Malin/LP-MSH-Scanner
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added HTML and Javascript spam/malware detection

Browse Source
This commit is contained in:
Palma Solutions LTD 2018-05-23 08:35:42 +02:00
parent 4ea2a01806
commit 3088f558d8
2 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
.vscode/settings.json

4
scan.py
View File

@ -242,6 +242,7 @@ scoring = {
'SOCIALS': (50, u'Email addresses, links and social networking'), 'SOCIALS': (50, u'Email addresses, links and social networking'),
'EITEST': (65, u'Eitest'), 'EITEST': (65, u'Eitest'),
'CRYPTO': (65, u'Cryptocurrency Miners'), 'CRYPTO': (65, u'Cryptocurrency Miners'),
'HTML_JS': (20, u'HTML & Javascript Malware'),
} }
@ -554,6 +555,9 @@ def is_hacked(filename):
if re.compile('User-Agent.*cpuminer').match(l) \ if re.compile('User-Agent.*cpuminer').match(l) \
or 'stratum+tcp' in l: or 'stratum+tcp' in l:
score.append(('CRYPTO', '')) score.append(('CRYPTO', ''))
if 'width: 0; height: 0; display: none; visibility: hidden;' in l:
score.append(('HTML_JS', ''))
previous_line = l previous_line = l
if line_num < 20: if line_num < 20: