.NET virus scanning API
I\'m building a web application in which I need to scan the user-uploaded files for viruses.
Does anyone with experience in building something like this can provide
-
I would probably just make a system call to run an independent process to do the scan. There are a number of command-line AV engines out there from various vendors.
讨论(0) -
I also had this requirement. I used clamAv anti virus which provides on-demand scanning by sending the file to their tcp listening port. You can use
nClamnuget package to send files toclamav.var clam = new ClamClient("localhost", 3310); var scanResult = clam.ScanFileOnServerAsync("C:\\test.txt"); //any file you would like! switch (scanResult.Result.Result) { case ClamScanResults.Clean: Console.WriteLine("The file is clean!"); break; case ClamScanResults.VirusDetected: Console.WriteLine("Virus Found!"); Console.WriteLine("Virus name: {0}", scanResult.Result.InfectedFiles[0].FileName); break; case ClamScanResults.Error: Console.WriteLine("Woah an error occured! Error: {0}", scanResult.Result.RawResult); break; }A simple and detailed example is shown here. Note:- The synchronous scan method is not available in the latest nuget. You have to code like I done above
For testing a virus you can use the below string in a
txtfileX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
讨论(0) -
Shameless plug but you might want to check out https://scanii.com, it's basically malware/virus detection as a (REST) service. Oh also, make sure you read and understand virustotal's API terms (https://www.virustotal.com/en/documentation/public-api/) - they are very clear about not allowing commercial usage.
讨论(0) -
You can use IAttachmentExecute API.
Windows OS provide the common API to calling the anti virus software which is installed (Of course, the anti virus software required support the API). But, the API to calling the anti virus software provide only COM Interface style, not supported IDispatch. So, calling this API is too difficult from any .NET language and script language.
Download this library from here Anti Virus Scanner for .NET or add reference your VS project from "NuGet" AntiVirusScanner
For example bellow code scan a file :
var scanner = new AntiVirus.Scanner(); var result = scanner.ScanAndClean(@"c:\some\file\path.txt"); Console.WriteLine(result); // console output is "VirusNotFound".讨论(0) -
//Scan string start = Console.ReadLine(); System.Diagnostics.Process scanprocess = new System.Diagnostics.Process(); sp.StartInfo.WorkingDirectory = @"<location of your antivirus>"; sp.StartInfo.UseShellExecute = false; sp.StartInfo.FileName = "cmd.exe"; sp.StartInfo.Arguments = @"/c antivirusscanx.exe /scan="+filePath; sp.StartInfo.CreateNoWindow = true; sp.StartInfo.RedirectStandardInput = true; sp.StartInfo.RedirectStandardError = true; sp.Start(); string output = sp.StandardOutput.ReadToEnd(); //Scan results System.Diagnostics.Process pr = new System.Diagnostics.Process(); pr.StartInfo.FileName = "cmd.exe"; pr.StartInfo.Arguments = @"/c echo %ERRORLEVEL%"; pr.StartInfo.RedirectStandardInput = true; pr.StartInfo.RedirectStandardError = true; pr.Start(); output = processresult.StandardOutput.ReadToEnd(); pr.Close();讨论(0) -
I would recommend using this approach:
using System; using System.Diagnostics; using Cloudmersive.APIClient.NET.VirusScan.Api; using Cloudmersive.APIClient.NET.VirusScan.Client; using Cloudmersive.APIClient.NET.VirusScan.Model; namespace Example { public class ScanFileAdvancedExample { public void main() { // Configure API key authorization: Apikey Configuration.Default.AddApiKey("Apikey", "YOUR_API_KEY"); var apiInstance = new ScanApi(); var inputFile = new System.IO.FileStream("C:\\temp\\inputfile", System.IO.FileMode.Open); // System.IO.Stream | Input file to perform the operation on. var allowExecutables = true; // bool? | Set to false to block executable files (program code) from being allowed in the input file. Default is false (recommended). (optional) var allowInvalidFiles = true; // bool? | Set to false to block invalid files, such as a PDF file that is not really a valid PDF file, or a Word Document that is not a valid Word Document. Default is false (recommended). (optional) var allowScripts = true; // bool? | Set to false to block script files, such as a PHP files, Pythong scripts, and other malicious content or security threats that can be embedded in the file. Set to true to allow these file types. Default is false (recommended). (optional) var allowPasswordProtectedFiles = true; // bool? | Set to false to block password protected and encrypted files, such as encrypted zip and rar files, and other files that seek to circumvent scanning through passwords. Set to true to allow these file types. Default is false (recommended). (optional) var restrictFileTypes = restrictFileTypes_example; // string | Specify a restricted set of file formats to allow as clean as a comma-separated list of file formats, such as .pdf,.docx,.png would allow only PDF, PNG and Word document files. All files must pass content verification against this list of file formats, if they do not, then the result will be returned as CleanResult=false. Set restrictFileTypes parameter to null or empty string to disable; default is disabled. (optional) try { // Advanced Scan a file for viruses VirusScanAdvancedResult result = apiInstance.ScanFileAdvanced(inputFile, allowExecutables, allowInvalidFiles, allowScripts, allowPasswordProtectedFiles, restrictFileTypes); Debug.WriteLine(result); } catch (Exception e) { Debug.Print("Exception when calling ScanApi.ScanFileAdvanced: " + e.Message ); } } } }Note that this way you can even control whether you filter out non-virus threat payloads such as executables, scripts, encrypted/password-protected files, etc.
This approach has a free tier and can also validate the contents of the files that you upload.
讨论(0)
加载中...
- 热议问题