summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--php-malware-finder/malwares.yara11
1 files changed, 11 insertions, 0 deletions
diff --git a/php-malware-finder/malwares.yara b/php-malware-finder/malwares.yara
index dc46b24..06b64c4 100644
--- a/php-malware-finder/malwares.yara
+++ b/php-malware-finder/malwares.yara
@@ -148,8 +148,19 @@ rule DangerousPhp
148 $ = "phpinfo" fullword 148 $ = "phpinfo" fullword
149 $ = "posix_geteuid" fullword 149 $ = "posix_geteuid" fullword
150 $ = "posix_getgid" fullword 150 $ = "posix_getgid" fullword
151 $ = "posix_getpgid" fullword
152 $ = "posix_getppid" fullword
153 $ = "posix_getpwnam" fullword
151 $ = "posix_getpwuid" fullword 154 $ = "posix_getpwuid" fullword
155 $ = "posix_getsid" fullword
152 $ = "posix_getuid" fullword 156 $ = "posix_getuid" fullword
157 $ = "posix_kill" fullword
158 $ = "posix_setegid" fullword
159 $ = "posix_seteuid" fullword
160 $ = "posix_setgid" fullword
161 $ = "posix_setpgid" fullword
162 $ = "posix_setsid" fullword
163 $ = "posix_setsid" fullword
153 $ = "posix_setuid" fullword 164 $ = "posix_setuid" fullword
154 $ = "preg_replace_callback" fullword 165 $ = "preg_replace_callback" fullword
155 $ = "proc_open" fullword 166 $ = "proc_open" fullword