Exemple #1
0
        public void ScriptInvokeHandler(BabelShellfish sender, BabelShellfish.ScriptType type, String message)
        {
            if (!String.IsNullOrEmpty(this.LogPath))
            {
                string logString = String.Format(
                    CultureInfo.InvariantCulture,
                    "{0:yyyy-MM-dd-HH:mm:ss} - {1}: {2}",
                    DateTime.Now,
                    type.ToString(),
                    message);

                try
                {
                    StreamWriter contentWriter;
                    try
                    {
                        contentWriter = new StreamWriter(
                            new FileStream(this.LogPath, FileMode.OpenOrCreate, FileAccess.ReadWrite, FileShare.Read));
                        contentWriter.BaseStream.Seek(0, SeekOrigin.End);
                    }
                    catch
                    {
                        contentWriter = new StreamWriter(
                            new FileStream(this.LogPath, FileMode.Append, FileAccess.Write, FileShare.Read));
                    }
                    contentWriter.AutoFlush = true;
                    contentWriter.WriteLine(logString);
                    contentWriter.Flush();
                    contentWriter.Close();
                }
                catch (Exception)
                {
                }
            }
        }
Exemple #2
0
        // Allows running Babel-Shellfish from unmanaged code. Installs default logger for Babel-Shellfish
        public static int Run(string input)
        {
            int success = 0;

            try
            {
                BabelShellfish instance            = BabelShellfish.GetInstance();
                BabelShellfishConfiguration config = BabelShellfishConfiguration.GetInstance();

                if (config.DebugOut)
                {
                    BabelShellfishDebugString debugStringLogger = new BabelShellfishDebugString();
                    instance.ScriptInvoke += debugStringLogger.ScriptInvokeHandler;
                }
                if (!String.IsNullOrEmpty(config.LogPath))
                {
                    BabelShellfishLogger logger = new BabelShellfishLogger(config.LogPath);
                    instance.ScriptInvoke += logger.ScriptInvokeHandler;
                }
                if (config.ScanAmsi)
                {
                    BabelShellfishAmsi amsiScanner = new BabelShellfishAmsi();
                    instance.ScriptScan += amsiScanner.ScriptScanHandler;
                }
                instance.Init();

                success = 1;
            }
            catch (Exception)
            {
            }
            return(success);
        }
Exemple #3
0
 public static BabelShellfish GetInstance()
 {
     if (null == Instance)
     {
         Instance = new BabelShellfish();
     }
     return(Instance);
 }
Exemple #4
0
        public void ScriptInvokeHandler(BabelShellfish sender, BabelShellfish.ScriptType type, String message)
        {
            string logString = String.Format(
                CultureInfo.InvariantCulture,
                "{0:yyyy-MM-dd-HH:mm:ss} - {1}: {2}\n",
                DateTime.Now,
                type.ToString(),
                message);

            OutputDebugString(logString);
        }
Exemple #5
0
        public void ScriptScanHandler(BabelShellfish sender, BabelShellfish.ScriptType type, String message)
        {
            // Scan only if the source is not AMSI (to avoid endless loops)
            if (BabelShellfish.ScriptType.Amsi != type)
            {
                uint amsiResult = sender.ScanWithAmsi(message, null);

                if (1 < amsiResult)
                {
                    throw new ParseException("This script contains malicious content and has been blocked by your antivirus software.");
                }
            }
        }