Ejemplos de VDB en C# (CSharp)

Ejemplo n.º 1

        public static void Initialize(ScanSense sense)
        {
            try
            {
                ScanSensitivity = sense;

                EventsManager = new KAVE.BaseEngine.KavprotEvents();
                AsyncInvoke inv = new AsyncInvoke(VirusReportService.Initialize);
                inv.BeginInvoke(null, null);

                // load scanners
                AsyncInvoke sinv = new AsyncInvoke(Init);
                sinv.BeginInvoke(null, null);
                if (SettingsManager.TurboMode)
                {
                    AsyncInvoke ssinv = new AsyncInvoke(VDB.Initialize);
                    ssinv.BeginInvoke(null, null);
                }
                else
                {
                    VDB.Initialize();
                }
            }
            catch (Exception ex)
            {
                AntiCrash.LogException(ex);
            }
        }

Ejemplo n.º 2

        public object ScanM(string filename)
        {
            FileInfo fi = new FileInfo(filename);

            if (fi.Length < MaximumSize)
            {
                object     x          = null;
                FileStream fileStream = new FileStream(filename, FileMode.Open, FileAccess.Read);
                using (StreamReader sr = new StreamReader(fileStream))
                {
                    StringBuilder sb  = new StringBuilder();
                    string        hex = Security.DumpHex(sr, sb);

                    x = VDB.GetScript(hex);
                }
                if (x != null)
                {
                    return(x);
                }
                else
                {
                    return(AVEngine.HashScanner.ScanHS(filename));
                }
            }
            else
            {
                return(null);
            }
        }

Ejemplo n.º 3

        public bool Repair(Virus virus)
        {
            try
            {
                string result = VDB.GetRepair(virus.Name);

                if (result != null)
                {
                    if (result != "false" && result != string.Empty)
                    {
                        // repair
                        string hex       = Security.DumpHex(virus.Location);
                        string hexresult = hex.Replace(result, "");
                        using (StreamWriter str = new StreamWriter(virus.Location))
                        {
                            str.Write(Security.HexAsciiConvert(hexresult));
                        }
                        return(true);
                    }
                }

                return(false);
            }
            catch
            {
                return(false);
            }
            finally
            {
            }
        }

Ejemplo n.º 4

        public object ScanM(string filename)
        {
            FileInfo fi = new FileInfo(filename);

            try
            {
                if (fi.Length < MaximumSize)
                {
                    using (KCompress.KCompressExtractor extr = new KCompressExtractor(filename))
                    {
                        extr.ExtractArchive(AVEngine.TempDir + Path.GetFileNameWithoutExtension(filename) + @"\");
                    }
                    object svir = null;
                    foreach (string file in FileHelper.GetFilesRecursive(AVEngine.TempDir + Path.GetFileNameWithoutExtension(filename) + @"\"))
                    {
                        if (file.EndsWith(".text"))
                        {
                            svir = VDB.GetPEMD5(Security.GetMD5HashFromFile(file));
                            if (svir != null)
                            {
                                return(svir);
                            }
                        }
                        else if (file.EndsWith(".data"))
                        {
                            svir = VDB.GetPEMD5(Security.GetMD5HashFromFile(file));
                            if (svir != null)
                            {
                                return(svir);
                            }
                        }
                        else if (file.EndsWith(".idata"))
                        {
                            svir = VDB.GetPEMD5(Security.GetMD5HashFromFile(file));
                            if (svir != null)
                            {
                                return(svir);
                            }
                        }
                        File.Delete(file);
                    }
                    return(VDB.GetMD5(Security.GetMD5HashFromFile(filename)));
                }
                else
                {
                    return(null);
                }
            }
            catch
            {
                return(null);
            }
            finally
            {
            }
            return(null);
        }

Ejemplo n.º 5

        public object ScanM(string filename, System.Windows.Forms.Label lb)
        {
            FileInfo fi = new FileInfo(filename);

            if (fi.Length < MaximumSize)
            {
                return(VDB.GetMD5(Security.GetMD5HashFromFile(filename)));
            }
            else
            {
                return(null);
            }
        }

Ejemplo n.º 6

        public object Scan(string filename)
        {
            FileInfo fi = new FileInfo(filename);

            if (fi.Length < MaximumSize)
            {
                return(VDB.GetMD5(Security.GetMD5HashFromFile(filename)));
            }
            else
            {
                return(null);
            }
        }

