Mirrors/MalwareMultiScan
1
0
Fork 0
mirror of https://github.com/volodymyrsmirnov/MalwareMultiScan.git synced 2025-10-11 12:26:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

finished unit tests and docstrings

Browse Source
This commit is contained in:
Volodymyr Smirnov
2020-10-29 16:09:56 +02:00
parent b2902c128a
commit b68c285ce5
48 changed files with 910 additions and 194 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
MalwareMultiScan.Backends/Backends/Implementations/ClamavScanBackend.cs
View File

@@ -1,24 +1,31 @@
using System.Text.RegularExpressions;
using MalwareMultiScan.Backends.Backends.Abstracts;
using Microsoft.Extensions.Logging;
using MalwareMultiScan.Backends.Services.Interfaces;
namespace MalwareMultiScan.Backends.Backends.Implementations
{
/// <inheritdoc />
public class ClamavScanBackend : AbstractLocalProcessScanBackend
{
public ClamavScanBackend(ILogger logger) : base(logger)
/// <inheritdoc />
public ClamavScanBackend(IProcessRunner processRunner) : base(processRunner)
{
}
/// <inheritdoc />
public override string Id { get; } = "clamav";
/// <inheritdoc />
protected override string BackendPath { get; } = "/usr/bin/clamdscan";
/// <inheritdoc />
protected override Regex MatchRegex { get; } =
new Regex(@"(\S+): (?<threat>[\S]+) FOUND", RegexOptions.Compiled | RegexOptions.Multiline);
/// <inheritdoc />
protected override bool ThrowOnNonZeroExitCode { get; } = false;
/// <inheritdoc />
protected override string GetBackendArguments(string path)
{
return $"-m --fdpass --no-summary {path}";

10
MalwareMultiScan.Backends/Backends/Implementations/ComodoScanBackend.cs
View File

@@ -1,23 +1,29 @@
using System.Text.RegularExpressions;
using MalwareMultiScan.Backends.Backends.Abstracts;
using Microsoft.Extensions.Logging;
using MalwareMultiScan.Backends.Services.Interfaces;
namespace MalwareMultiScan.Backends.Backends.Implementations
{
/// <inheritdoc />
public class ComodoScanBackend : AbstractLocalProcessScanBackend
{
public ComodoScanBackend(ILogger logger) : base(logger)
/// <inheritdoc />
public ComodoScanBackend(IProcessRunner processRunner) : base(processRunner)
{
}
/// <inheritdoc />
public override string Id { get; } = "comodo";
/// <inheritdoc />
protected override string BackendPath { get; } = "/opt/COMODO/cmdscan";
/// <inheritdoc />
protected override Regex MatchRegex { get; } =
new Regex(@".* ---> Found Virus, Malware Name is (?<threat>.*)",
RegexOptions.Compiled | RegexOptions.Multiline);
/// <inheritdoc />
protected override string GetBackendArguments(string path)
{
return $"-v -s {path}";

10
MalwareMultiScan.Backends/Backends/Implementations/DrWebScanBackend.cs
View File

@@ -1,22 +1,28 @@
using System.Text.RegularExpressions;
using MalwareMultiScan.Backends.Backends.Abstracts;
using Microsoft.Extensions.Logging;
using MalwareMultiScan.Backends.Services.Interfaces;
namespace MalwareMultiScan.Backends.Backends.Implementations
{
/// <inheritdoc />
public class DrWebScanBackend : AbstractLocalProcessScanBackend
{
public DrWebScanBackend(ILogger logger) : base(logger)
/// <inheritdoc />
public DrWebScanBackend(IProcessRunner processRunner) : base(processRunner)
{
}
/// <inheritdoc />
public override string Id { get; } = "drweb";
/// <inheritdoc />
protected override string BackendPath { get; } = "/usr/bin/drweb-ctl";
/// <inheritdoc />
protected override Regex MatchRegex { get; } =
new Regex(@".* - infected with (?<threat>[\S ]+)", RegexOptions.Compiled | RegexOptions.Multiline);
/// <inheritdoc />
protected override string GetBackendArguments(string path)
{
return $"scan {path}";

7
MalwareMultiScan.Backends/Backends/Implementations/DummyScanBackend.cs
View File

@@ -6,20 +6,25 @@ using MalwareMultiScan.Backends.Interfaces;
namespace MalwareMultiScan.Backends.Backends.Implementations
{
/// <inheritdoc />
public class DummyScanBackend : IScanBackend
{
/// <inheritdoc />
public string Id { get; } = "dummy";
/// <inheritdoc />
public Task<string[]> ScanAsync(string path, CancellationToken cancellationToken)
{
return Scan();
}
/// <inheritdoc />
public Task<string[]> ScanAsync(Uri uri, CancellationToken cancellationToken)
{
return Scan();
}
/// <inheritdoc />
public Task<string[]> ScanAsync(Stream stream, CancellationToken cancellationToken)
{
return Scan();
@@ -29,7 +34,7 @@ namespace MalwareMultiScan.Backends.Backends.Implementations
{
await Task.Delay(
TimeSpan.FromSeconds(5));
return new[] {"Malware.Dummy.Result"};
}
}

