Open Zodiac1978 opened 4 years ago
Another one could be preventing to show errors:
error_reporting(0);
After reading the blog post, we could add visitorTracker_isMob
to the list of bad words.
From #14
According to OWASP there are more filesystem function we could check for:
bzopen
and gzopen
and chgrp
, chown
and chmod
And some information disclosure functions like phpinfo
, getenv
, getmygid/pid/uid
.
And for obfuscation functions like:
str_rot13
We could add some more words to the Regex check: https://github.com/pluginkollektiv/antivirus/blob/master/inc/class-antivirus-checkinternals.php#L154
Like functions for adding new administrators (as seen in a recent hack I cleaned up):
Maybe more concrete, like
set_role( 'administrator' )