-
Notifications
You must be signed in to change notification settings - Fork 0
/
malwareScan.py
82 lines (71 loc) · 3.21 KB
/
malwareScan.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
#
# This file is part of umo application.
#
# Copyright(c) 2010-2011 JoseMi(jholgui@gmail.com).
# http://umo.googlecode.com
# Twitter: @JoseMiHolguin
#
# This file may be licensed under the terms of of the
# GNU General Public License Version 2 (the ``GPL'').
#
# Software distributed under the License is distributed
# on an ``AS IS'' basis, WITHOUT WARRANTY OF ANY KIND, either
# express or implied. See the GPL for the specific language
# governing rights and limitations.
#
# You should have received a copy of the GPL along with this
# program. If not, go to http://www.gnu.org/licenses/gpl.html
# or write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
import sys, time
from safebrowsing.prepare_db import Google_Blacklist
from safebrowsing.query_lookup import Lookup
from time import strftime
__author__="JoseMi(jholgui (at) gmail.com)"
__date__ ="$28.07.2011 06:55:16$"
class malwareScan():
def __init__(self, config):
if config is not None:
self.config = config
else:
self.config["p_logger"].error("UMO module malwareScan - The configuration variable isn't set")
def scan_sbg(self):
print "UMO is searching in Google Safebrowsing Database ... waiting"
l = Lookup()
try:
outfile = open(self.config["p_write"], "w")
except IOError:
self.config["p_logger"].error("UMO module malwareScan - Error open file:"+ self.config["p_write"])
sys.exit(1)
try:
outfileurls = open(self.config["p_umourls"], "w")
except IOError:
self.config["p_logger"].error("UMO module malwareScan - Error open file:"+ self.config["p_urlsumo"])
sys.exit(1)
outfileurls.write("\n"+strftime('%Y-%m-%d %H:%M:%S') + " : New Google SafeBrowsing Search started\n")
count = 0
self.config["p_logger"].info('UMO module malwareScan - Searching URLs in Local Google Safebrowsing Database...')
for url in self.config["p_enlaces"]:
malware = l.lookup_by_url(url)
outfileurls.write(url.encode('utf8') + "\n")
if malware == 'M':
count = count + 1
outfile.write(url + "\n")
outfile.close()
outfileurls.close()
if count > 0:
print "Url Malware OWNED, look at report: " + self.config["p_write"]
self.config["p_logger"].info("umo module malwareScan - Url Malware Owned in Google Safebrowsing Databases, look at report: " + self.config["p_write"] + "\n")
else:
self.config["p_logger"].info("umo module malwareScan - Malware not found in Google Safebrowsing Database")
def update_sbg(self):
try:
g = Google_Blacklist("malware")
g.fetch_data()
g = Google_Blacklist("black")
g.fetch_data()
print "Google SafeBrowsing Database- Update finished\n"
self.config["p_logger"].info("umo module malwareScan - Google SafeBrowsing Database- Update finished")
except:
self.config["p_logger"].error('umo module malwareScan - Errors updating Malware and BlackList Google Safebrowsing Database')