External/php-malware-scanner
1
0
Fork 0
mirror of https://github.com/scr34m/php-malware-scanner.git synced 2026-06-16 12:30:35 +00:00
Code Issues Packages Projects Releases Wiki Activity
172 Commits 2 Branches 32 Tags
1.0.5
Commit Graph

172 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Gabor Gyorvari
bfbb2af1ae Raw signature update reported in #17 2018-07-26 07:33:50 +02:00
Gabor Gyorvari
8e8faf26cf Remove unwanted require definition from composer 2018-04-04 10:24:08 +02:00
Gabor Gyorvari
fbff2a224c Added binary script to composer and referring to global install 2018-04-04 10:20:41 +02:00
Gabor Gyorvari
726b9ce78b Pattern for XOR-ed content math, reported in #14 2018-03-07 20:05:07 +01:00
Gabor Gyorvari
cc605bbb8f New signature to check GLOBALS usage, reported in #13 2018-03-07 19:52:34 +01:00
Gabor Gyorvari
c5b86924f7 Minor README update 2018-03-07 19:45:06 +01:00
Gabor Gyorvari
c62db2e703 Update README 2018-03-06 20:09:53 +01:00
Gabor Gyorvari
76d1a6f7d8 Merge branch 'composer' 2018-03-06 19:59:24 +01:00
Gabor Gyorvari
4485b48e52 Composer json update for packagist 2018-03-06 19:59:15 +01:00
Gabor Gyorvari
4149728e2b Fix for #12 2018-03-03 08:45:49 +01:00
Gabor Gyorvari
306b3cf703 Fix for #10 2018-03-03 08:20:46 +01:00
Gabor Gyorvari
8b01805952 Variables naming normalisation 2018-03-02 19:29:50 +01:00
Gabor Gyorvari
072189bd8e Few improvements to make library like behaving to be composer friendly 2018-03-02 19:28:03 +01:00
Gabor Gyorvari
c91819e22f Fix for #11 2018-03-02 18:53:17 +01:00
Gabor Gyorvari
ceb278bf6c Allow multiple extension argument to be used 2018-03-02 18:44:51 +01:00
Gabor Gyorvari
99801506e7 Code style formatting 2018-03-02 18:36:24 +01:00
Gabor Gyorvari
7b2b1068e1 Fix for #9 2018-02-28 15:01:01 +01:00
Gabor Gyorvari
33a38c0873 Definitions fix against false positive, reported in #6 2017-10-16 07:18:08 +02:00
Gabor Gyorvari
d84421e2c2 Updated definitions by report #6 2017-10-15 09:25:33 +02:00
Gabor Gyorvari
68833a6882 Update definitions by report #5 2017-08-31 06:54:20 +02:00
Győrvári Gábor
f2b43f4f0c Merge pull request #4 from nichogenius/master 
Lots of Tweaks and Functionality Added
 2017-08-21 06:40:13 +02:00
nichogenius
3159e7f034 Update README.md 2017-08-20 14:16:39 -06:00
nichogenius
554d2eed7b Update README.md 2017-08-20 14:15:28 -06:00
nichogenius
19c2bb7bc4 Update README.md 2017-08-20 14:13:36 -06:00
nichogenius
4816d46d16 Update README.md 2017-08-20 14:12:47 -06:00
nichogenius
c5fc05e14b Update README.md 2017-08-20 14:12:26 -06:00
nichogenius
29a8340f28 Updated with patterns_iraw.txt and text2base64.py 2017-08-20 14:11:40 -06:00
nichogenius
60578297b3 Bug fix - forgot '/' in the new path 
Bug fix - forgot '/' in the new path
patterns weren't loading :(
 2017-08-20 13:34:23 -06:00
nichogenius
697ed3c9ab Updated flags, pattern paths 
added
--all-output
--pattern
--no-stop

