php-malware-scanner

mirror of https://github.com/scr34m/php-malware-scanner.git synced 2026-06-16 12:30:35 +00:00

Author	SHA1	Message	Date
Gabor Gyorvari	55e75079df	Little return value fix 1.0.31	2026-06-02 06:46:11 +02:00
Győrvári Gábor	c9e4050b7d	Merge pull request #96 from contemas-tschmidt/fix/bugs-and-improvements Fix multiple bugs and improve robustness	2026-06-02 06:43:51 +02:00
Thomas Schmidt	31fa36c82a	Fix multiple bugs and improve robustness - Fix date format in report(): H:m:s -> H:i:s (m=month, i=minutes) - Fix loadWhitelists(): skip lines shorter than 32 chars to avoid empty hash entries - Fix updateCombinedWhitelist(): return false on hash mismatch after download - Fix scan(): handle file_get_contents() failure for unreadable files - Fix scanFunc_RE(): suppress and handle invalid regex patterns gracefully - Fix addWordpressChecksums(): validate version format, handle network/JSON errors, support both API response formats - Add 30s HTTP timeout to updateCombinedWhitelist() network requests - Fix composer.json minimum PHP version: 5.2 -> 5.3 (anonymous functions require 5.3) - Add .gitignore for .idea/, whitelist.dat, vendor/ Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-06-01 16:12:36 +02:00
Gabor Gyorvari	ba466dc1ff	Sample update from #94 and some found in servers 1.0.30	2026-02-24 06:58:29 +01:00
Gabor Gyorvari	201ab77516	Sample update from #94 1.0.29	2025-06-09 20:28:26 +02:00
Gabor Gyorvari	46024eca5e	Merge remote-tracking branch 'origin/master' 1.0.28	2025-05-15 17:55:32 +02:00
Gabor Gyorvari	a31cc18dc5	Sample update from #93	2025-05-15 17:55:25 +02:00
Győrvári Gábor	96806c69e9	Merge pull request #92 from edward-rafalovsky/feature/add-docker-support Add Docker support with documentation	2024-12-05 06:44:14 +01:00
Edward Rafalovsky	42c2aad685	Add Docker support with documentation	2024-12-04 23:41:36 +01:00
Gabor Gyorvari	cad03dc3b4	Javascript sample update in #91	2024-07-08 17:55:38 +02:00
Gabor Gyorvari	c542a745e4	Sample update 1.0.27	2024-05-22 14:16:44 +02:00
Gabor Gyorvari	7ac65c0c8d	Hide error arg fix	2024-05-22 14:04:07 +02:00
Gabor Gyorvari	5061e319e3	Sample update	2024-05-22 14:03:43 +02:00
Gabor Gyorvari	b2b2c4b081	Small typo, fix #88	2023-07-26 12:39:34 +02:00
Gabor Gyorvari	26458d20af	Sample update 1.0.26	2023-05-14 08:59:43 +02:00
Gabor Gyorvari	70edc4210d	Sample update 1.0.25	2023-05-14 08:45:20 +02:00
Gabor Gyorvari	aec0f56af5	Sample update 1.0.24	2023-02-25 07:47:30 +01:00
Gabor Gyorvari	2e8b9c604f	Merge remote-tracking branch 'origin/master'	2022-11-18 14:10:57 +01:00
Gabor Gyorvari	802ead97cc	Flag usage fix about wordpress version checksum	2022-11-18 14:10:45 +01:00
Győrvári Gábor	4666a101f9	Merge pull request #81 from Fot0n/patch-1 Make it compatible with php 8.1	2022-09-19 12:51:07 +02:00
Fot0n	e4755feeef	Make it compatible with php 8.1 strftime was deprecated.	2022-09-19 13:49:05 +03:00
Gabor Gyorvari	920cf8a4c6	Backdoor script samples 1.0.23	2022-08-17 18:52:03 +02:00
Gabor Gyorvari	aa774f4330	Another obfuscated malware check 1.0.22	2022-08-09 09:18:07 +02:00
