dr.web scanning backend

2025-08-23 21:12:22 +00:00 · 2020-10-21 17:33:58 +03:00 · 2020-10-21 17:33:58 +03:00 · d4703df14d
commit d4703df14d
parent 89515efd5d
5 changed files with 87 additions and 1 deletions
--- a/.idea/.idea.MalwareMultiScan/.idea/runConfigurations/Dockerfiles_DrWeb_Dockerfile.xml
+++ b/.idea/.idea.MalwareMultiScan/.idea/runConfigurations/Dockerfiles_DrWeb_Dockerfile.xml
@ -0,0 +1,24 @@
+<component name="ProjectRunConfigurationManager">
+  <configuration default="false" name="Dockerfiles/DrWeb.Dockerfile" type="docker-deploy" factoryName="dockerfile" server-name="Docker">
+    <deployment type="dockerfile">
+      <settings>
+        <option name="imageTag" value="mindcollapse/malware-multi-scan-worker-drweb" />
+        <option name="buildCliOptions" value="" />
+        <option name="command" value="" />
+        <option name="containerName" value="malware-multi-scan-worker-drweb" />
+        <option name="entrypoint" value="" />
+        <option name="portBindings">
+          <list>
+            <DockerPortBindingImpl>
+              <option name="containerPort" value="9901" />
+              <option name="hostPort" value="9901" />
+            </DockerPortBindingImpl>
+          </list>
+        </option>
+        <option name="commandLineOptions" value="" />
+        <option name="sourceFilePath" value="MalwareMultiScan.Backends/Dockerfiles/DrWeb.Dockerfile" />
+      </settings>
+    </deployment>
+    <method v="2" />
+  </configuration>
+</component>
--- a/MalwareMultiScan.Backends/Backends/Implementations/DrWebScanBackend.cs
+++ b/MalwareMultiScan.Backends/Backends/Implementations/DrWebScanBackend.cs
@ -0,0 +1,32 @@
+using System;
+using System.IO;
+using System.Text.RegularExpressions;
+using MalwareMultiScan.Backends.Backends.Abstracts;
+using Microsoft.Extensions.Logging;
+
+namespace MalwareMultiScan.Backends.Backends.Implementations
+{
+    public class DrWebScanBackend : AbstractLocalProcessScanBackend
+    {
+        public DrWebScanBackend(ILogger logger) : base(logger)
+        {
+        }
+        
+        public override string Id { get; } = "drweb";
+        
+        public override DateTime DatabaseLastUpdate =>
+            File.GetLastWriteTime("/var/opt/drweb.com/version/version.ini");
+
+        protected override string BackendPath { get; } = "/usr/bin/drweb-ctl";
+        
+        protected override Regex MatchRegex { get; } =
+            new Regex(@".* - infected with (?<threat>[\S ]+)", RegexOptions.Compiled | RegexOptions.Multiline);
+        
+        protected override bool ParseStdErr { get; } = false;
+        
+        protected override string GetBackendArguments(string path)
+        {
+            return $"scan {path}";
+        }
+    }
+}
--- a/MalwareMultiScan.Backends/Dockerfiles/DrWeb.Dockerfile
+++ b/MalwareMultiScan.Backends/Dockerfiles/DrWeb.Dockerfile
@ -0,0 +1,28 @@
+FROM mindcollapse/malware-multi-scan-worker:latest
+
+ARG DRWEB_KEY
+ENV DRWEB_KEY=$DRWEB_KEY
+
+ARG DRWEB_URL=https://download.geo.drweb.com/pub/drweb/unix/workstation/11.1/drweb-11.1.1-av-linux-amd64.run
+ENV DRWEB_URL=$DRWEB_URL
+
+RUN apt-get update && apt-get install build-essential ca-certificates wget -y
+
+RUN wget -q $DRWEB_URL -O /tmp/drweb.run && \
+    chmod +x /tmp/drweb.run && \
+    DRWEB_NON_INTERACTIVE=yes /tmp/drweb.run && \
+    rm -f /tmp/drweb.run
+
+RUN /opt/drweb.com/bin/drweb-configd -d -p /var/run/drweb-configd.pid && \
+    if [ -z "$DRWEB_KEY" ]; then drweb-ctl license --GetDemo; \
+    else drweb-ctl license --GetRegistered "$DRWEB_KEY"; \
+    fi && kill $(cat /var/run/drweb-configd.pid) 
+    
+RUN /opt/drweb.com/bin/drweb-configd -d -p /var/run/drweb-configd.pid && \
+    (drweb-ctl update --Stop || exit 0) && \
+    drweb-ctl update && \
+    kill $(cat /var/run/drweb-configd.pid)
+    
+ENV BackendType=DrWeb
+    
+ENTRYPOINT /opt/drweb.com/bin/drweb-configd -d -p /var/run/drweb-configd.pid && /worker/MalwareMultiScan.Worker
--- a/MalwareMultiScan.Shared/Data/Enums/BackendType.cs
+++ b/MalwareMultiScan.Shared/Data/Enums/BackendType.cs
@ -3,6 +3,7 @@ namespace MalwareMultiScan.Shared.Data.Enums
    public enum BackendType
    {
        Defender,
-        Clamav
+        Clamav,
+        DrWeb
    }
 }
--- a/MalwareMultiScan.Worker/Jobs/ScanJob.cs
+++ b/MalwareMultiScan.Worker/Jobs/ScanJob.cs
@ -33,6 +33,7 @@ namespace MalwareMultiScan.Worker.Jobs
            {
                BackendType.Defender => new WindowsDefenderScanBackend(logger),
                BackendType.Clamav => new ClamavScanBackend(logger),
+                BackendType.DrWeb => new DrWebScanBackend(logger),
                _ => throw new NotImplementedException()
            };
        }