ok

Mini Shell

Direktori : /opt/imunify360/venv/lib64/python3.11/site-packages/restore_infected/
Upload File :
Current File : //opt/imunify360/venv/lib64/python3.11/site-packages/restore_infected/scan.py

import json
import os
from subprocess import check_output

from restore_infected import helpers

AGENT_BIN = '/usr/bin/imunify360-agent'


def agent_malware_cmd(*args):
    cmd = [AGENT_BIN, 'malware'] + list(args) + ['--json']
    out = check_output(cmd)
    out = out.decode('utf-8', 'ignore')

    try:
        return json.loads(out)
    except (json.JSONDecodeError, TypeError):
        return None


def agent_start_scan(file_name):
    agent_malware_cmd('on-demand', 'start', '--path', file_name)


def agent_scan_running(file_name):
    status_json = agent_malware_cmd('on-demand', 'status')
    status_json = status_json.get('items', status_json)
    status = status_json.get('status', 'stopped')

    if status == 'running' and status_json.get('path', '') == file_name:
        return True

    return False


def agent_is_suspicious(file_name):
    scan_result = agent_malware_cmd('suspicious', 'list',
                                    '--search', file_name)

    if scan_result is not None:
        for item in scan_result['items']:
            if item['file'] == file_name:
                return True

    return False


def await_scan_result(file_name):
    while agent_scan_running(file_name):
        pass


def scan(files):
    """
    Scan files for malware
    :param files: list of files to scan
    :return: list of malware detected files
    """
    if not os.path.exists(AGENT_BIN):
        helpers.warning("Can't find imunify360-agent binary, "
                        "malware scanning disabled",
                        once=True)
        return []

    infected = []

    for file_name in files:
        agent_start_scan(file_name)
        await_scan_result(file_name)
        if agent_is_suspicious(file_name):
            infected.append(file_name)

    return infected

Zerion Mini Shell 1.0