Ejemplo n.º 7

 static void FilterData(Session session)
 {
     if (session.fullUrl.EndsWith(".js") || session.fullUrl.EndsWith(".vbs") || session.fullUrl.EndsWith(".bat") || session.fullUrl.EndsWith(".com"))
     {
         object v = VDB.GetScript(Security.ConvertToHex(session.GetResponseBodyAsString()));
         if (v != null)
         {
             KavprotVoice.SpeakAsync("A malicious code detected : " + v.ToString());
             session.utilCreateResponseAndBypassServer();
             session.responseBodyBytes = Encoding.ASCII.GetBytes(KAVE.Properties.Resources.ErrorPageHead + string.Format(KAVE.Properties.Resources.Title, "Kavprot smart security Blocked a malicious code : " + v.ToString()) + KAVE.Properties.Resources.Ressources + string.Format(KAVE.Properties.Resources.Bodytitle, "Kavprot smart security Blocked a malicious code : " + v.ToString()) + string.Format(KAVE.Properties.Resources.Body, KAVE.Properties.Resources.MalwareMessage));
             session.oResponse.headers = Parser.ParseResponse("HTTP/1.1 200 OK\r\nKPAVWebProxyTemplate: True\r\nContent-Length: 165000");
         }
     }
 }

Ejemplo n.º 8

Archivo: ContextManager.cs Proyecto: developer-ken/SessionIsoBrowser

 public static Context GetContext(string UUID)
 {
     if (contList.ContainsKey(UUID))
     {
         return(contList[UUID]);
     }
     else
     {
         var settings = new RequestContextSettings();
         settings.CachePath             = System.IO.Path.GetFullPath(VDB.GetSessionSavePath(UUID));
         settings.PersistSessionCookies = true;
         RequestContext reqc = new RequestContext(settings);
         reqc.LoadExtensionsFromDirectory(VDB.savepath + @"\extentions", extHandler);
         //Cef.RefreshWebPlugins();
         Context c = new Context()
         {
             context = reqc
         };
         contList.Add(UUID, c);
         return(c);
     }
 }

Ejemplo n.º 9

        public object Scan(string filename, System.Windows.Forms.Label lb)
        {
            FileInfo fi = new FileInfo(filename);

            if (fi.Length < MaximumSize)
            {
                object     x          = null;
                FileStream fileStream = new FileStream(filename, FileMode.Open, FileAccess.Read);
                using (StreamReader sr = new StreamReader(fileStream))
                {
                    StringBuilder sb  = new StringBuilder();
                    string        hex = Security.DumpHex(sr, sb);

                    x = VDB.GetScript(hex);
                }
                return(x);
            }
            else
            {
                return(null);
            }
        }

Ejemplo n.º 10

        internal static void LearnDefinitin(string filename, string infections)
        {
            try
            {
                Dictionary <string, string> db = new Dictionary <string, string>();
                VDBT vdt = VirusDBTeacher.GetSignatures(filename, true, infections);
                switch (vdt.SIGID)
                {
                case "PES":
                    if (vdt.TEXTHASH.Length > 4)
                    {
                        db.Add(vdt.TEXTHASH, vdt.VirusName);
                    }

                    if (vdt.DATAHASH.Length > 4)
                    {
                        db.Add(vdt.DATAHASH, vdt.VirusName);
                    }

                    VDB.AddKeys(db, DBT.PEMD5);

                    break;

                case "ARS":
                    if (vdt.FILEHASH.Length > 4)
                    {
                        db.Add(vdt.FILEHASH, vdt.VirusName);
                    }

                    VDB.AddKeys(db, DBT.HDB);
                    break;

                case "HAS":
                    if (vdt.FILEHASH.Length > 4)
                    {
                        db.Add(vdt.FILEHASH, vdt.VirusName);
                    }

                    VDB.AddKeys(db, DBT.HDB);
                    break;

                case "ASC":
                    if (vdt.FILEHASH.Length > 4)
                    {
                        db.Add(vdt.FILEHASH, vdt.VirusName);
                    }

                    if (vdt.FILESOURCE.Length > 4)
                    {
                        db.Add(vdt.FILESOURCE, vdt.VirusName);
                    }

                    VDB.AddKeys(db, DBT.SDB);
                    break;
                }
            }
            catch (Exception ex)
            {
                AntiCrash.LogException(ex);
            }
            finally
            {
            }
        }

Ejemplo n.º 11

        public static void IDPScan(Label CurFile, ProgressBarX progress, ItemPanel lst)
        {
            Stopwatch st      = Stopwatch.StartNew();
            int       total   = 0;
            int       scanned = 0;

            if (VDB.GetIDPCount() > 2)
            {
                #region GetCount

                foreach (string drv in Environment.GetLogicalDrives())
                {
                    Stack <string> stack = new Stack <string>();
                    // 3.
                    // Add initial directory.
                    stack.Push(drv);

                    // 4.
                    // Continue while there are directories to process
                    while (stack.Count > 0)
                    {
                        // A.
                        // Get top directory
                        string dir = stack.Pop();

                        try
                        {
                            // scan all files in directory
                            foreach (string file in Directory.GetFiles(dir, "*.*"))
                            {
                                total++;
                            }