removed --verbose/-v

put color in the pattern comments
updated paths to pattern files to either base64_patterns, or definitions
 2017-08-20 13:29:58 -06:00
nichogenius
80cb2ae878 moved to definitions 
moved to definitions
 2017-08-20 13:25:03 -06:00
nichogenius
ad06bbe8da moved to definitions 
moved to definitions
 2017-08-20 13:24:33 -06:00
nichogenius
a0c7c1f605 moved to definitions 
moved to definitions
 2017-08-20 13:24:08 -06:00
nichogenius
d54833f44d Moved to base64_patterns folder 
Moved to base64_patterns folder
 2017-08-20 13:20:46 -06:00
nichogenius
e51e66ecb6 Moved to base64_patterns 
Moved to base64_patterns
 2017-08-20 13:20:07 -06:00
nichogenius
3d6efc0cb5 Moved into tools directory 
Moved into tools directory
 2017-08-20 13:18:18 -06:00
nichogenius
016078f8fd Moving into subdirectory 'tools' + renamed 2017-08-20 13:17:24 -06:00
nichogenius
2b9bfa4037 Updated with new Usage Information 
Updated with new Usage Information - Mostly just new flags.
 2017-08-20 13:10:34 -06:00
nichogenius
85072b5eaf 2 typos = 1 fixed bug 
typo in showHelp - ignore spelled incorrectly
typo in pattern file load for the b64 keyword file... broke part of base64 mode.
 2017-08-19 22:29:23 -06:00
nichogenius
b5c31c97fc added a forgotten flag to the help 
looks like i forgot to add the --no-color option to the help display.
 2017-08-19 20:52:08 -06:00
nichogenius
b503b8124c Added Comments and Documentation 
Added Comments and Documentation
 2017-08-19 19:55:04 -06:00
nichogenius
015cc6f668 fixed -m checksum flag 
fixed -m checksum flag
 2017-08-19 17:55:19 -06:00
nichogenius
7a8a2c1c77 updated flags 
updated flags

checksum can be -m for md5
comment can be -c for comment
 2017-08-19 17:50:46 -06:00
nichogenius
dea08acd2e large 'scan' function broken up comment flag added 
scan function has been broken up into a multiple functions which should make it more modular if future scan types are needed.
--comment, -a flag was added which prints the first comment to appear prior to the matched pattern in the pattern file.
 2017-08-19 17:46:09 -06:00
nichogenius
ea2da42f8e Added comment lines for each regex 
Added comment lines for each regex
This is to allow the -comment flag to provide either an accurate comment or no comment at all.
 2017-08-19 17:24:04 -06:00
nichogenius
1f352dc4b4 added b64 pattern for 'require' 
added b64 pattern for 'require'
 2017-08-19 17:05:23 -06:00
nichogenius
3ff125a978 removed redundant pattern 
'create_function' is redundant as 'function' is already present.
 2017-08-19 17:02:18 -06:00
nichogenius
4161148d3c base64 pattern updates 2017-08-19 16:58:28 -06:00
nichogenius
dc60cea192 Bug Fixes, added time/checksum flags, organized 
--Fixed a bug with the out function.  Previous updates of mine did not update all calls to the out function which I changed the parameters for.  Fixed this by replacing the out function with an 'error' function.
--Alphabetized function definitions and did some general tidying up
--Made all functions private except the constructor.
--Created parseArgs function to handle reading in options.
--Fixed a bug with 'extra-check' where htaccess and googleBot were being pushed to the pattern array each time a file was scanned. 
 This bug was created when I moved the pattern initialize code to the constructor.  Moved extra-check code with the rest of the initialize pattern calls.
--Added -no-color, -time, and -checksum flags.  I'd prefer if the output was only as spammy as the user requests.  Time should be helpful in tracing when the attack occurred and if files are related to the same hack.  Time and checksum do not display by default.  no-color flag makes it easier to dump to plain text files.
 2017-08-19 12:57:49 -06:00
nichogenius
44aafb0972 Cleaned up pattern whitespace and comment handling 
checking for comments and whitespace lines in pattern files should only be done once when the patterns are loaded.
Added this code to the loadPatterns() function and removed it from the 3 scan loops.
 2017-08-18 07:31:33 -06:00
nichogenius
1909eb0781 Pattern Loading Moved To Constructor 
It makes more sense to put the one time pattern load code into the constructor rather than the scan method.
 2017-08-16 01:39:44 -06:00