예제 #1
0
        private void AddFiles(IList <string> paths)
        {
            var elements = new List <HashSignatureElement>();

            foreach (string path in paths)
            {
                var file = new FileItem(new FileInfo(path));

                string sum = Checksums.GetChecksumFromFile(file, Checksums.ChecksumType.SHA1);
                elements.Add(new HashSignatureElement(file, sum));
            }

            files    = files.Union(elements, new HashSignatureElementComparer()).ToList();
            modified = true;
        }
예제 #2
0
        public (bool detected, Detection detection) Scan(FileItem file)
        {
            var    elementsMatchingSize = new List <HashSignatureElement>();
            string sha1 = string.Empty;

            if (this.Status == DetectorStatus.UNUSED)
            {
                logger.Error("{0} detector in use when it should have been pruned", this.Name);
                return(false, null);
            }

            if (this.Status == DetectorStatus.UNINITIALIZED)
            {
                string message = string.Format(
                    "Trying to use the {0} detector while it is uninitialized",
                    this.Name);

                logger.Error(message);
                throw new Exception(message);
            }

            /* First check if any elements match the size of the file being scanned */
            foreach (var element in elements)
            {
                if (element.Length == file.Length)
                {
                    logger.Trace("Size match: {0} matches size of {1}", file.AbsolutePath, element.Name);
                    elementsMatchingSize.Add(element);
                }
            }

            if (elementsMatchingSize.Count > 0)
            {
                sha1 = Checksums.GetChecksumFromFile(file, Checksums.ChecksumType.SHA1);

                foreach (var element in elements)
                {
                    if (sha1.Equals(element.SHA1))
                    {
                        logger.Trace("Exact match: {0} matches hash of {1}", file.AbsolutePath, element.Name);
                        logger.Trace("Matching SHA1 sum was {0}", sha1);
                        return(true, new Detection(this.Type, this.Name, string.Format("Hash matches {0}", element.Name)));
                    }
                }
            }

            return(false, null);
        }
예제 #3
0
        private void AddFiles(IList <string> paths)
        {
            var elements = new List <SignatureElement>();

            foreach (string path in paths)
            {
                var info = new FileInfo(path);
                var file = new FileItem(info)
                {
                    Owner = Paths.GetOwner(info)
                };

                string sum = Checksums.GetChecksumFromFile(file, Checksums.ChecksumType.SHA1);
                elements.Add(new HashSignatureElement(file, sum));
            }

            task.Elements =
                task.Elements.Union(elements, new SignatureElementComparer()).ToList();
        }