scr34m
commented
6 years ago Well the eval\/\*[a-z0-9]+\*\/, \\[Xx](5[Ff]) and ^.*<\?php.{1100,}\?>.*$ patterns matching the example :) but i made a new pattern as you mentioned.
Closed jaygilmore closed 6 years ago
scr34m
commented
6 years ago Well the eval\/\*[a-z0-9]+\*\/, \\[Xx](5[Ff]) and ^.*<\?php.{1100,}\?>.*$ patterns matching the example :) but i made a new pattern as you mentioned.
jaygilmore
commented
6 years ago oddly that file was not caught when we ran the scanner. I'll check now that the code has been updated. Thanks so much. You rock 🤘🏻
We were using the following search pattern on our own before we found your tool:
grep -rlF -e '$GLOBALS;${"\x' www/It does an excellent job of finding things like the following file: https://gist.github.com/jaygilmore/f8d8fab347b7a746ed7087bd992b214c (note the bad code is all on line 1. You can see as viewed raw: https://gist.githubusercontent.com/jaygilmore/f8d8fab347b7a746ed7087bd992b214c/raw/95e72f5c30b564c6848a8d2d32545b84bbef5d91/globals-x.php)