JS/Blacole not found + cxs.xtra not ok javascript in html

[jeroman]

Hi!

A CXS scan (via manual Generate Commands) does not find/alert

1. cxs.xtra stuff if it's not in a php file or maybe other script files.
If there is cxs.ztra stuff in a .html file it will not report it.
Even if it's included in a Javascript code.

2. CXS does not report/find a very bad javascript/malware in index.html while all other
free website scanners I tested found it.
This was the JS/Blacole.DH.1 malware.

Since cxs did not find/report it even when running it manually, just that file, I added the author of the malware to cxs.xtra but it did not help. So I tested to add the author name in a .php file instead and then it was found.

I tried this on 2 servers, same thing.

Should not cxs find the JS/Blacole.DH.1 malware in all files, also .html files ?
Should not cxs.xtra commands work with .html files ? (docs say script files so I guess not)

I'm just worried that cxs miss other malware as well.
Maybe JS/Blacole.DH.1 is new and it will be included soon.

Thanks!

[Sarah]

Unless you include --deep in your cxs command, cxs will not scan html or text files, only script files.

[jeroman]

Great - thanks!

[jeroman]

Do we need to have the --deep command also for cxswatch or ftp/cxscgi.sh if it should scan html files as well ?

[Sarah]

You need to included it in any command when you want to scan html or other non-script files.