A simple, lightweight framework to detect potential suspicious/malicious PHP Code and few other commons sources of problems. Fully extensible with plugins (Check & Report) support...
@copyright Ackwa.fr - 2014
http://mydomain.com/Malicious/index.php?s=mysecretkey
php index.php -s=mysecretkey
Active plugins are defined in config.phpviaMCS_PLUGINS(Check) andMCS_REPORTS` (Report) constants:
define('MCS_PLUGINS' , 'readable,big');
define('MCS_REPORTS' , 'echo');
You can declare more than one configuration :
define('MCS_PLUGINS_1' , 'readable,exec,eval');
define('MCS_REPORTS_1' , 'echo,log');
And use this new configuration with c and r parameters :
http://mydomain.com/Malicious/index.php?s=mysecretkey&c=1&r=1
| Name | Description |
|---|---|
| readable | Check if files are readable |
| writable | Check if files are writable |
| updated | Check if files has been updated since last check |
| shelldb | Track PHP files in regards of PHP Shell Detector database |
| eval | Track PHP files with suspect "eval()" |
| exec | Track PHP files with exec(), system()... |
| longline | Track PHP files with very long lines |
| big | Track big files and files larger "than post_max_size" |
| hidden | Track hidden files and directories (.xxx) |
| empty | Track empty files |
| cms | In progress |
| image | In progress |
| syntax | In progress |
| metrics | In progress |
| change | In progress |
| footprint | In progress |
| perm | In progress |
| token | In progress |
| ini | In progress |
| htaccess | In progress |
| mime | In progress |
| Name | Description |
|---|---|
| echo | Display results to browser / screen |
| log | Log results in malicious.log |
| Send results via e-mail | |
| html | In progress |
| In progress | |
| sms | In progress |
| Analytics | In progress |
- How to Tell if Your PHP Site has been Hacked or Compromised
- Exploitable PHP functions
- Code injection – a simple PHP virus carried in a JPEG image
- Webshell
- More plugins
- Documentation
This software is provided "as is" without warranty of any kind, either express or implied, including but not limited to the implied warranties of merchantability and fitness for a particular purpose. In no event shall the author be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if the author has been advised of the possibility of such damages.