See pull request 18.
I found this malware today on a customer site, and it is not detected by the tool yet. It even get a negative score of -3 :
Rules matched :
VERY_LONG_LINE +5
HAS_EVAL +2
HAS_BASE64DECODE +2
MANY_LINES -2
PHP_COMMENTS -2
First, I think line counting should not count comments with /* */ syntax
Then, I would lower PHP_COMMENTS score from 10 to 5.
Finally, I think we should bump eval() usage. in 2017, 100% usage of this function is for malwares. I would raise it from 2 to 5.
Before modifying phpscanner.py, I wanted to discuss about it here.
See pull request 18.
I found this malware today on a customer site, and it is not detected by the tool yet. It even get a negative score of -3 :
Rules matched :
VERY_LONG_LINE +5
HAS_EVAL +2
HAS_BASE64DECODE +2
MANY_LINES -2
PHP_COMMENTS -2
First, I think line counting should not count comments with /* */ syntax
Then, I would lower PHP_COMMENTS score from 10 to 5.
Finally, I think we should bump eval() usage. in 2017, 100% usage of this function is for malwares. I would raise it from 2 to 5.
Before modifying phpscanner.py, I wanted to discuss about it here.