def clean(self): # List of malicious files detected print("\n[!] List of possible malicious files found: ") try: self.malicious_file_list = [file_path.strip("\n") \ for file_path in utils.open_file(self._MAL_FILE_PATH)] except FileNotFoundError: # Initialize empty list self.malicious_file_list = list() for index, mal_file in enumerate(self.malicious_file_list): print("[{0}] {1}".format(index, mal_file)) to_clean = input( "Enter the index of the file to delete ('e' to exit): ") if to_clean == "e": return else: to_clean = int(to_clean) file_path = self.malicious_file_list[to_clean] print("Removing: ", file_path) try: os.remove(file_path) self.malicious_file_list.remove(file_path) except FileNotFoundError: pass except Exception as e: self.logger.log("Error occurred: " + str(e), logtype="error") with open(self._MAL_FILE_PATH, "w") as wf: for mal_file in self.malicious_file_list: wf.write(mal_file) self.clean()
def get_initial_uid(self): temp_list = [] log_file_data = utils.open_file(self._PASSWORD_LOG) for line in log_file_data: line = line.strip("\n") data = line.split(":") uid = data[2] temp_list.append(int(uid)) return temp_list
def __init__(self, debug=False, config_path=None, file_list=None, vt_api_key=None): # Initialize logger self.logger = AntiVirusLogger(__name__, debug=debug) if config_path is not None: self._CONFIG_PATH = config_path else: self.logger.log("Configuration file path not found.", logtype="error") sys.exit(0) # Load Configuration self.config_dict = utils.json_to_dict(self._CONFIG_PATH) # Categorize OS self.os_name = utils.categorize_os() if self.os_name: # Load malicious-file log path self._MAL_FILE_PATH = self.config_dict[ self.os_name]["scanner"]["malicious_file_log_path"] if file_list is not None: self.file_list = file_list else: self.file_list = [] # List of malicious files detected try: self.malicious_file_list = [file_path.strip("\n") \ for file_path in utils.open_file(self._MAL_FILE_PATH)] except FileNotFoundError: # Initialize empty list self.malicious_file_list = list() self.vt_api_key = vt_api_key if self.vt_api_key and self.vt_api_key != "XXXX": # If VirusTotal API Key is provided & valid self.vt_obj = VirusTotal(debug=debug, api_key=self.vt_api_key)
def auto_delete(self): self.logger.log("Auto-cleaning the malicious files", logtype="info") print("[!] Auto-cleaning the malicious files") try: self.malicious_file_list = [file_path.strip("\n") \ for file_path in utils.open_file(self._MAL_FILE_PATH)] except FileNotFoundError: # Initialize empty list self.malicious_file_list = list() for mal_file in self.malicious_file_list: try: os.remove(mal_file) self.logger.log("Removing: " + mal_file, logtype="info") self.malicious_file_list.remove(mal_file) except FileNotFoundError: pass except Exception as e: self.logger.log("Error occurred: " + str(e), logtype="error") with open(self._MAL_FILE_PATH, "w") as wf: for mal_file in self.malicious_file_list: wf.write(mal_file)
def scan_file(self, file_path): # Calculate MD5 hash value of the file file_hash_value = utils.get_md5_hash(file_path=file_path) # List the files in MD5 hashes rule directory hash_files_list = os.listdir(self._HASH_STORAGE) # Iterate over the found files for hash_file in hash_files_list: if "VirusShare_" in hash_file: hash_rule_path = os.path.join(self._HASH_STORAGE, hash_file) hash_rule_data = utils.open_file(hash_rule_path) for hash_val in hash_rule_data: hash_val = hash_val.strip("\n").strip(" ") if file_hash_value == hash_val: self.logger.log( "Possible malicious file detected: {0}".format(file_path), logtype="warning" ) if file_path not in self.malicious_file_list: self.malicious_file_list.append(file_path) super().check_virus_total(file_path) return return
def test_open_file(mck_open): """ Test open_file. """ utils.open_file("random_path") mck_open.assert_called_with("random_path")