diff --git a/detection.py b/detection.py index ac789ea..adfcdd2 100644 --- a/detection.py +++ b/detection.py @@ -62,7 +62,6 @@ def analysis(path, plain): for vuln_content in matches: payload = ["", "High Entropy String", []] - if shannon_entropy(vuln_content, BASE64_CHARS) >= 4.1 or \ shannon_entropy(vuln_content, HEX_CHARS) >= 2.5: add_vuln_var(payload, plain, path, vuln_content, content, regex_var_detect) diff --git a/test/configuration.php b/test/configuration.php index 73bb3ac..7dec20a 100644 --- a/test/configuration.php +++ b/test/configuration.php @@ -19,6 +19,7 @@ $fakeAPI1 = "AIzad8e8fca2dc0f896fd7cb4cb0031ba249123"; $fakeAPI2 = "AKIAD8E8FCA2DC0F896F"; $hash2 = "$1$VnG/6ABB$t6w9bQFxvI9tf0sFJf2TR."; + $hash3 = "d8e8fca2dc0f896fd7cb4cb0031ba249"; if($pass == "$6$q8C1F6tv$zTP/eEVixqyQBEfsSbTidUJfnaE2ojNIpTwTHava/UhFORv3V4ehyTOGdQEoFo1dEVG6UcXwhG.UHvyQyERz01"){ echo "Hardcoded !";