private void importToolStripMenuItem_Click(object sender, EventArgs e) { // create a new open file dialog using (OpenFileDialog ofd = new OpenFileDialog()) { // set filter for the open file dialog ofd.Filter = "(*.sdb)|*.sdb";; // Check if a file is selected if (ofd.ShowDialog() == DialogResult.OK) { // intialize the sig controller on the file selected Signatures = new SignatureController(ofd.FileName); // try to load the file if (Signatures.LoadDatabase()) { // clean up currently loaded db if any CleanUp(); // load new db into view loadIntoView(); } else { // alert user the file could not be loaded... MessageBox.Show("Unable to load signature database, a new database will be created if you save."); } } } }
static void Main(string[] args) { // Output some information about the program running Console.Title = "Berzerk Malware Scanner - Test Client - http://JordanHook.com"; // Output version of tester Console.WriteLine("Berzerk Malware Scanner Test Client 1.0"); // Scan a folder based on the args if (args.Length == 0) { Console.WriteLine("No scan directory specified..."); return; } // Declare some variables for the scan string ScanDirectory = args[0]; // Our controllers... SignatureController Signatures = new SignatureController("sigs.sdb"); // Load the library setting defaults (we will add a settings controller later...) BerzerkAPI.Settings.Defaults(); //Set max file size to 5mb to testing purposes.. BerzerkAPI.Settings.MaxFileSize = (1024 * 1024) * 5; // Try to load the signatures if (Signatures.LoadDatabase()) { Console.WriteLine("Signature database was loaded with {0} entries", Signatures.Signatures.Count); } else { // If the signatures can't be loaded... we can't scan for anything Console.WriteLine("Unable to load signature database..."); return; } // Output current task Console.WriteLine("\nGathering files to scan..."); // Now that our controllers have been loaded... we can attempt to start scanning files Queue <string> ScanList = BerzerkAPI.IO.File.CreateFileQueue(ScanDirectory, true); // Output current task Console.WriteLine("\nScanning {0} files...", ScanList.Count); // Loop through each file in the list //foreach (string file in ScanList) //{ // try // { // // Run a scan on the file // Signature scan = BerzerkAPI.IO.File.ScanFile(file, Signatures, Cached); // // Check if there is a threat detected // if (scan != null) // { // // Output the detection type and file location // Console.WriteLine("\nDETECTED {0}:\n{1}", scan.Definition, file); // } // } // catch (Exception) // { // // We were unable to access the current file due to permission issues or it being in use... // } //} // Multi threaded scan List <Thread> ScanThreads = new List <Thread>(); int totalFiles = ScanList.Count(); // Run an extra thread to display some information about the scan... new Thread(() => { // While the scan is still running while (ScanList.Count > 0) { Thread.Sleep(5000); Console.WriteLine("{0} Files left to scan...", ScanList.Count); Console.WriteLine("{0} Scanning threads running...", ScanThreads.Count()); Console.WriteLine("{0} Files have been scanned...", totalFiles - ScanList.Count()); // Garbage collect call since our scans use a lot of resources GC.Collect(); } }).Start(); // While there are files left to scan... while (true) { // If there are no scans running and no files left to scan // Exit the infinite loop if (ScanThreads.Count() == 0 && ScanList.Count == 0) { break; } // Find a dead thread... var dead = ScanThreads.FirstOrDefault(th => th.ThreadState == ThreadState.Stopped); // While there are more dead threads while (dead != null) { // Remove them ScanThreads.Remove(dead); // Find more? dead = ScanThreads.FirstOrDefault(th => th.ThreadState == ThreadState.Stopped); } // Ensure 1 thread per processor core while (ScanThreads.Count() < Environment.ProcessorCount) { // Don't start a new thread if the scan list is empty.. we just need to wait for the rest of the scans to finish... if (ScanList.Count == 0) { break; } // Create a new thead Thread t = new Thread(() => { try { // Get the next file string current = ScanList.Dequeue(); // Scan the current file //Signature scan = BerzerkAPI.IO.File.ScanFile(current, ref Signatures, ref Cached); ScanResultArgs result = BerzerkAPI.IO.File.ScanFile(current, Signatures); // Check the results if (result.Detection != null) { Console.WriteLine("\nDETECTED {0}:\n{1}", result.Detection.Definition, current); } } catch (Exception) { // We were unable to access the current file due to permission issues or it being in use... } }); // Add the scan thread to the list ScanThreads.Add(t); // Run the thread t.IsBackground = true; t.Start(); } // Pause while we wait for a scan to finish... Thread.Sleep(10); } // All scans completed, give a delay before outputting finished results incase a detection is still being outputted.. Thread.Sleep(1500); // EOP... Console.WriteLine("\n\n\nScan complete, press any key to exit..."); Console.ReadKey(); }
static void Main(string[] args) { // Output some information about the program running Console.Title = "Berzerk Malware Scanner 2 - Test Client - http://JordanHook.com"; // Output version of tester Console.WriteLine("Berzerk Malware Scanner Test Client 2.0"); // Scan a folder based on the args if (args.Length == 0) { Console.WriteLine("No scan directory specified..."); return; } // Declare some variables for the scan string ScanDirectory = args[0]; // Our controllers... SignatureController Signatures = new SignatureController("sigs.sdb"); // Load the library setting defaults (we will add a settings controller later...) BerzerkAPI.Settings.Defaults(); //Set max file size to 5mb to testing purposes.. BerzerkAPI.Settings.MaxFileSize = (1024 * 1024) * 5; // Try to load the signatures if (Signatures.LoadDatabase()) { Console.WriteLine("Signature database was loaded with {0} entries", Signatures.Signatures.Count); } else { // If the signatures can't be loaded... we can't scan for anything Console.WriteLine("Unable to load signature database..."); return; } // Output current task Console.WriteLine("\nGathering files to scan..."); // Now that our controllers have been loaded... we can attempt to start scanning files Queue <string> ScanList = BerzerkAPI.IO.File.CreateFileQueue(ScanDirectory, true); Threats = new List <ThreatDetectedArgs>(); // Store total files to scan... TotalFiles = ScanList.Count; // Output current task Console.WriteLine("\nScanning {0} files...", ScanList.Count); // Create an instance of the scan controller to work with ScanController scanner = new ScanController(ScanList, Signatures); // Setup events scanner.ThreatDetected += Scanner_ThreatDetected; scanner.ThreatScanComplete += Scanner_ThreatScanComplete; // setup watch watch = new Stopwatch(); // Background reporting.. new Thread(() => { Thread.Sleep(1000); // Output some information about the current scan... while (scanner.Scanning) { Console.WriteLine("{0}/{1} Files scanned\t{2:0.00} MB Processed\t{3}", TotalFiles - scanner.TargetFiles.Count, TotalFiles, scanner.ScannedData, watch.Elapsed.ToString()); Console.WriteLine("{0} Threads Active", scanner.RunningThreads); Thread.Sleep(1000); } }).Start(); // start the watch watch.Start(); // Start the scan scanner.Run(); // Keep the program open System.Diagnostics.Process.GetCurrentProcess().WaitForExit(); }