Merge pull request #77 from dryabov/patch-11

2024-11-30 16:53:59 +00:00 · 2021-01-27 15:15:04 +02:00 · 2021-01-27 15:15:04 +02:00 · f22a82d6cf
commit f22a82d6cf
parent 8daf37c327 fa5eb52dd6
1 changed files with 2 additions and 2 deletions
--- a/administrator/components/com_jedchecker/libraries/rules/jamss.php
+++ b/administrator/components/com_jedchecker/libraries/rules/jamss.php
@ -188,8 +188,8 @@ class JedcheckerRulesJamss extends JEDcheckerRule
 						'Probably malicious PHP script that "calls home"',
 						'16',
 						'Detected script variations often used to inform the attackers about found vulnerable website.',),
-						array('(?:(?:eval|gzuncompress|gzinflate|base64_decode|str_rot13|strrev|strtr|preg_replace|rawurldecode|' .
-						'str_replace|assert|unpack|urldecode)[\s/\*\w\W\(]*){2,}',
+						array('(?:(?:eval|gzuncompress|gzinflate|base64_decode|str_rot13|strrev|strtr|rawurldecode|' .
+						'assert|unpack|urldecode)[\s/\*\w\W\(]*){2,}',
 						'PHP: multiple encoded, most probably obfuscated code found',
 						'17',
 						'This pattern could be used in highly encoded, malicious code hidden under a loop of code obfuscation function ' .