Comment webshell_generic_php_5

It's a rule with a lot of false positives. We have to find a solution for this rule. By now this rule is commented.

Comment webshell_generic_php_5
It's a rule with a lot of false positives. We have to find a solution for this rule. By now this rule is commented.
d08be191 · j0sm1 · GitHub · 5a242769 · d08be191
Commit d08be191 authored Oct 10, 2017 by j0sm1 Committed by GitHub Oct 10, 2017
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 0 deletions

WShell_THOR_Webshells.yar Webshells/WShell_THOR_Webshells.yar +2 -0

No files found.
--- a/Webshells/WShell_THOR_Webshells.yar
+++ b/Webshells/WShell_THOR_Webshells.yar
@@ -6342,6 +6342,7 @@ rule WebShell_Generic_PHP_4 {
 	condition:
 		all of them
 }
+/*
 rule WebShell_Generic_PHP_5 {
 	meta:
 		description = "PHP Webshells Github Archive - from files ex0shell.php, megabor.php, GRP WebShell 2.0 release build 2018 (C)2006,Great.php"
@@ -6360,6 +6361,7 @@ rule WebShell_Generic_PHP_5 {
 	condition:
 		all of them
 }
+*/
 rule WebShell_GFS {
 	meta:
 		description = "PHP Webshells Github Archive - from files GFS web-shell ver 3.1.7 - PRiV8.php, Predator.php, GFS_web-shell_ver_3.1.7_-_PRiV8.php"