diff --git a/Dockerfile b/Dockerfile index a1781f0..51d58aa 100644 --- a/Dockerfile +++ b/Dockerfile @@ -28,17 +28,21 @@ RUN groupadd -r malice \ && chown -R malice:malice /malware # Install McAfee AV -RUN set -x \ - && apt-get update \ - && apt-get install -yq ca-certificates curl --no-install-recommends \ - && echo "===> Install McAfee..." \ - && mkdir -p /usr/local/uvscan \ - && curl http://b2b-download.mcafee.com/products/evaluation/vcl/l64/vscl-l64-604-e.tar.gz \ - | tar -xzf - -C /usr/local/uvscan \ - && echo "===> Clean up unnecessary files..." \ - && apt-get purge -y --auto-remove ca-certificates curl \ - && apt-get clean \ - && rm -rf /var/lib/apt/lists/* /var/cache/apt/archives /tmp/* /var/tmp/* +#RUN set -x \ +# && apt-get update \ +# && apt-get install -yq ca-certificates curl unzip gzip libarchive-tools --no-install-recommends \ +# && echo "===> Install McAfee..." \ +# && mkdir -p /usr/local/uvscan \ +# && curl http://b2b-download.mcafee.com/products/evaluation/vcl/l64/vscl-l64-604-e.tar.gz \ +# | gzip -d vscl-l64-604-e.tar.gz \ +# | tar -xzf vscl-l64-604-e.tar -C /usr/local/uvscan \ +# && echo "===> Clean up unnecessary files..." \ +# && apt-get purge -y --auto-remove ca-certificates curl \ +# && apt-get clean \ +# && rm -rf /var/lib/apt/lists/* /var/cache/apt/archives /tmp/* /var/tmp/* +RUN mkdir -p /usr/local/uvscan +COPY ./cls-l64-703-e.tar.gz /tmp/. +RUN tar -xzf /tmp/cls-l64-703-e.tar.gz -C /usr/local/uvscan # Ensure ca-certificates is installed for elasticsearch to use https RUN apt-get update -qq && apt-get install -yq --no-install-recommends ca-certificates wget unzip \ @@ -56,4 +60,4 @@ COPY --from=go_builder /bin/avscan /bin/avscan WORKDIR /malware ENTRYPOINT ["/bin/avscan"] -CMD ["--help"] +CMD ["--help"] \ No newline at end of file diff --git a/scan.go b/scan.go index 3227466..6057858 100644 --- a/scan.go +++ b/scan.go @@ -22,6 +22,7 @@ import ( "github.com/malice-plugins/pkgs/utils" "github.com/parnurzeal/gorequest" "github.com/pkg/errors" + "github.com/rs/cors" "github.com/urfave/cli" ) @@ -78,6 +79,8 @@ func assert(err error) { // AvScan performs antivirus scan func AvScan(timeout int) McAfee { + log.Info("---------Entered AvScan-----------------") + defer os.Remove("/tmp/" + hash + ".xml") var results ResultsData @@ -180,19 +183,35 @@ func printStatus(resp gorequest.Response, body string, errs []error) { } func webService() { - router := mux.NewRouter().StrictSlash(true) + + fmt.Println("Settin up server, enabling CORS . . .") + + c := cors.New(cors.Options{ + AllowedOrigins: []string{"*"}, // All origins + AllowedMethods: []string{"*"}, // All methods + AllowedHeaders: []string{"*"}, + }) + + router := mux.NewRouter() router.HandleFunc("/scan", webAvScan).Methods("POST") log.WithFields(log.Fields{ "plugin": name, "category": category, }).Info("web service listening on port :3993") - log.Fatal(http.ListenAndServe(":3993", router)) + log.Fatal(http.ListenAndServe(":3993", c.Handler(router))) } -func webAvScan(w http.ResponseWriter, r *http.Request) { +func enableCors(w *http.ResponseWriter) { + + (*w).Header().Set("Access-Control-Allow-Origin", "*") + (*w).Header().Set("Access-Control-Allow-Methods", "*") +} +func webAvScan(w http.ResponseWriter, r *http.Request) { + enableCors(&w) r.ParseMultipartForm(32 << 20) file, header, err := r.FormFile("malware") + log.Info("Corse Enabled-------") if err != nil { w.WriteHeader(http.StatusBadRequest) fmt.Fprintln(w, "Please supply a valid file to scan.") @@ -202,7 +221,8 @@ func webAvScan(w http.ResponseWriter, r *http.Request) { }).Error(err) } defer file.Close() - + log.Info("------------------Preparing File for Scanning-----------------") + log.Info(header.Filename) log.WithFields(log.Fields{ "plugin": name, "category": category, @@ -221,11 +241,18 @@ func webAvScan(w http.ResponseWriter, r *http.Request) { if err = tmpfile.Close(); err != nil { assert(err) } - + log.Info("----------------- Scanning Started-----------------") // Do AV scan path = tmpfile.Name() mcafee := AvScan(60) + log.Info("----------------- Scanning Complelted-----------------") + + log.Info("File is: ") + log.Info(mcafee.Results.Infected) + + log.Info("-----------------Creating Response-----------------") + w.Header().Set("Access-Control-Allow-Origin", "*") w.Header().Set("Content-Type", "application/json; charset=UTF-8") w.WriteHeader(http.StatusOK)