Updated definitions by report #6

2026-06-16 12:30:35 +00:00 · 2017-10-15 09:25:33 +02:00
parent 68833a6882
commit d84421e2c2
2 changed files with 4 additions and 0 deletions
--- a/definitions/patterns_raw.txt
+++ b/definitions/patterns_raw.txt
@@ -11,6 +11,7 @@ system($_GET[
 md5($_GET[
 fwrite($fpsetv, getenv("HTTP_COOKIE")
 system\"$cmd 1> /tmp/
+\145\166\141\154\050\142\141\163\145\066\064\137\144\145\143\157\144\145\050

 #Web-Shell patterns
 $sh3llColor
--- a/definitions/patterns_re.txt
+++ b/definitions/patterns_re.txt
@@ -13,6 +13,9 @@ eval\([a-z0-9]{4,}\(\$[a-z0-9]{4,}, \$[0-9a-z]{4,}\)\);
 #
 chr\(\d+\)\.""\.""\.""\.""\.""

+# escaped commands pl.: "eval(base64_decode(" equal "\145\166\141\154\050\142\141\163\145\066\064\137\144\145\143\157\144\145\050"
+(\\\d+){5,}
+
 #
 \$GLOBALS\[\$GLOBALS['[a-z0-9]{4,}'\]\[\d+\]\.\$GLOBALS\['[a-z-0-9]{4,}'\]\[\d+\].