Parcourir la source

Adding support for .js files

Benoît S. il y a 5 mois
Parent
révision
25c3aafba0
1 fichiers modifiés avec 8 ajouts et 3 suppressions
  1. 8
    3
      evomalware.sh

+ 8
- 3
evomalware.sh Voir le fichier

@@ -56,8 +56,10 @@ patterns=$(cat ${databasePATH}/evomalware.patterns | tr -d '\n')
56 56
 whitelist=$(cat ${databasePATH}/evomalware.whitelist $whitelistLocal | tr -d '\n')
57 57
 suspect=$(cat ${databasePATH}/evomalware.suspect | tr -d '\n')
58 58
 
59
-# Search for .php files (less than 1M).
60
-find $wwwpath -name evobackup -prune -o \( -type f ! -size +1M -name "*.php" \) \
59
+# Search for .php and .js files (less than 1M).
60
+find $wwwpath -name evobackup -prune \
61
+    -o \( -type f ! -size +1M -name "*.php" \) \
62
+    -o \( -type f ! -size +1M -name "*.js" \) \
61 63
     | grep -E -v "$whitelist" > $fileslist 2>/dev/null
62 64
 while read file; do
63 65
     # Search known filenames.
@@ -70,7 +72,10 @@ while read file; do
70 72
     elif [[ $($wc -L "$file" 2>/dev/null | cut -d' ' -f1) -gt 10000 ]]; then
71 73
         grep -q -E "$suspect" "$file"
72 74
         if [[ $? -eq 0 ]]; then
73
-            echo "Suspect file! More than 10000 characters in one line (and suspect PHP functions): $file."
75
+            # Don't suspect "one line" .js file due to common minification.
76
+            if [[ ! "$file" =~ .js$ ]]; then
77
+                echo "Suspect file! More than 10000 characters in one line (and suspect PHP functions): $file."
78
+            fi
74 79
         fi
75 80
     else
76 81
         # Search for patterns.

Chargement…
Annuler
Enregistrer