Extras module update.

CIDRAM · Jan 4, 2025 · 22cb700 · 22cb700
1 parent 183922b
commit 22cb700
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 12 deletions.
diff --git a/modules/module_extras.php b/modules/module_extras.php
@@ -8,7 +8,7 @@
  * License: GNU/GPLv2
  * @see LICENSE.txt
  *
- * This file: Optional security extras module (last modified: 2024.10.30).
+ * This file: Optional security extras module (last modified: 2025.01.04).
  *
  * False positive risk (an approximate, rough estimate only): « [ ]Low [x]Medium [ ]High »
  */
@@ -106,19 +106,19 @@
             '\.bak/.*|' .
             '\.w(?:ell-known|p-cli)/.*(?:a(?:bout|dmin)[\da-z]*|fierza[\da-z]*|install[\da-z]*|moon[\da-z]*|shell[\da-z]*|wp-login[\da-z]*|x)|' .
             '\.?rxr(?:_[\da-z]+)?|' .
-            '\d{3,5}[a-z]{3,5}|\d+-?backdoor|0byte|0[xz]|10+|991176|' .
-            'a(?:dmin-heade\d*|dminfuns|hhygskn|lfa(?:-rex|_data|a?cgiapi|ioxi|new)?\d*|njas|pismtp|xx)|' .
-            'b0|b3d2acc621a0|bak|bala|' .
-            'c(?:(?:9|10)\d+|asper[\da-z]+|d(?:.*tmp.*rm-rf|chmod.*\d{3,})|fom[-_]files|(?:gi-bin|ss)/(?:luci/;|moon|newgolden|radio|sgd|stok=/|uploader|well-known|wp-login)|jfuns|lasssmtps|olors/blue/uploader|ong)|' .
-            'd7|deadcode\d*|dkiz|' .
+            '\d{3,5}[a-z]{3,5}|\d+-?backdoor|0byte|0[xz]|10+|4price|991176|' .
+            'a(?:b1ux1ft|dmin-heade\d*|dminfuns|hhygskn|lexus|lfa(?:-rex|_data|a?cgiapi|ioxi|new)?\d*|njas|pismtp|xx)|' .
+            'b(?:0|3d2acc621a0|ak|ala|ibil_0day)|' .
+            'c(?:(?:9|10)\d+|adastro-2|asper[\da-z]+|d(?:.*tmp.*rm-rf|chmod.*\d{3,})|fom[-_]files|(?:gi-bin|ss)/(?:luci/;|moon|newgolden|radio|sgd|stok=/|uploader|well-known|wp-login)|jfuns|lasssmtps|olors/blue/uploader|ong|ontentloader1)|' .
+            'd(?:7|eadcode\d*|epotcv|isagraep|kiz)|' .
             'ee|' .
             'f(?:ddqradz|ilefuns?)|' .
-            'gel4y|gh[0o]st|glab-rare|gzismexv|' .
-            'h[4a]x+[0o]r|h6ss|hanna1337|hehehe|htmlawedtest|' .
+            'g(?:el4y|etid3-core|h[0o]st|lab-rare|zismexv)|' .
+            'h[4a]x+[0o]r|h6ss|hanna1337|hehehe|kvkjguw|htmlawedtest|' .
             'i(?:\d{3,}[a-z]{2,}|cesword|ndoxploit|optimize|r7szrsouep|itsec|xr/(?:allez|wp-login))|' .
             'lock0?360|lufix(?:-shell)?|' .
             'miin|my1|' .
-            'old/wp-admin/install|orvx(?:-shell)?|' .
+            'old/wp-admin/install|orvx(?:-shell)?|othiondwmek|' .
             'perl\.alfa|php(?:1|_niu_\d+)|(?:plugins|themes)/(?:ccx|ioptimization|yyobang)|poison|priv8|pzaiihfi|' .
             'rendixd|' .
             's(?:ession91|h[3e]llx?\d*|hrift|idwso|ilic|kipper(?:shell)?|onarxleetxd|pammervip|rc/util/php/(?:eval(?:-stdin)?|kill))|' .
@@ -137,7 +137,7 @@
             $LCNrURI
         ), 'Probing for webshells/backdoors')) {
             $CIDRAM['Reporter']->report([15, 20, 21], ['Caught probing for webshells/backdoors. Host might be compromised.'], $CIDRAM['BlockInfo']['IPAddr']);
-        } // 2023.08.18 mod 2024.08.04
+        } // 2023.08.18 mod 2025.01.04
 
         /** Probing for vulnerable plugins or webapps. */
         if (

diff --git a/modules/modules.dat b/modules/modules.dat
@@ -239,7 +239,7 @@ module_cookies.php:
 module_extras.php:
  Name: "Optional security extras module"
  False Positive Risk: "Medium"
- Version: "2024.303.0"
+ Version: "2025.3.0"
  Dependencies:
   PHP: "^5.4|^7|^8"
   CIDRAM Core: "^1.13.1|^2.0.1"
@@ -254,7 +254,7 @@ module_extras.php:
    - "module_extras.php"
    - "module_extras.yaml"
   Checksum:
-   - "11d7c968fc19f82aebd98f30d708793181f4e6450d7c0d039f32413a298c6f45:28616"
+   - "0cc7cb9a5562fd27d0aa98ecce2cb1b93f6d0de9908e337e76c08500bbb7bb93:28722"
    - "7b891d1fa4b1c52c410220bc758e8cb7064bd6040430fb149a5b60e9ae2e0838:890"
  Used with: "modules"
  Reannotate: "modules.dat"