#!/bin/sh
#
# .SH Malware Scanner
#
#
#

# Variables
version = "0.1"

user = "$1"

phishing = "patterns/phishing.txt"
base64 = "patterns/base64.txt"
mailing = "patterns/mailing.txt"
polymorphic = "patterns/polymorphic.txt"
crypto = "patterns/crypto.txt"
shells = "patterns/shells.txt"
misc = "patterns/misc.txt"

# Scanning for Phishing
for i in $(cat $phishing) 
	do
		grep -Rle $i --include=*.{php,phtml,js,html,suspected}* /home/$user/public_html
	done


# Scanning for base64
for i in $(cat $base64) 
	do
		grep -Rle $i --include=*.{php,phtml,js,html,suspected}* /home/$user/public_html
	done

# Scanning for Mailing Scripts
for i in $(cat $mailing) 
	do
		grep -Rle $i --include=*.{php,phtml}* /home/$user/public_html
	done

# Scanning for CryptoCurrency Miners
for i in $(cat $crypto) 
	do
		grep -Rle $i /home/$user/public_html
	done