K-vanc
commented
5 days ago Hi,
I believe you are getting some false positive or someone reported tempest.php file as dangerous or you have another issue and also tempest.php file is being quarantined together with that problem but there is no malware or miner or etc in php file.
tempest.php file is not encrypted but it is only shuffled(made it hard to read) to hide my siteconfig protection. All variable names, all strings, all functions, all other things are staying as it is as in my original file and searchable with notepad. Anyway, it is always upto users to decide what is safe and what is not safe. You can try your luck with fully closed source .exe grabber alternatives
Toei79
tempest.php downloaded from the Releases section of this Github repository. After scheduled scan for malware, The antivirus app show that:
After some testing i have found that my copy of tempest.php is missing, so i downloaded it again and put it in the same location. After that i started scanning manually and what happened? Again the same malware have been detected. Maybe the author have put some present in php file. Be warned!!!
OS Details (Not required for Request)
Please choose your OS
Please write your version details (Below not required for Docker)
PHP Version: 5.6.40
Tempest Version: 1.7.0.0
Please write your web server name(Apache/Nginx etc.) or tick shared host if you are running on a shared host service / server (VPS, Web Hosting etc.)
Web Server Name: Apache
[ ] Shared Host
Expected Behavior (Not required for Request)
Tempest script to be running and to be clean from mallware.
Current Behavior (Not required for Request)
Tempest script running successfully, but infect devices with mallware - Bitcoin miner.
Steps to Reproduce (Not required for Request/Question)
Download the tempest.php to your webserver public_html directory. Scan this directory with antivirus software for Linux.