[LINUX] Scan downloaded files for viruses

Come up with a useful post-processing script? Share it here!
Post Reply
undertow
Newbie
Newbie
Posts: 12
Joined: June 16th, 2008, 8:09 am

[LINUX] Scan downloaded files for viruses

Post by undertow »

The following script is for Linux only. It requires ClamAV to be installed. It will scan the downloaded directory, and if anything is found it will rename the directory adding an "_INFECTED_" prefix to the directory name. It also places a file named "clamscan.log" within the directory as well. So far, it's been working great.

Code: Select all

#!/bin/sh

BASENAME=`basename "$1"`
LOGFILE="$1/clamscan.log"

/usr/bin/clamscan -i -l "$LOGFILE" -r "$1"

if [ $? -eq 1 ]; then
  cd "$1"/..
  mv "$BASENAME" _INFECTED_"$BASENAME"
fi
User avatar
shypike
Administrator
Administrator
Posts: 19774
Joined: January 18th, 2008, 12:49 pm

Re: [LINUX] Scan downloaded files for viruses

Post by shypike »

Did it find any viruses yet?
Seriously, it hard to tell if it actually works until it catches a virus.
undertow
Newbie
Newbie
Posts: 12
Joined: June 16th, 2008, 8:09 am

Re: [LINUX] Scan downloaded files for viruses

Post by undertow »

shypike wrote: Did it find any viruses yet?
Seriously, it hard to tell if it actually works until it catches a virus.
Of course I tested it, and yes it did detect the virus just fine. ;)

I queued up a nzb, and copied a virus infected file into the generated directory within my incomplete directory. Once the download finished and the processing script began, it immediately detected the compromised file and renamed the directory accordingly.

Feel free to test for yourself by using the following test file: hxxp://www.eicar.org/download/eicar.com **

I've renamed the url so it cannot be clicked. Be advised that the link is to a file knowingly infected with the Eicar Test Virus.
User avatar
shypike
Administrator
Administrator
Posts: 19774
Joined: January 18th, 2008, 12:49 pm

Re: [LINUX] Scan downloaded files for viruses

Post by shypike »

Good job  ;D
User avatar
sander
Release Testers
Release Testers
Posts: 9062
Joined: January 22nd, 2008, 2:22 pm

Re: [LINUX] Scan downloaded files for viruses

Post by sander »

I added two echo commands to the script of which the output shows up in the SAB webgui (instead of the time it took to scan the files)

Code: Select all

#!/bin/sh

BASENAME=`basename "$1"`
LOGFILE="$1/clamscan.log"

/usr/bin/clamscan -i -l "$LOGFILE" -r "$1"

if [ $? -eq 1 ]; then
  cd "$1"/..
  mv "$BASENAME" _INFECTED_"$BASENAME"
  echo "Virus found!"
else
  echo "All OK - no virus found."
fi
See Image for the result (with the old output at the bottom of the picture)
aaearon
Release Testers
Release Testers
Posts: 10
Joined: September 9th, 2008, 8:32 pm

Re: [LINUX] Scan downloaded files for viruses

Post by aaearon »

Love it, thanks
Post Reply