Make application go-install-able and create a docker image

author: Mathieu Deous 2022-05-02 20:18:23 +0200
committer: GitHub 2022-05-02 20:18:23 +0200
commit: 48936efa96ae17295be4e0a71be3294f0ec6aef8 (patch)
tree: f4e69551f1368aa048edf46b7b061600f3668329 /tests.sh
parent: bbc738e16f8b637afde58d65196374af98a5e0e2 (diff)
1 files changed, 9 insertions, 9 deletions
diff --git a/php-malware-finder/tests.sh b/tests.sh
index f8c5109..a302031 100755
--- a/php-malware-finder/tests.sh
+++ b/tests.sh
@@ -1,7 +1,7 @@
 #!/bin/bash
-PMF=./phpmalwarefinder
+PMF=./php-malware-finder
-SAMPLES=./samples
+SAMPLES=./data/samples
 type yara 2>/dev/null 1>&2 || (echo "[-] Please make sure that yara is installed" && exit 1)
@@ -29,17 +29,17 @@ run_test classic/ajaxshell.php 'DodgyStrings'
 run_test classic/ajaxshell.php '0x23e2:$: shell_exec'
 run_test classic/ajaxshell.php "0x16e0:\$ini_get: ini_get('safe_mode"
 run_test classic/ajaxshell.php "0x17f1:\$ini_get: ini_get('open_basedir"
-run_test classic/angel.php '0x1d:$disable_magic_quotes:'
+run_test classic/angel.php '0x1b:$disable_magic_quotes:'
 run_test classic/b374k.php 'ObfuscatedPhp'
 run_test classic/b374k.php "0xe9:\$b374k: 'ev'.'al'"
 run_test classic/b374k.php '0xb3:$align: $func="cr"."eat"."e_fun"."cti"."on";$b374k=$func('
 run_test classic/b374k.php '0xd6:$align: ;$b374k=$func('
 run_test classic/b374k.php '0x43:$: github.com/b374k/b374k'
-run_test classic/sosyete.php '0x1a2d:$execution: shell_exec($_POST'
+run_test classic/sosyete.php '0x194e:$execution: shell_exec($_POST'
-run_test classic/simattacker.php '0x16e:$: fpassthru'
+run_test classic/simattacker.php '0x158:$: fpassthru'
-run_test classic/r57.php '0x149da:$: xp_cmdshell'
+run_test classic/r57.php '0x142a2:$: xp_cmdshell'
-run_test classic/cyb3rsh3ll.php '0x23323:$udp_dos: fsockopen("udp://'
+run_test classic/cyb3rsh3ll.php '0x2200d:$udp_dos: fsockopen("udp://'
-run_test classic/c99.php '0x3d56:$eval: {exec('
+run_test classic/c99.php '0x3bb4:$eval: {exec('
 run_test classic/c100.php '0x4f8d:$eval: {eval('
 # Obfuscated php
@@ -81,7 +81,7 @@ run_test artificial/bypasses.php "0x132:\$var_as_func: \$_POST\['funct'\]("
 # real
 run_test real/sucuri_2014_04.php '0x67:$execution3:'
 run_test real/novahot.php 'DodgyStrings'
-run_test real/guidtz.php '0x12d8:$non_printables:'
+run_test real/guidtz.php '0x286:$non_printables:'
 run_test real/ice.php 'double_var'
 run_test real/srt.php '$register_function'
 run_test real/awvjtnz.php '$reversed:'
author	Mathieu Deous	2022-05-02 20:18:23 +0200
committer	GitHub	2022-05-02 20:18:23 +0200
commit	48936efa96ae17295be4e0a71be3294f0ec6aef8 (patch)
tree	f4e69551f1368aa048edf46b7b061600f3668329 /tests.sh
parent	bbc738e16f8b637afde58d65196374af98a5e0e2 (diff)

diff --git a/php-malware-finder/tests.sh b/tests.sh index f8c5109..a302031 100755 --- a/php-malware-finder/tests.sh +++ b/tests.sh
@@ -1,7 +1,7 @@
1	#!/bin/bash	1	#!/bin/bash
2		2
