kaspersky endpoint security scan backend

2025-08-25 22:01:16 +00:00 · 2020-10-22 14:15:27 +03:00
parent 46974066a4
commit 45c86b8467
6 changed files with 70 additions and 7 deletions
--- a/MalwareMultiScan.Backends/Backends/Implementations/ClamavScanBackend.cs
+++ b/MalwareMultiScan.Backends/Backends/Implementations/ClamavScanBackend.cs
@@ -21,9 +21,7 @@ namespace MalwareMultiScan.Backends.Backends.Implementations
        
        protected override Regex MatchRegex { get; } =
            new Regex(@"(\S+): (?<threat>[\S]+) FOUND", RegexOptions.Compiled | RegexOptions.Multiline);
-        
-        protected override bool ParseStdErr { get; } = false;
-        
+
        protected override string GetBackendArguments(string path)
        {
            return $"--no-summary {path}";
--- a/MalwareMultiScan.Backends/Backends/Implementations/DrWebScanBackend.cs
+++ b/MalwareMultiScan.Backends/Backends/Implementations/DrWebScanBackend.cs
@@ -21,9 +21,7 @@ namespace MalwareMultiScan.Backends.Backends.Implementations
        
        protected override Regex MatchRegex { get; } =
            new Regex(@".* - infected with (?<threat>[\S ]+)", RegexOptions.Compiled | RegexOptions.Multiline);
-        
-        protected override bool ParseStdErr { get; } = false;
-        
+
        protected override string GetBackendArguments(string path)
        {
            return $"scan {path}";
--- a/MalwareMultiScan.Backends/Backends/Implementations/KesScanBackend.cs
+++ b/MalwareMultiScan.Backends/Backends/Implementations/KesScanBackend.cs
@@ -0,0 +1,30 @@
+using System;
+using System.IO;
+using System.Text.RegularExpressions;
+using MalwareMultiScan.Backends.Backends.Abstracts;
+using Microsoft.Extensions.Logging;
+
+namespace MalwareMultiScan.Backends.Backends.Implementations
+{
+    public class KesScanBackend : AbstractLocalProcessScanBackend
+    {
+        public KesScanBackend(ILogger logger) : base(logger)
+        {
+        }
+        
+        public override string Id { get; } = "kes";
+        
+        public override DateTime DatabaseLastUpdate =>
+            File.GetLastWriteTime("/var/opt/kaspersky/kesl/common/updates/avbases/klsrl.dat");
+
+        protected override string BackendPath { get; } = "/bin/bash";
+        
+        protected override Regex MatchRegex { get; } =
+            new Regex(@"[ +]DetectName.*: (?<threat>.*)", RegexOptions.Compiled | RegexOptions.Multiline);
+
+        protected override string GetBackendArguments(string path)
+        {
+            return $"/usr/bin/kesl-scan {path}";
+        }
+    }
+}