def do_contscan(self, directory_argument): directory = os.path.abspath( directory_argument) if directory_argument else '' if not directory or not os.path.exists(directory): logger.error( "Cannot handle CONTSCAN command with argument '%s' (path does not exist)", directory) self.send_response("ERROR: Wrong argument '%s'" % directory) return responses = ["AmavisVTd scan results:"] avt = AmavisVT(self.config) for resource, scan_result in avt.run(directory): if scan_result is None: responses.append("%s: Not scanned by virustotal" % resource) elif isinstance(scan_result, Exception): responses.append("%s: Error (%s)" % (resource, scan_result)) else: if scan_result.infected: matches = [ v['result'] for _, v in scan_result.scans.items() if v['detected'] ][:3] responses.append( "%s: Detected as %s (%s of %s)" % (resource, ', '.join(set(matches)), scan_result.positives, scan_result.total)) else: responses.append("%s: Clean" % resource) payload = '\n'.join(responses) self.request.sendall(payload.encode('utf-8'))
def test_run_with_filename_pattern_detection_match_with_autoreport( self, database_mock, memcached_get_mock, memcached_set_mock, requests_mock ): memcached_get_mock.return_value = None database_mock.filename_pattern_match = mock.MagicMock() database_mock.filename_pattern_match.return_value = True avt = AmavisVT( AmavisVTConfigurationParser( { "database-path": ":memory:", "api-key": "my-api-key", "filename-pattern-detection": "true", "auto-report": "true", }, path="/dev/null", ) ) avt.database = database_mock mail = os.path.join(os.path.dirname(__file__), "samples/mail_with_attachment.eml") result = avt.run(mail) assert database_mock.filename_pattern_match.called call_result = database_mock.filename_pattern_match.call_args assert len(call_result) == 2 # resource and localpart call_args, call_kwargs = call_result # assert that one arg and one kwarg are passed assert len(call_args) == 1 assert len(call_kwargs) == 1 # the first arg must be our resource assert isinstance(call_args[0], Resource) assert call_args[0].filename == "textfile.zip" # the localpart kwarg should be 'alice' assert call_kwargs["localpart"] == "alice" assert requests_mock.called assert requests_mock.call_count == 2 # once for scan report and once for submitting assert len(result) == 1 resource, response = result[0] assert resource.filename == "textfile.zip" assert response.infected assert not any([os.path.exists(p) for p in avt.clean_paths])
def test_run_with_filename_pattern_detection_match_with_autoreport( self, database_mock, memcached_get_mock, memcached_set_mock, requests_mock): memcached_get_mock.return_value = None database_mock.filename_pattern_match = mock.MagicMock() database_mock.filename_pattern_match.return_value = True avt = AmavisVT( AmavisVTConfigurationParser( { 'database-path': ':memory:', 'api-key': 'my-api-key', 'filename-pattern-detection': 'true', 'auto-report': 'true' }, path='/dev/null')) avt.database = database_mock mail = os.path.join(os.path.dirname(__file__), 'samples/mail_with_attachment.eml') result = avt.run(mail) assert database_mock.filename_pattern_match.called call_result = database_mock.filename_pattern_match.call_args assert len(call_result) == 2 # resource and localpart call_args, call_kwargs = call_result # assert that one arg and one kwarg are passed assert len(call_args) == 1 assert len(call_kwargs) == 1 # the first arg must be our resource assert isinstance(call_args[0], Resource) assert call_args[0].filename == 'textfile.zip' # the localpart kwarg should be 'alice' assert call_kwargs['localpart'] == 'alice' assert requests_mock.called assert requests_mock.call_count == 2 # once for scan report and once for submitting assert len(result) == 1 resource, response = result[0] assert resource.filename == 'textfile.zip' assert response.infected assert not any([os.path.exists(p) for p in avt.clean_paths])
def do_contscan(self, directory_argument): directory = os.path.abspath(directory_argument) if directory_argument else "" if not directory or not os.path.exists(directory): logger.error("Cannot handle CONTSCAN command with argument '%s' (path does not exist)", directory) self.send_response("ERROR: Wrong argument '%s'" % directory) return responses = ["AmavisVTd scan results:"] avt = AmavisVT(self.config) for resource, scan_result in avt.run(directory): if scan_result is None: responses.append("%s: Not scanned by virustotal" % resource) elif isinstance(scan_result, Exception): responses.append("%s: Error (%s)" % (resource, scan_result)) else: if scan_result.infected: matches = [v["result"] for _, v in scan_result.scans.items() if v["detected"]][:3] responses.append( "%s: Detected as %s (%s of %s)" % (resource, ", ".join(set(matches)), scan_result.positives, scan_result.total) ) else: responses.append("%s: Clean" % resource) self.request.sendall("\n".join(responses))