#!/bin/bash

output_file="malware_scan_results_$(date +%Y%m%d_%H%M%S).txt"
echo "🔍 Scanning for suspicious PHP code in Magento files..." | tee "$output_file"

patterns=(
    "eval("
    "base64_decode("
    "gzinflate("
    "str_rot13("
    "shell_exec("
    "exec("
    "passthru("
    "system("
    "assert("
    "preg_replace(.*\/e"
)

for pattern in "${patterns[@]}"; do
    echo -e "\n🔎 Searching for: $pattern" | tee -a "$output_file"
    grep -rni "$pattern" . --include="*.php" | tee -a "$output_file"
done

echo -e "\n✅ Scan complete. Results saved to: $output_file"