3	PMF=./phpmalwarefinder	3	PMF=./php-malware-finder
4	SAMPLES=./samples	4	SAMPLES=./data/samples
5		5
6	type yara 2>/dev/null 1>&2 \|\| (echo "[-] Please make sure that yara is installed" && exit 1)	6	type yara 2>/dev/null 1>&2 \|\| (echo "[-] Please make sure that yara is installed" && exit 1)
7		7
@@ -29,17 +29,17 @@ run_test classic/ajaxshell.php 'DodgyStrings'
29	run_test classic/ajaxshell.php '0x23e2:$: shell_exec'	29	run_test classic/ajaxshell.php '0x23e2:$: shell_exec'
30	run_test classic/ajaxshell.php "0x16e0:\$ini_get: ini_get('safe_mode"	30	run_test classic/ajaxshell.php "0x16e0:\$ini_get: ini_get('safe_mode"
31	run_test classic/ajaxshell.php "0x17f1:\$ini_get: ini_get('open_basedir"	31	run_test classic/ajaxshell.php "0x17f1:\$ini_get: ini_get('open_basedir"
32	run_test classic/angel.php '0x1d:$disable_magic_quotes:'	32	run_test classic/angel.php '0x1b:$disable_magic_quotes:'
33	run_test classic/b374k.php 'ObfuscatedPhp'	33	run_test classic/b374k.php 'ObfuscatedPhp'
34	run_test classic/b374k.php "0xe9:\$b374k: 'ev'.'al'"	34	run_test classic/b374k.php "0xe9:\$b374k: 'ev'.'al'"
35	run_test classic/b374k.php '0xb3:$align: $func="cr"."eat"."e_fun"."cti"."on";$b374k=$func('	35	run_test classic/b374k.php '0xb3:$align: $func="cr"."eat"."e_fun"."cti"."on";$b374k=$func('
36	run_test classic/b374k.php '0xd6:$align: ;$b374k=$func('	36	run_test classic/b374k.php '0xd6:$align: ;$b374k=$func('
37	run_test classic/b374k.php '0x43:$: github.com/b374k/b374k'	37	run_test classic/b374k.php '0x43:$: github.com/b374k/b374k'
38	run_test classic/sosyete.php '0x1a2d:$execution: shell_exec($_POST'	38	run_test classic/sosyete.php '0x194e:$execution: shell_exec($_POST'
39	run_test classic/simattacker.php '0x16e:$: fpassthru'	39	run_test classic/simattacker.php '0x158:$: fpassthru'
40	run_test classic/r57.php '0x149da:$: xp_cmdshell'	40	run_test classic/r57.php '0x142a2:$: xp_cmdshell'
41	run_test classic/cyb3rsh3ll.php '0x23323:$udp_dos: fsockopen("udp://'	41	run_test classic/cyb3rsh3ll.php '0x2200d:$udp_dos: fsockopen("udp://'
42	run_test classic/c99.php '0x3d56:$eval: {exec('	42	run_test classic/c99.php '0x3bb4:$eval: {exec('
43	run_test classic/c100.php '0x4f8d:$eval: {eval('	43	run_test classic/c100.php '0x4f8d:$eval: {eval('
44		44
45	# Obfuscated php	45	# Obfuscated php
@@ -81,7 +81,7 @@ run_test artificial/bypasses.php "0x132:\$var_as_func: \$_POST\['funct'\]("
81	# real	81	# real
82	run_test real/sucuri_2014_04.php '0x67:$execution3:'	82	run_test real/sucuri_2014_04.php '0x67:$execution3:'
83	run_test real/novahot.php 'DodgyStrings'	83	run_test real/novahot.php 'DodgyStrings'
84	run_test real/guidtz.php '0x12d8:$non_printables:'	84	run_test real/guidtz.php '0x286:$non_printables:'
85	run_test real/ice.php 'double_var'	85	run_test real/ice.php 'double_var'
86	run_test real/srt.php '$register_function'	86	run_test real/srt.php '$register_function'
87	run_test real/awvjtnz.php '$reversed:'	87	run_test real/awvjtnz.php '$reversed:'