a085b530d wp-content/plugins/buddypress/bp-forums/bbpress/bb-includes/backpress/functions.formatting.php -> (chr\(\d+\)\.){4,}
db0f55370d091c3960929f653c0a986d wp-content/plugins/tracking-code-manager/includes/classes/utils/Utils.php -> =urldecode db0f55370d091c3960929f653c0a986d wp-content/plugins/tracking-code-manager/includes/classes/utils/Utils.php -> =urldecode