Skip to content

Commit

Permalink
feat: add auto prompt flags
Browse files Browse the repository at this point in the history
  • Loading branch information
marcocesarato committed Oct 5, 2020
1 parent 3be18d3 commit 95ce352
Show file tree
Hide file tree
Showing 4 changed files with 105 additions and 25 deletions.
21 changes: 16 additions & 5 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

# AMWSCAN - PHP Antimalware Scanner

**Version:** 0.5.1.72 beta
**Version:** 0.5.2.75 beta

**Github:** https://github.com/marcocesarato/PHP-Antimalware-Scanner

Expand All @@ -16,6 +16,9 @@ The package can also scan the PHP files without outputting anything to the termi
This scanner can work on your own php projects and on a lot of others platform.
Use this command `php -d disable_functions` for run the program without issues.

*PS:* Remember that you will be solely responsible for any damage to your computer system or loss of data that results from such activities.
You are solely responsible for adequate protection and backup of the data before execute the scanner.

## Requirements

- php 5+
Expand Down Expand Up @@ -122,10 +125,10 @@ When a malware is detected you will have the following choices (except when scan

- Delete file
- Move to quarantine `(move to ./quarantine)`
- Try remove evil code
- Try remove evil line code
- Open/Edit with vim `(need php -d disable_functions='')`
- Open/Edit with nano `(need php -d disable_functions='')`
- Dry run evil code fixer `(fix code and confirm after a visual check)`
- Dry run evil line code fixer `(fix code and confirm after a visual check)`
- Open with vim `(need php -d disable_functions='')`
- Open with nano `(need php -d disable_functions='')`
- Add to whitelist `(add to ./scanner_whitelist.csv)`
- Show source
- Ignore
Expand Down Expand Up @@ -166,6 +169,14 @@ Flags:
--silent - No output and prompt
--auto-prompt="" - Set auto prompt command ex. --auto-prompt="1" (alias of auto-delete)
--auto-clean - Auto clean code (without confirmation, CARE could be DANGEROUS)
--auto-clean-line - Auto clean line code (without confirmation, CARE could be DANGEROUS)
--auto-delete - Auto delete infected (without confirmation, CARE could be DANGEROUS)
--auto-quarantine - Auto quarantine
--auto-skip - Auto skip
Notes:
For open files with nano or vim run the scripts with "-d disable_functions=''"
Expand Down
Binary file modified dist/scanner
Binary file not shown.
97 changes: 77 additions & 20 deletions src/Application.php
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ class Application
*
* @var string
*/
public static $version = '0.5.1.74';
public static $version = '0.5.2.75';

/**
* Root path.
Expand Down Expand Up @@ -204,6 +204,13 @@ class Application
*/
public static $filterPaths = array();

/**
* Prompt.
*
* @var string
*/
public static $prompt;

/**
* Application constructor.
*/
Expand Down Expand Up @@ -314,6 +321,12 @@ private function arguments($args = null)
self::$argv->addFlag('silent', array('default' => false));
self::$argv->addFlag('ignore-paths', array('alias' => '--ignore-path', 'default' => null, 'has_value' => true));
self::$argv->addFlag('filter-paths', array('alias' => '--filter-path', 'default' => null, 'has_value' => true));
self::$argv->addFlag('auto-clean', array('default' => false));
self::$argv->addFlag('auto-clean-line', array('default' => false));
self::$argv->addFlag('auto-delete', array('default' => false));
self::$argv->addFlag('auto-quarantine', array('default' => false));
self::$argv->addFlag('auto-skip', array('default' => false));
self::$argv->addFlag('auto-prompt', array('default' => null, 'has_value' => true));
self::$argv->addArgument('path', array('var_args' => true, 'default' => ''));
self::$argv->parse($args);

Expand Down Expand Up @@ -477,6 +490,37 @@ private function arguments($args = null)
unset(self::$settings['log']);
}

// Prompt
if (isset(self::$argv['auto-clean']) && self::$argv['auto-clean']) {
self::$settings['report'] = false;
self::$prompt = '3';
}

if (isset(self::$argv['auto-clean-line']) && self::$argv['auto-clean-line']) {
self::$settings['report'] = false;
self::$prompt = '4';
}

if (isset(self::$argv['auto-delete']) && self::$argv['auto-delete']) {
self::$settings['report'] = false;
self::$prompt = '1';
}

if (isset(self::$argv['auto-quarantine']) && self::$argv['auto-quarantine']) {
self::$settings['report'] = false;
self::$prompt = '2';
}

if (isset(self::$argv['auto-skip']) && self::$argv['auto-skip']) {
self::$settings['report'] = false;
self::$prompt = '-';
}

if (isset(self::$argv['auto-prompt']) && !empty(self::$argv['auto-prompt'])) {
self::$settings['report'] = false;
self::$prompt = self::$argv['auto-prompt'];
}