10
MalwareMultiScan.Backends/Backends/Implementations/KesScanBackend.cs
View File

@@ -1,22 +1,28 @@
using System.Text.RegularExpressions;
using MalwareMultiScan.Backends.Backends.Abstracts;
using Microsoft.Extensions.Logging;
using MalwareMultiScan.Backends.Services.Interfaces;
namespace MalwareMultiScan.Backends.Backends.Implementations
{
/// <inheritdoc />
public class KesScanBackend : AbstractLocalProcessScanBackend
{
public KesScanBackend(ILogger logger) : base(logger)
/// <inheritdoc />
public KesScanBackend(IProcessRunner processRunner) : base(processRunner)
{
}
/// <inheritdoc />
public override string Id { get; } = "kes";
/// <inheritdoc />
protected override string BackendPath { get; } = "/bin/bash";
/// <inheritdoc />
protected override Regex MatchRegex { get; } =
new Regex(@"[ +]DetectName.*: (?<threat>.*)", RegexOptions.Compiled | RegexOptions.Multiline);
/// <inheritdoc />
protected override string GetBackendArguments(string path)
{
return $"/usr/bin/kesl-scan {path}";

11
MalwareMultiScan.Backends/Backends/Implementations/McAfeeScanBackend.cs
View File

@@ -1,24 +1,31 @@
using System.Text.RegularExpressions;
using MalwareMultiScan.Backends.Backends.Abstracts;
using Microsoft.Extensions.Logging;
using MalwareMultiScan.Backends.Services.Interfaces;
namespace MalwareMultiScan.Backends.Backends.Implementations
{
/// <inheritdoc />
public class McAfeeScanBackend : AbstractLocalProcessScanBackend
{
public McAfeeScanBackend(ILogger logger) : base(logger)
/// <inheritdoc />
public McAfeeScanBackend(IProcessRunner processRunner) : base(processRunner)
{
}
/// <inheritdoc />
public override string Id { get; } = "mcafee";
/// <inheritdoc />
protected override string BackendPath { get; } = "/usr/local/uvscan/uvscan";
/// <inheritdoc />
protected override bool ThrowOnNonZeroExitCode { get; } = false;
/// <inheritdoc />
protected override Regex MatchRegex { get; } =
new Regex(@".* ... Found: (?<threat>.*).", RegexOptions.Compiled | RegexOptions.Multiline);
/// <inheritdoc />
protected override string GetBackendArguments(string path)
{
return $"--SECURE {path}";

11
MalwareMultiScan.Backends/Backends/Implementations/SophosScanBackend.cs
View File

@@ -1,24 +1,31 @@
using System.Text.RegularExpressions;
using MalwareMultiScan.Backends.Backends.Abstracts;
using Microsoft.Extensions.Logging;
using MalwareMultiScan.Backends.Services.Interfaces;
namespace MalwareMultiScan.Backends.Backends.Implementations
{
/// <inheritdoc />
public class SophosScanBackend : AbstractLocalProcessScanBackend
{
public SophosScanBackend(ILogger logger) : base(logger)
/// <inheritdoc />
public SophosScanBackend(IProcessRunner processRunner) : base(processRunner)
{
}
/// <inheritdoc />
public override string Id { get; } = "sophos";
/// <inheritdoc />
protected override string BackendPath { get; } = "/opt/sophos-av/bin/savscan";
/// <inheritdoc />
protected override bool ThrowOnNonZeroExitCode { get; } = false;
/// <inheritdoc />
protected override Regex MatchRegex { get; } =
new Regex(@">>> Virus '(?<threat>.*)' found in file .*", RegexOptions.Compiled | RegexOptions.Multiline);
/// <inheritdoc />
protected override string GetBackendArguments(string path)
{
return $"-f -archive -ss {path}";

15
MalwareMultiScan.Backends/Backends/Implementations/WindowsDefenderScanBackend.cs
View File

@@ -1,25 +1,32 @@
using System.Text.RegularExpressions;
using MalwareMultiScan.Backends.Backends.Abstracts;
using Microsoft.Extensions.Logging;
using MalwareMultiScan.Backends.Services.Interfaces;
namespace MalwareMultiScan.Backends.Backends.Implementations
{
/// <inheritdoc />
public class WindowsDefenderScanBackend : AbstractLocalProcessScanBackend
{
public WindowsDefenderScanBackend(ILogger logger) : base(logger)
/// <inheritdoc />
public WindowsDefenderScanBackend(IProcessRunner processRunner) : base(processRunner)
{
}
/// <inheritdoc />
public override string Id { get; } = "windows-defender";
/// <inheritdoc />
protected override string BackendPath { get; } = "/opt/mpclient";
/// <inheritdoc />
protected override Regex MatchRegex { get; } =
new Regex(@"EngineScanCallback\(\): Threat (?<threat>[\S]+) identified",
RegexOptions.Compiled | RegexOptions.Multiline);
/// <inheritdoc />
protected override bool ParseStdErr { get; } = true;
/// <inheritdoc />
protected override string GetBackendArguments(string path)
{
return path;