Malin/LP-MSH-Scanner
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

removed false positives

Browse Source
This commit is contained in:
Palma Solutions LTD 2017-11-13 08:53:49 +01:00
parent 4e5cf4d589
commit a0d44539ed
1 changed files with 5 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
scan.php
View File

@ -458,20 +458,11 @@ error_reporting(E_ALL);
"StAkeR ~ Shell", "StAkeR ~ Shell",
"SnIpEr_SA", "SnIpEr_SA",
"<style name=\"Mr.HiTman\"", "<style name=\"Mr.HiTman\"",
"(?P<hex>\\\\x(?:{){0,1}\d{1,3}(?:}){0,1})", "\$\w+\(.*\)",
"(?P<varfunc>\$\w+\(.*\))", "<\?php\s*\/\*god_mode_on\*\/eval\(base64_decode\([\"'][^\"']{255,}[\"']\)\);\s*\/\*god_mode_off\*\/\s*\?>",
"(?P<god_mode_on><\?php\s*\/\*god_mode_on\*\/eval\(base64_decode\([\"'][^\"']{255,}[\"']\)\);\s*\/\*god_mode_off\*\/\s*\?>)", "RewriteCond %{HTTP_REFERER}\s*\^\.\*\s*\([^\)]*[google|yahoo|bing|ask|wikipedia|youtube][^\)]",
"(?P<htaccess>RewriteCond %{HTTP_REFERER}\s*\^\.\*\s*\([^\)]*[google|yahoo|bing|ask|wikipedia|youtube][^\)]*)", "^<\?php\s*if\(!function_exists\([^{]+\s*{\s*function[^}]+\s*}\s*[^\"']+\s*[\"'][^\"']+[\"'];\s*eval\s*\(.*\)\s*;\s*}",
"(?P<JSCRIPT>^<script>.*<\/script>)", "<\?php)*\\\$md5\s*=\s*[\"|']\w+[\"|'];\s*\\\$wp_salt\s*=\s*[\w\(\),\"\'\;\$]+\s*\\\$wp_add_filter\s*=\s*create_function\(.*\);\s*\\\$wp_add_filter\(.*\);\s*(\?>",
"(?P<GRMalware>^<\?php\s*if\(!function_exists\([^{]+\s*{\s*function[^}]+\s*}\s*[^\"']+\s*[\"'][^\"']+[\"'];\s*eval\s*\(.*\)\s*;\s*}\s*)",
"(?P<c99>(<\?php)*\\\$md5\s*=\s*[\"|']\w+[\"|'];\s*\\\$wp_salt\s*=\s*[\w\(\),\"\'\;\$]+\s*\\\$wp_add_filter\s*=\s*create_function\(.*\);\s*\\\$wp_add_filter\(.*\);\s*(\?>)*)",
"(?P<evl>eval\s*\([^\)]+)",
"(?P<ltx>[a-zA-Z0-9\+\-\/]{50,})",
"(?P<ifm><iframe[^>]*)",
"(?P<mbd><embed[^>]*)",
"(?P<tim>[T|t]imthumb)",
"(?P<cfn>create_function[^\)]*)",
"(?P<c64>base64_decode[^\)]*)",
); );