// Check for path or functions as first argument
$arg = self::$argv->arg(0);
if (!empty($arg)) {
Expand Down Expand Up @@ -862,17 +906,21 @@ private function scan($iterator)
Console::writeLine('File path: ' . $_FILE_PATH, 1, 'yellow');
Console::writeLine('Exploits found: ' . Console::eol(1) . implode(Console::eol(1), array_keys($pattern_found)), 2, 'red');
Console::displayLine('OPTIONS:', 2);
$confirmation = Console::choice('What is your choice? ', array(
1 => 'Delete file',
2 => 'Move to quarantine',
3 => 'Try remove evil code',
4 => 'Try remove evil line code',
5 => 'Open/Edit with vim',
6 => 'Open/Edit with nano',
7 => 'Add to whitelist',
8 => 'Show source',
'-' => 'Ignore',
));

$confirmation = self::$prompt;
if (self::$prompt === null) {
$confirmation = Console::choice('What is your choice? ', array(
1 => 'Delete file',
2 => 'Move to quarantine',
3 => 'Dry run evil code fixer',
4 => 'Dry run evil line code fixer',
5 => 'Open with vim',
6 => 'Open with nano',
7 => 'Add to whitelist',
8 => 'Show source',
'-' => 'Ignore',
));
}
Console::newLine();

$last_command = $confirmation;
Expand All @@ -881,9 +929,12 @@ private function scan($iterator)
if (in_array($confirmation, array('1'))) {
// Remove file
Console::writeLine('File path: ' . $_FILE_PATH, 1, 'yellow');
$confirm2 = Console::read('Want delete this file [y|N]? ', 'purple');
$confirm2 = 'y';
if (self::$prompt === null) {
$confirm2 = Console::read('Want delete this file [y|N]? ', 'purple');
}
Console::newLine();
if ($confirm2 == 'y') {
if ($confirm2 === 'y') {
unlink($_FILE_PATH);
self::$summaryRemoved[] = $_FILE_PATH;
Console::writeLine("File '$_FILE_PATH' removed!", 2, 'green');
Expand Down Expand Up @@ -923,9 +974,12 @@ private function scan($iterator)
Console::display(Console::title('', '='), 'black', 'green');
Console::newLine(2);
Console::displayLine('File sanitized, now you must verify if has been fixed correctly.', 2, 'yellow');
$confirm2 = Console::read('Confirm and save [y|N]? ', 'purple');
$confirm2 = 'y';
if (self::$prompt === null) {
$confirm2 = Console::read('Confirm and save [y|N]? ', 'purple');
}
Console::newLine();
if ($confirm2 == 'y') {
if ($confirm2 === 'y') {
Console::writeLine("File '$_FILE_PATH' sanitized!", 2, 'green');
file_put_contents($_FILE_PATH, $fc);
self::$summaryRemoved[] = $_FILE_PATH;
Expand All @@ -937,7 +991,7 @@ private function scan($iterator)
// Remove evil line code
$fc_expl = explode(PHP_EOL, $fc);
foreach ($pattern_found as $pattern) {
unset($fc_expl[intval($pattern['line']) - 1]);
unset($fc_expl[(int)$pattern['line'] - 1]);
}
$fc = implode(PHP_EOL, $fc_expl);

Expand All @@ -949,9 +1003,12 @@ private function scan($iterator)
Console::display(Console::title('', '='), 'black', 'green');
Console::newLine(2);
Console::displayLine('File sanitized, now you must verify if has been fixed correctly.', 2, 'yellow');
$confirm2 = Console::read('Confirm and save [y|N]? ', 'purple');
$confirm2 = 'y';
if (self::$prompt === null) {
$confirm2 = Console::read('Confirm and save [y|N]? ', 'purple');
}
Console::newLine();
if ($confirm2 == 'y') {
if ($confirm2 === 'y') {
Console::writeLine("File '$_FILE_PATH' sanitized!", 2, 'green');
file_put_contents($_FILE_PATH, $fc);
self::$summaryRemoved[] = $_FILE_PATH;
Expand Down Expand Up @@ -990,7 +1047,7 @@ private function scan($iterator)
break;
}
}
$summary_edited[] = $_FILE_PATH;
self::$summaryEdited[] = $_FILE_PATH;
Console::writeLine("File '$_FILE_PATH' edited with nano!", 2, 'green');
self::$summaryRemoved[] = $_FILE_PATH;
} elseif (in_array($confirmation, array('7'))) {
Expand Down
12 changes: 12 additions & 0 deletions src/Console.php
Original file line number Diff line number Diff line change
Expand Up @@ -505,6 +505,10 @@ public static function helper()
$dir = Application::currentDirectory();
$help = <<<EOD
IMPORTANT: You will be solely responsible for any damage to your computer system or loss of data
that results from such activities. You are solely responsible for adequate protection and backup
of the data before execute the scanner.
Arguments:
<path> - Define the path to scan (default: current directory)
($dir)
Expand Down Expand Up @@ -538,6 +542,14 @@ public static function helper()
--list-functions - Get default functions lists
--silent - No output and prompt
--auto-prompt="" - Set auto prompt command ex. --auto-prompt="1" (alias of auto-delete)
--auto-clean - Auto clean code (without confirmation, CARE could be DANGEROUS)
--auto-clean-line - Auto clean line code (without confirmation, CARE could be DANGEROUS)
--auto-delete - Auto delete infected (without confirmation, CARE could be DANGEROUS)
--auto-quarantine - Auto quarantine
--auto-skip - Auto skip
Notes:
For open files with nano or vim run the scripts with "-d disable_functions=''"
Expand Down

0 comments on commit 95ce352

Please sign in to comment.