From 00d3bd072796336a7b243eb11a74412ef9c15b1f Mon Sep 17 00:00:00 2001
From: Julien (jvoisin) Voisin
Date: Wed, 11 May 2016 13:18:51 +0200
Subject: Fix the tests

---
 php-malware-finder/tests.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/php-malware-finder/tests.sh b/php-malware-finder/tests.sh
index 3aaceea..42c2456 100755
--- a/php-malware-finder/tests.sh
+++ b/php-malware-finder/tests.sh
@@ -3,6 +3,8 @@
 PMF=./phpmalwarefinder
 SAMPLES=./samples
 
+type yara 2>/dev/null 1>&2 || (echo "[-] Please make sure that yara is installed" && exit 1)
+
 CPT=0
 run_test(){
     NB_DETECTED=$(${PMF} -v "$SAMPLES"/"$1" | grep -c "$2" 2>/dev/null)
@@ -32,11 +34,9 @@ run_test freepbx.php 'DodgyPhp'
 run_test freepbx.php '0x31d:$execution: system(base64_decode'
 
 # Classic shells
-run_test classic/ajaxshell.php 'ObfuscatedPhp'
 run_test classic/ajaxshell.php 'DodgyStrings'
 run_test classic/ajaxshell.php 'Websites'
 run_test classic/ajaxshell.php '0x23e2:$: shell_exec'
-run_test classic/ajaxshell.php '0x2380:$eval: {\\x0A\\x09\\x09\\x09\\x09\\x09system('
 run_test classic/ajaxshell.php "0x16e0:\$ini_get: ini_get('safe_mode"
 run_test classic/ajaxshell.php "0x17f1:\$ini_get: ini_get('open_basedir"
 run_test classic/angel.php '0x1d:$disable_magic_quotes:'
-- 
cgit v1.3