1 files changed, 0 insertions, 39 deletions
diff --git a/php-malware-finder/docroot-check.sh b/php-malware-finder/docroot-check.sh
deleted file mode 100644
index 11aa4f9..0000000
--- a/php-malware-finder/docroot-check.sh
+++ /dev/null
@@ -1,39 +0,0 @@
-#!/usr/bin/env bash
-PATH=/usr/bin:/bin:/sbin:/usr/sbin
-apache_confdir="/etc/apache2/sites-available"
-pmf_conf="/etc/phpmalwarefinder/php.yar"
-pmf_cachedir="/tmp"
-# grab the different document roots to scan each and everyone of them
-for docroot in $(grep -o 'DocumentRoot.*' $apache_confdir/* | \
-               awk '{if ($2 ~ "/data/www/*") print $2}') ; do
-    
-  vhost_outdir=$(echo $docroot |egrep -o '[^/]*/[^/]*$')
-  mkdir -p $pmf_cachedir/$vhost_outdir
-  pmf_sha1=$pmf_cachedir/$vhost_outdir/sha1sum.$(date +"%d-%m-%Y")
-  last_pmf_sha1=$pmf_cachedir/$vhost_outdir/sha1sum.$(date +"%d-%m-%Y" --date="7 days ago")
-  # compute PHP files sha1sum and compare them to last report to reduce the
-  # amout of files yara has to scan
-  find $docroot -type f -iname "*php" -exec sha1sum {} \; > $pmf_sha1
-  if [ -f $last_pmf_sha1 ] ; then
-    diff -u $pmf_sha1 $last_pmf_sha1 | grep ^+[A-Z] | sed -e 's/^+[^\ ]*//g' > \
-    /tmp/diff.txt
-    for file in $(cat /tmp/diff.txt); do
-      yara $pmf_conf >> $pmf_cachedir/$vhost_outdir/cron.out 2>&1 
-    done
-  else
-  # first scan or last scan result is missing
-    SAVEIFS=$IFS
-    IFS=$(echo -en "\n\b")
-    find $docroot -type f -iname "*php" -exec yara $pmf_conf {} > \
-    $pmf_cachedir/$vhost_outdir/cron.out 2>&1 \;
-  fi;
-  if [ -s $pmf_cachedir/$vhost_outdir/cron.out ]; then
-    cat $pmf_cachedir/$vhost_outdir/cron.out | \
-    mail -s "PMF REPORT:$(uname -n) DocumentRoot $docroot" jre@nbs-system.com
-  fi;
-done

diff --git a/php-malware-finder/docroot-check.sh b/php-malware-finder/docroot-check.sh deleted file mode 100644 index 11aa4f9..0000000 --- a/php-malware-finder/docroot-check.sh +++ /dev/null
@@ -1,39 +0,0 @@
1	#!/usr/bin/env bash
2
3	PATH=/usr/bin:/bin:/sbin:/usr/sbin
4	apache_confdir="/etc/apache2/sites-available"
5	pmf_conf="/etc/phpmalwarefinder/php.yar"
6	pmf_cachedir="/tmp"
7
8	# grab the different document roots to scan each and everyone of them
9	for docroot in $(grep -o 'DocumentRoot.' $apache_confdir/ \| \
10	awk '{if ($2 ~ "/data/www/*") print $2}') ; do
11
12	vhost_outdir=$(echo $docroot \|egrep -o '[^/]/[^/]$')
13	mkdir -p $pmf_cachedir/$vhost_outdir
14	pmf_sha1=$pmf_cachedir/$vhost_outdir/sha1sum.$(date +"%d-%m-%Y")
15	last_pmf_sha1=$pmf_cachedir/$vhost_outdir/sha1sum.$(date +"%d-%m-%Y" --date="7 days ago")
16
17	# compute PHP files sha1sum and compare them to last report to reduce the
18	# amout of files yara has to scan
19	find $docroot -type f -iname "*php" -exec sha1sum {} \; > $pmf_sha1
20
21	if [ -f $last_pmf_sha1 ] ; then
22	diff -u $pmf_sha1 $last_pmf_sha1 \| grep ^+[A-Z] \| sed -e 's/^+[^\ ]*//g' > \
23	/tmp/diff.txt
24	for file in $(cat /tmp/diff.txt); do
25	yara $pmf_conf >> $pmf_cachedir/$vhost_outdir/cron.out 2>&1
26	done
27	else
28	# first scan or last scan result is missing
29	SAVEIFS=$IFS
30	IFS=$(echo -en "\n\b")
31	find $docroot -type f -iname "*php" -exec yara $pmf_conf {} > \
32	$pmf_cachedir/$vhost_outdir/cron.out 2>&1 \;
33	fi;
34
35	if [ -s $pmf_cachedir/$vhost_outdir/cron.out ]; then
36	cat $pmf_cachedir/$vhost_outdir/cron.out \| \
37	mail -s "PMF REPORT:$(uname -n) DocumentRoot $docroot" jre@nbs-system.com
38	fi;
39	done