Adding support for .js files

This commit is contained in:
Benoît S. 2018-10-19 15:05:53 +02:00
parent 59ad4ea20e
commit 25c3aafba0
1 changed files with 8 additions and 3 deletions

View File

@ -56,8 +56,10 @@ patterns=$(cat ${databasePATH}/evomalware.patterns | tr -d '\n')
whitelist=$(cat ${databasePATH}/evomalware.whitelist $whitelistLocal | tr -d '\n')
suspect=$(cat ${databasePATH}/evomalware.suspect | tr -d '\n')
# Search for .php files (less than 1M).
find $wwwpath -name evobackup -prune -o \( -type f ! -size +1M -name "*.php" \) \
# Search for .php and .js files (less than 1M).
find $wwwpath -name evobackup -prune \
-o \( -type f ! -size +1M -name "*.php" \) \
-o \( -type f ! -size +1M -name "*.js" \) \
| grep -E -v "$whitelist" > $fileslist 2>/dev/null
while read file; do
# Search known filenames.
@ -70,8 +72,11 @@ while read file; do
elif [[ $($wc -L "$file" 2>/dev/null | cut -d' ' -f1) -gt 10000 ]]; then
grep -q -E "$suspect" "$file"
if [[ $? -eq 0 ]]; then
# Don't suspect "one line" .js file due to common minification.
if [[ ! "$file" =~ .js$ ]]; then
echo "Suspect file! More than 10000 characters in one line (and suspect PHP functions): $file."
fi
fi
else
# Search for patterns.
$grep -H -E -r -l -q "$patterns" "$file" 2>/dev/null