External/php-malware-scanner
1
0
Fork 0
mirror of https://github.com/scr34m/php-malware-scanner.git synced 2026-06-16 12:30:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

Nested function call pattern update

Browse Source
This commit is contained in:
Gabor Gyorvari
2022-07-17 08:17:20 +02:00
parent 088c0761b3
commit bf13288367
2 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
definitions/patterns_raw.txt
View File

@@ -391,5 +391,6 @@ Array("1207", "3gso", "4thp", "501i", "502i", "503i", "504i", "505i", "506i",
# eval url decoded string # eval url decoded string
eval(rawurldecode(' eval(rawurldecode('
# simple obfuscated gzuncompress # simple obfuscated function
'gz'.'unc'.'ompress' 'gz'.'unc'.'ompress'
'create'.'_'.'function'

2
definitions/patterns_re.txt
View File

@@ -95,7 +95,7 @@ eval\(\$[a-z0-9_]+\(\$_POST
("[a-z0-9]+"\.chr\(\d+\)\.){3,} ("[a-z0-9]+"\.chr\(\d+\)\.){3,}
# nested function call used variables # nested function call used variables
\$[a-z]+\(\$[a-z0-9]+\( \$[a-z0-9_]+\(\$[a-z0-9_]+\(
# GLOBALS inject with escaped content # GLOBALS inject with escaped content
\$GLOBALS;\$\{"\\x \$GLOBALS;\$\{"\\x