From ad546209952cac5f3035e527c50186cbac1123f5 Mon Sep 17 00:00:00 2001 From: Volodymyr Smirnov Date: Thu, 22 Oct 2020 19:53:13 +0300 Subject: [PATCH] add comodo scan backend --- .../Dockerfiles_Comodo_Dockerfile.xml | 24 ++++++++++++++ .../Implementations/ComodoScanBackend.cs | 31 +++++++++++++++++++ .../Dockerfiles/Comodo.Dockerfile | 10 ++++++ .../Data/Enums/BackendType.cs | 3 +- MalwareMultiScan.Worker/Jobs/ScanJob.cs | 1 + 5 files changed, 68 insertions(+), 1 deletion(-) create mode 100644 .idea/.idea.MalwareMultiScan/.idea/runConfigurations/Dockerfiles_Comodo_Dockerfile.xml create mode 100644 MalwareMultiScan.Backends/Backends/Implementations/ComodoScanBackend.cs create mode 100644 MalwareMultiScan.Backends/Dockerfiles/Comodo.Dockerfile diff --git a/.idea/.idea.MalwareMultiScan/.idea/runConfigurations/Dockerfiles_Comodo_Dockerfile.xml b/.idea/.idea.MalwareMultiScan/.idea/runConfigurations/Dockerfiles_Comodo_Dockerfile.xml new file mode 100644 index 0000000..9cbff99 --- /dev/null +++ b/.idea/.idea.MalwareMultiScan/.idea/runConfigurations/Dockerfiles_Comodo_Dockerfile.xml @@ -0,0 +1,24 @@ + + + + + + + + + + \ No newline at end of file diff --git a/MalwareMultiScan.Backends/Backends/Implementations/ComodoScanBackend.cs b/MalwareMultiScan.Backends/Backends/Implementations/ComodoScanBackend.cs new file mode 100644 index 0000000..2d40818 --- /dev/null +++ b/MalwareMultiScan.Backends/Backends/Implementations/ComodoScanBackend.cs @@ -0,0 +1,31 @@ +using System; +using System.IO; +using System.Text.RegularExpressions; +using MalwareMultiScan.Backends.Backends.Abstracts; +using Microsoft.Extensions.Logging; + +namespace MalwareMultiScan.Backends.Backends.Implementations +{ + public class ComodoScanBackend : AbstractLocalProcessScanBackend + { + public ComodoScanBackend(ILogger logger) : base(logger) + { + } + + public override string Id { get; } = "comodo"; + + public override DateTime DatabaseLastUpdate => + File.GetLastWriteTime("/opt/COMODO/scanners/bases.cav"); + + protected override string BackendPath { get; } = "/opt/COMODO/cmdscan"; + + protected override Regex MatchRegex { get; } = + new Regex(@".* ---> Found Virus, Malware Name is (?.*)", + RegexOptions.Compiled | RegexOptions.Multiline); + + protected override string GetBackendArguments(string path) + { + return $"-v -s {path}"; + } + } +} \ No newline at end of file diff --git a/MalwareMultiScan.Backends/Dockerfiles/Comodo.Dockerfile b/MalwareMultiScan.Backends/Dockerfiles/Comodo.Dockerfile new file mode 100644 index 0000000..7ebead2 --- /dev/null +++ b/MalwareMultiScan.Backends/Dockerfiles/Comodo.Dockerfile @@ -0,0 +1,10 @@ +FROM mindcollapse/malware-multi-scan-worker:latest + +RUN apt-get update && apt-get install wget -y + +RUN wget -q https://cdn.download.comodo.com/cis/download/installs/linux/cav-linux_x64.deb -O /tmp/cav-linux_x64.deb && \ + dpkg -i /tmp/cav-linux_x64.deb || exit 0 + +RUN wget -q http://download.comodo.com/av/updates58/sigs/bases/bases.cav -O /opt/COMODO/scanners/bases.cav + +ENV BackendType=Comodo \ No newline at end of file diff --git a/MalwareMultiScan.Shared/Data/Enums/BackendType.cs b/MalwareMultiScan.Shared/Data/Enums/BackendType.cs index 2b4ba14..430959c 100644 --- a/MalwareMultiScan.Shared/Data/Enums/BackendType.cs +++ b/MalwareMultiScan.Shared/Data/Enums/BackendType.cs @@ -5,6 +5,7 @@ namespace MalwareMultiScan.Shared.Data.Enums Defender, Clamav, DrWeb, - Kes + Kes, + Comodo } } \ No newline at end of file diff --git a/MalwareMultiScan.Worker/Jobs/ScanJob.cs b/MalwareMultiScan.Worker/Jobs/ScanJob.cs index eb61065..863eb14 100644 --- a/MalwareMultiScan.Worker/Jobs/ScanJob.cs +++ b/MalwareMultiScan.Worker/Jobs/ScanJob.cs @@ -35,6 +35,7 @@ namespace MalwareMultiScan.Worker.Jobs BackendType.Clamav => new ClamavScanBackend(logger), BackendType.DrWeb => new DrWebScanBackend(logger), BackendType.Kes => new KesScanBackend(logger), + BackendType.Comodo => new ComodoScanBackend(logger), _ => throw new NotImplementedException() }; }