Malin/LP-MSH-Scanner
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

translation complete

Browse Source
This commit is contained in:
Palma Solutions LTD 2018-05-11 18:28:28 +02:00
parent f7660c3f97
commit 5758dea737
1 changed files with 16 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
scan.py
View File

@ -6,7 +6,6 @@
# #
# To Do: # To Do:
# - Organize # - Organize
# - Translate
# - Add more patterns - work in progress # - Add more patterns - work in progress
# - remove false positives - work in progress # - remove false positives - work in progress
@ -210,8 +209,8 @@ scoring = {
'LONG_LINE_EARLY': (8, u'Has a line of more than 1000 characters early'), 'LONG_LINE_EARLY': (8, u'Has a line of more than 1000 characters early'),
'VERY_LONG_LINE': (5, u'Has a line of more than 3000 characters'), 'VERY_LONG_LINE': (5, u'Has a line of more than 3000 characters'),
'VERY_LONG_LINE_EARLY': (9, u'Has a line of more than 3000 characters early'), 'VERY_LONG_LINE_EARLY': (9, u'Has a line of more than 3000 characters early'),
'MD5_VAR': (10, u'Has une variable encodée en MD5'), 'MD5_VAR': (10, u'Has a MD5 encoded variable'),
'INCLUDE_REQUIRE': (-2, u'Has include() ou require() sans http'), 'INCLUDE_REQUIRE': (-2, u'Has include() or require() without http'),
'COOKIE_FORM1': (20, u'Has form1=@$_COOKIE'), 'COOKIE_FORM1': (20, u'Has form1=@$_COOKIE'),
'MAIL_X_HEADER': (5, u'Has mail.add_x_header'), 'MAIL_X_HEADER': (5, u'Has mail.add_x_header'),
'SET_TIME_0': (5, u'Has set_time_limit(0)'), 'SET_TIME_0': (5, u'Has set_time_limit(0)'),
@ -219,21 +218,21 @@ scoring = {
'SET_TIMELIMIT_0': (2, u'Has memory_limit(0)'), 'SET_TIMELIMIT_0': (2, u'Has memory_limit(0)'),
'SET_IGNOREUSERABORT_0': (2, u'Has ignore_user_abort()'), 'SET_IGNOREUSERABORT_0': (2, u'Has ignore_user_abort()'),
'UPLOAD_FILE': (2, u'Has move_uploaded_file()'), 'UPLOAD_FILE': (2, u'Has move_uploaded_file()'),
'FEW_LINES': (0, u'Has peu de lignes'), 'FEW_LINES': (0, u'Has few lines'),
'EMPTY_FILE': (-100, u'Fichier vide'), 'EMPTY_FILE': (-100, u'Empty file'),
'MANY_LINES': (-2, u'Has beaucoup de lignes'), 'MANY_LINES': (-2, u'Has too many lines'),
'MANY_LINES2': (-5, u'Gros fichier avec de lignes'), 'MANY_LINES2': (-5, u'Big file with lines'),
'MANY_LINES3': (-10, u'Très gros fichier avec de lignes'), 'MANY_LINES3': (-10, u'Too big file with lines'),
'BAD_NEWLINES': (-5, u'Ficher sur 1 ligne sans saut de ligne'), 'BAD_NEWLINES': (-5, u'One line file without newline'),
'NO_PHP_START': (-5, u'Ne commence pas par <?'), 'NO_PHP_START': (-5, u'PHP start without opening tag: <?'),
'UA_GOOGLE': (5, u'Vérifie le User-Agent contre Google'), 'UA_GOOGLE': (5, u'Checks User-Agent against Google'),
'EXEC_SHELL': (5, u'Utilise system() ou shell_exec()'), 'EXEC_SHELL': (5, u'Uses system() or shell_exec()'),
'CONCAT_STRING': (10, u'Chaine cachée par concaténation'), 'CONCAT_STRING': (10, u'Obfuscated concantenation string'),
'MANY_GLOBALS': (20, u'Has très souvent $GLOBALS'), 'MANY_GLOBALS': (20, u'Has too many $GLOBALS'),
'BIN_HOST': (10, u'Has /bin/host'), 'BIN_HOST': (10, u'Has /bin/host'),
'SHELL_COMPACT': (5, u'2eme ligne louche (shell?)'), 'SHELL_COMPACT': (5, u'Has a shady 2nd line: (shell?)'),
'CURL_HTTP': (5, u'téléchargement HTTP'), 'CURL_HTTP': (5, u'HTTP download'),
'XXTEA_ENCRYPT': (20, u'Code source encode avec XXTEA (possible ransomware)'), 'XXTEA_ENCRYPT': (20, u'Source code XXTEA (possible ransomware)'),
'ADDED_LATER': (50, u'Strings added from the rest of the scanners'), 'ADDED_LATER': (50, u'Strings added from the rest of the scanners'),
'PHISHING': (10, u'Phishing patterns'), 'PHISHING': (10, u'Phishing patterns'),
'MD5': (20, u'md5 strings used in malware'), 'MD5': (20, u'md5 strings used in malware'),