From 8b2d38b58455aa3c6f98f5a26df25909e8d7b6ca Mon Sep 17 00:00:00 2001 From: Palma Solutions LTD Date: Thu, 27 Dec 2018 11:10:17 +0100 Subject: [PATCH] adjusted scoring --- scan.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/scan.py b/scan.py index 16520cd..3e90e41 100644 --- a/scan.py +++ b/scan.py @@ -202,17 +202,17 @@ scoring = { 'ACCESS_DENIED': (-30, u'Early block execution'), 'JAVASCRIPT_HACK': (50, u'Javascript'), 'HAS_EVAL': (2, u'Has eval()'), - 'HAS_EVAL_EARLY': (10, u'Has eval() early'), + 'HAS_EVAL_EARLY': (9, u'Has eval() early'), 'HAS_CALL_FUNC_EARLY': (3, u'Has call_user_func() early'), 'HAS_BASE64DECODE': (2, u'Has base64_decode() or str_rot13()'), - 'HAS_BASE64DECODE_EARLY': (10, u'Has base64_decode() or str_rot13() early'), + 'HAS_BASE64DECODE_EARLY': (9, u'Has base64_decode() or str_rot13() early'), 'HAS_MAIL': (1, u'Has mail()'), 'HAS_MAIL_EARLY': (2, u'Has mail() early'), 'LONG_LINE': (5, u'Has a line of more than 1000 characters'), 'LONG_LINE_EARLY': (8, u'Has a line of more than 1000 characters early'), 'VERY_LONG_LINE': (5, u'Has a line of more than 3000 characters'), 'VERY_LONG_LINE_EARLY': (9, u'Has a line of more than 3000 characters early'), - 'MD5_VAR': (10, u'Has a MD5 encoded variable'), + 'MD5_VAR': (9, u'Has a MD5 encoded variable'), 'INCLUDE_REQUIRE': (-2, u'Has include() or require() without http'), 'COOKIE_FORM1': (20, u'Has form1=@$_COOKIE'), 'MAIL_X_HEADER': (5, u'Has mail.add_x_header'),