# LP-MSH-Scanner LP MSH Scanner Made by Malin Cenusa February 2019 - v6.0.0 CHANGES: - added automation for scan process (run.sh) - merged all malwareX.pl scripts into malware.pl and moved the old, unused ones to the deprecated directory - added a scan.py version that does not use YAML due to a bug stripping the file paths TODO: - automate the SOP (bash version of scan.sh) - add more CMS fingerprints - add more malware patterns - improve garbage files cleanup prior to scanning - code cleanup May 2018 - v5.0.1 TODO: - beautify the code - move fingerprints to database - ditch as much bash code as possible - add more CMS fingerprints - clear error logs & garbage files - add chown - add suspicious plugins - done for WP - add resource hogs - done for WP - code cleanup - remove unused stuff Version exceptions to be looked into and fixed if possible: - PmWiki doesn't output the version properly for some reason and it will be checked later - phpNuke support removed as newer phpNuke installs store the version in the database - newest ELGG, CMS Made Simple, Sitecake, Pimcore, Microweber, ZenPhoto, WikkaWiki, JCow, Open Source Social Network, Lime Survey, Feng Office require PHP 5.4 to work - phpLD is not compatible with PHP version 5.3+ so support for it has been removed from the scanner - Pixie does not have proper version handling so it will not be supported - eggBlog stores it's version in a file called VERSION which will generate too many false positives so it will not be supported - PHP-Fusion normally pulls the version from the database, but we can try and grab it from it's upgrade script function - ModX nowadays pulls the version info from the database so we'll no longer support it - ocPortal seems to be pulling info from the database and we will not support it - Typo3 requires fileinfo() which isn't supported on LP shared - ProcessWire doesn't store any version related info so it will not be supported - Fork, Prosper202 don't work from subdirectories - Sitemagic fails to report the version properly so I've removed it from the script - Tiki Wiki stores the version details in the database so we'll not support it - razorCMS requires suPHP when installing with Softaculous and fails although suPHP exists - SeoToasterCMS stores version information under a version.txt file which is bound to produce a lot of false positives so we'll not support it - Bigace doesn't seem to store any version related info under it's files so it won't be supported - Fiyo stores only the major core version in it's files and this could cause too many false positives so it will not be supported - HotaruCMS couldn't be installed so I could not fingerprint it - FUDforum doesn't appear to store any version info in it's files - Beehive requires PHP 5.4, fileinfo () and intl () - my little forum uses an improper version handling which will generate many false positives so we'll not support it - Pixelpost stores version related data in an Readme.txt file which would generate too many false positives if used - Plogger does not seem to store any version related info into it's files - DokuWiki uses a file called VERSION to store version related info and this generates too many false positives - pH7CMS requires PHP 5.2 & bz() - Open Classifieds needs PHP 5.5 to work - Noah's Classifieds seems to pull the version from an array and it cannot be supported - GPixPixel doesn't store version related info in the files - ExtCalendar is not compatible with PHP version 5.3+ - poMMo is not compatible with PHP version 5.3+ - Webinsta Maillist is not compatible with PHP version 5.3+ - Open Newsletter does not store version info into it's files - ccMail is not compatible with PHP version 5.3+ - phpESP is not compatible with PHP version 5.3+ - Advanced Poll does not store version info into it's files - Easy Poll does not store version info into it's files - Simple PHP Poll does not store version info into it's files - The Bug Genie does not store version info into it's files - SiteDove can not be installed in subdirectories.