Continued:

- sorted commands

diff --git a/libs/lib_detector.php b/libs/lib_detector.php
index c139b28370d9543dcdf62a1d28fd4f8cd98c4d22..4266f182cf83c1c7bf8963d398f7804ad2341d70 100644 (file)
--- a/libs/lib_detector.php
+++ b/libs/lib_detector.php
@@ -174,19 +174,26 @@ function initCrackerTrackerArrays () {
                // SQL commands
                'drop database', 'drop table',
 
-               // Compiler/interpreter
-               'bin/g++ ', 'bin/c++ ', 'cc ', 'bin/python', 'bin/python', 'bin/tclsh',
-               'bin/tclsh', 'bin/nasm', '/perl', 'wget ', 'system(', 'curl ',
+               // Compiler / interpreter (Linux)
+               'bin/g++ ', 'bin/c++ ', 'cc ', 'bin/python', 'bin/tclsh', 'bin/nasm', 'bin/perl',
+
+               // Fetch tools
+               'wget ', 'curl ',
 
                // Windows-related
                'cmd.exe', 'nc.exe', 'ftp.exe', 'powershell', 'system.net.webclient',
+               'perl.exe', 'python.exe', 'python3.exe', 'bash.exe',
 
                // php.ini settings
                'allow_url_fopen', 'allow_url_include', 'auto_prepend_file', 'disable_functions', 'safe_mode',
 
-               // PHP commands/scripts
+               // PHP commands to execute local shell commands
+               // @see https://de.php.net/<system|passtyhru>
+               'system(', 'passthru',
+
+               // More PHP commands/scripts
                'fopen', 'fwrite', 'phpinfo()', '\<?', '?\>', 'base64_decode', 'file_put_contents',
-               'set_magic_quotes_runtime', 'set_magic_quotes_runtime', 'display_errors', 'passthru',
+               'set_magic_quotes_runtime', 'set_magic_quotes_runtime', 'display_errors',
                'set_time_limit',
 
                // Server configuration (e.g. Apache)