                            // C
                            // Add all directories at this directory.
                            foreach (string dn in Directory.GetDirectories(dir))
                            {
                                stack.Push(dn);
                            }
                        }
                        catch
                        {
                        }
                    }
                }

                #endregion

                Stack <string> sstack = new Stack <string>();

                // 3.
                // Add initial directory.
                foreach (string drive in Environment.GetLogicalDrives())
                {
                    sstack.Push(drive);
                }


                // 4.
                // Continue while there are directories to process
                while (sstack.Count > 0)
                {
                    // A.
                    // Get top directory
                    string dir = sstack.Pop();

                    try
                    {
                        foreach (string file in Directory.GetFiles(dir, "*.exe"))
                        {
                            try
                            {
                                if (File.Exists(file))
                                {
                                    GUI.UpdateLabel(CurFile, file);
                                    scanned++;

                                    GUI.UpdateProgress(progress, scanned, total);
                                    if (!VDB.GetIDP(file, Security.GetMD5HashFromFile(file)))
                                    {
                                        Virus item = new Virus("KavProtSense.IdentityChanged", file, AVEngine.PETypeScanner);
                                        GUI.UpdatePanel(item, lst);
                                    }
                                }
                            }
                            catch
                            {
                            }
                            finally
                            {
                            }
                        }

                        foreach (string file in Directory.GetFiles(dir, "*.msi"))
                        {
                            try
                            {
                                if (File.Exists(file))
                                {
                                    GUI.UpdateLabel(CurFile, file);
                                    scanned++;

                                    GUI.UpdateProgress(progress, scanned, total);
                                    if (!VDB.GetIDP(file, Security.GetMD5HashFromFile(file)))
                                    {
                                        Virus item = new Virus("KavProtSense.IdentityChanged", file, AVEngine.PETypeScanner);
                                        GUI.UpdatePanel(item, lst);
                                    }
                                }
                            }
                            catch
                            {
                            }
                            finally
                            {
                            }
                        }

                        foreach (string file in Directory.GetFiles(dir, "*.dll"))
                        {
                            try
                            {
                                if (File.Exists(file))
                                {
                                    GUI.UpdateLabel(CurFile, file);
                                    scanned++;

                                    GUI.UpdateProgress(progress, scanned, total);
                                    if (!VDB.GetIDP(file, Security.GetMD5HashFromFile(file)))
                                    {
                                        Virus item = new Virus("KavProtSense.IdentityChanged", file, AVEngine.PETypeScanner);
                                        GUI.UpdatePanel(item, lst);
                                    }
                                }
                            }
                            catch
                            {
                            }
                            finally
                            {
                            }
                        }
                        // C
                        // Add all directories at this directory.
                        foreach (string dn in Directory.GetDirectories(dir))
                        {
                            sstack.Push(dn);
                        }
                    }
                    catch
                    {
                        // D
                        // Could not open the directory
                    }
                }
            }
            else
            {
                Stack <string> sstack = new Stack <string>();

                // 3.
                // Add initial directory.
                foreach (string drive in Environment.GetLogicalDrives())
                {
                    sstack.Push(drive);
                }


                // 4.
                // Continue while there are directories to process
                while (sstack.Count > 0)
                {
                    // A.
                    // Get top directory
                    string dir = sstack.Pop();

                    try
                    {
                        VDB.AddIDP(Directory.GetFiles(dir, "*.exe"), progress);

                        VDB.AddIDP(Directory.GetFiles(dir, "*.msi"), progress);

                        VDB.AddIDP(Directory.GetFiles(dir, "*.dll"), progress);
                        // C
                        // Add all directories at this directory.
                        foreach (string dn in Directory.GetDirectories(dir))
                        {
                            sstack.Push(dn);
                        }
                    }
                    catch
                    {
                        // D
                        // Could not open the directory
                    }
                }
            }
            st.Stop();
            // alert needed
            GUI.UpdateLabel(CurFile, "Scan Performed in " + st.Elapsed.ToString());
            Alert.ScanCompleted();
        }

Ejemplo n.º 12

 void EventsManager_VDBUpdateCompleted(object sender, EventArgs e)
 {
     VDB.VDBDefinitions();
     notifyIcon1.ShowBalloonTip(4000, "Update Completed", "Kavprot smart security update completed successfully. (" + VDB.version.ToString() + ")", ToolTipIcon.Info);
 }

Ejemplo n.º 13

 public object Scan(string filename, System.Windows.Forms.Label lb)
 {
     return(VDB.GetMD5(Security.GetMD5HashFromFile(filename)));
 }

Ejemplo n.º 14

 public object Scan(string filename)
 {
     return(VDB.GetMD5(Security.GetMD5HashFromFile(filename)));
 }