Deprecate and remove 'hex_general_commands.csv'.

Maikuolan · Maikuolan · commit fde51fa90f8e · 2021-04-01T12:44:35.000+08:00
Despite the warning provided in the README file, this particular signature
file continues to regularly see support requests relating to the various
false positives it causes. Since I'm a little tired of serving the same
support request multiple times to different users across different
platforms, and I doubt the signature file in question really provides
sufficient benefit to justify it anyway, I'm deprecating and removing it.
diff --git a/misc/hex_general_commands.csv.gz b/misc/hex_general_commands.csv.gz
diff --git a/misc/readme.md b/misc/readme.md
@@ -2,7 +2,6 @@
 
 **File** | **Description**
 ---|---
-hex_general_commands.csv | **General command detections.** This signature file can detect simple commands such as eval, require, include, unserialize, etc, often found in executable script files. If you happen to allow only very small, "non-binary" (i.e., plain-text) files, small image files for forum avatars and etc to be uploaded, and if your website only deals with low volumes of uploads, this signature file may be useful as a means to detect unwanted, obfuscated executable code and scripting hidden within such files, enabling phpMussel to identify such files as malicious, when they would otherwise appear benign. However, it should be noted that this particular signature file poses a **VERY** high false positive risk! If your phpMussel setup or your website's upload facility deals with more than low volumes of uploads, is expected to process "binary files", anything other than very small files, or is expected to process large images, videos, executable files, etc, then this particular signature file should, in most cases, be avoided.
 phpmussel.cedb | **phpMussel complex extended signatures.** Contains signatures based on extended metadata generated by phpMussel. Signatures in this signature file target a wide range of miscellaneous threats covering a wide range of formats and vectors, including Android malware, chameleon attacks, forkbombs, web-based ransomware, malicious browser extensions, equation malware, etc. Generally recommended for most phpMussel setups, and has a very low false positive risk.
 phpmussel.db | **phpMussel standard signatures.** Signatures in this signature file work directly with file content (i.e., with zero or limited pre-processing). Covers a wide range of formats. Generally recommended for most phpMussel setups, and has a low false positive risk.
 phpmussel_regex.db | **phpMussel standard regex signatures.** Same as the above, except that the signatures in this signature file can contain regular expressions (whereas signatures from the above can't).
@@ -31,4 +30,4 @@ phpmussel_swf_regex.db | **phpMussel SWF regex signatures.** Same as the above,
 ---
 
 
-Last Updated: 20 March 2021 (2021.03.20).
+Last Updated: 1 April 2021 (2021.04.01).
diff --git a/signatures.dat b/signatures.dat
@@ -1,31 +1,4 @@
 ---
-hex_general_commands.csv:
- Name: "General command detections."
- Extended Description: >
-  This signature file can detect simple commands such as eval, require, include, unserialize, etc, often found in
-  executable script files. It may be useful as a means to detect unwanted, obfuscated executable code and scripting hidden
-  inside files that could be malicious, but could otherwise appear innocent and harmless, if you happen to allow only very
-  small, "non-binary" (i.e., plain-text) files to be uploaded, small image files for forum avatars, etc, and if your
-  website only deals with low volumes of uploads. However, it should be noted that this particular signature file poses a
-  **VERY** high false positive risk! If your phpMussel setup or your website's upload facility deals with more than low
-  volumes of uploads, is expected to process "binary files", anything other than very small files, or is expected to
-  process large images, videos, executable files, etc, then this particular signature file should, in most cases, be
-  avoided.
- Version: "2019.237.608"
- Minimum Required: "1.0.0-DEV"
- Minimum Required PHP: "5.4.0"
- Remote: "https://raw.githubusercontent.com/phpMussel/Signatures/master/signatures.dat"
- Uninstallable: true
- When Update Succeeds:
-  - "ClearHashCache"
- Files:
-  From:
-   - "https://raw.githubusercontent.com/phpMussel/Signatures/master/misc/hex_general_commands.csv.gz"
-  To:
-   - "signatures/hex_general_commands.csv"
-  Checksum:
-   - "a3f700ccf3aa9ec28c46bef06db88dd6b58e36d207b791b9977f5efe9cadc707:1454"
- Reannotate: "signatures.dat"
 clamav.cedb:
  Name: "ClamAV complex extended signatures."
  Extended Description: >