Győrvári Gábor	cd1164dbb5	Merge pull request #80 from elliotkendall/master Cast $needle in calls to strpos/stripos to string to avoid automatic … 1.0.21	2022-07-25 19:15:19 +02:00
Elliot Kendall	77ebd8abd7	Cast $needle in calls to strpos/stripos to string to avoid automatic ordinal conversion of integer patterns	2022-07-25 09:52:27 -07:00
Gabor Gyorvari	29e6c73558	Webshell matching pattern update 1.0.20	2022-07-22 11:28:18 +02:00
Gabor Gyorvari	bf13288367	Nested function call pattern update 1.0.19	2022-07-17 08:17:20 +02:00
Gabor Gyorvari	088c0761b3	Pattern update about new infections found 1.0.18	2022-07-14 19:59:23 +02:00
Gabor Gyorvari	18b06fc48b	Whitelist update and two little pattern fix, reported in #78 1.0.17	2022-07-11 20:03:53 +02:00
Gabor Gyorvari	f1b8b89ca5	Samples update, reported in #77 1.0.16	2022-07-07 14:42:37 +02:00
Gabor Gyorvari	c6a52dc67e	Whitelist update, reported in #76 1.0.15	2022-06-30 20:55:37 +02:00
Gabor Gyorvari	3b76a7270e	Backdoor reported in #72 1.0.14	2022-03-24 18:46:58 +01:00
Gabor Gyorvari	f0bdb1f1e1	Backdoor reported in #71 1.0.13	2021-12-13 18:09:02 +01:00
Gabor Gyorvari	43876b337b	Pattern updates from new infections 1.0.12	2021-05-27 06:57:08 +02:00
Gabor Gyorvari	1fad164790	gzipped payload	2021-05-27 06:57:08 +02:00
Gabor Gyorvari	f4d53e89d8	Pattern updates from new infections	2021-05-27 06:57:08 +02:00
Gabor Gyorvari	34ea02323b	New flag to specify custom white list file 1.0.11	2021-04-01 12:44:15 +02:00
Gabor Gyorvari	b74494a4f1	base64 sample for "file" too short and causes false positive 1.0.10	2021-02-26 13:27:58 +01:00
Gabor Gyorvari	9624ec4403	README update with new -r flag 1.0.9	2021-02-24 16:47:13 +01:00
Győrvári Gábor	335b13b7c4	Merge pull request #67 from mitchobrian/master Feature flagHideErr #66	2021-02-24 16:45:34 +01:00
Michael Palmer	78bee49176	https://github.com/scr34m/php-malware-scanner/issues/66	2021-02-24 13:36:10 +01:00
Győrvári Gábor	cc0fdc7a9f	Merge pull request #63 from aldavigdis/patch-1 Adding definitions based on recent code injection	2020-11-17 08:07:52 +01:00
Alda Vigdis Skarphedinsdottir	ec8f9920ba	Adding definitions based on recent code injection	2020-11-17 04:06:03 +01:00
Gabor Gyorvari	5883c68f54	Small example how to use as library, fix #61 1.0.8	2020-10-05 13:34:16 +02:00
Gabor Gyorvari	22b51a1ee3	Change addWordpressChecksums to public, fix #58	2020-10-05 10:59:13 +02:00
Gabor Gyorvari	2b1a0c1266	Signature update from new infections 1.0.7	2020-10-01 11:26:02 +02:00
Gabor Gyorvari	c495cc822c	Signature update for a pattern $_uU(101).$_uU(118).$_uU(97)	2020-09-30 17:02:33 +02:00
Gabor Gyorvari	e9a45d4bdc	Allowing multiple use of -d option and braces in path syntax, closes #56 1.0.6	2020-08-18 15:36:52 +02:00
Gabor Gyorvari	21185202f3	Combined whitelist updated 1.0.5	2020-06-25 17:10:40 +02:00
Győrvári Gábor	195717d625	Merge pull request #55 from scr34m/libmode Change function visibility to allow usage as library	2020-06-24 10:17:19 +02:00

1 2 3 4 5

220 Commits