From c0696860e82e184c5d52ddf98d109c0e2720f86d Mon Sep 17 00:00:00 2001 From: VISWESWARAN1998 Date: Sun, 2 Apr 2017 11:41:55 +0530 Subject: [PATCH] Minor bug fix + HTML support --- DOS-ENGINE/Malware.cpp | 35 ++++++++++++++++++++------ DOS-ENGINE/cybergod.cpp | 53 ++++++++++++++++++++++++++++----------- DOS-ENGINE/duplicates.cpp | 13 ++++++++-- DOS-ENGINE/gutmann.cpp | 7 +++++- DOS-ENGINE/html.cpp | 45 ++++++++++++++++++++++++++++++--- DOS-ENGINE/html.h | 13 +++++++--- 6 files changed, 135 insertions(+), 31 deletions(-) diff --git a/DOS-ENGINE/Malware.cpp b/DOS-ENGINE/Malware.cpp index 56766fe..45e5656 100644 --- a/DOS-ENGINE/Malware.cpp +++ b/DOS-ENGINE/Malware.cpp @@ -10,6 +10,7 @@ #include #include"malware_symptoms.h" #include +#include"html.h" // At present we do follow three rules @@ -32,7 +33,7 @@ bool Malware::scan(const wchar_t *sDir) // Use the specific extensions for scanning Extensions check_extensions; - + //Specify a file mask. *.* = We want everything! wsprintf(current_path, L"%s\\*.*", sDir); if ((hFind = FindFirstFile(current_path, &find_file)) == INVALID_HANDLE_VALUE) @@ -43,17 +44,19 @@ bool Malware::scan(const wchar_t *sDir) do { - + //Find first file will always return "." + // and ".." as the first two directories. if (wcscmp(find_file.cFileName, L".") != 0 && wcscmp(find_file.cFileName, L"..") != 0) { - + //Build up our file path using the passed in + // [sDir] and the file/foldername we just found: wsprintf(current_path, L"%s\\%s", sDir, find_file.cFileName); - + //Is the entity a File or Folder? if (find_file.dwFileAttributes &FILE_ATTRIBUTE_DIRECTORY) { - scan(current_path); + scan(current_path); //Recursion, I love it! } else { // [Local member-instance variable] boost enabled @@ -159,7 +162,7 @@ void Malware::set_boost_scan(bool set_scan_speed) is_boost_enabled = set_scan_speed; } -// used for scanning the scheduled files +// used for scanning the scheduled files template void Malware::scan_scheduled_files() { @@ -192,6 +195,7 @@ void Malware::scan_scheduled_files() std::cout << "\nMalicious Executable" << *itr << "\n"; add_suspicious_files_to_list(*itr, "Suspicious[PACKED] executables"); } + increment_file_count(); // increment the scanned files count std::cout << "\nFiles scanned " << return_file_count() << "\n"; } } @@ -222,10 +226,27 @@ void Malware::display_suspicious_files() iterator itr1 = suspicious_files_list.begin(); iterator itr2 = suspicious_files_list.end(); std::cout << "Malicious Detections\n=============================\n"; + HTML html; + html.create_file(L"malwareDetections.html", "CyberGod KSGMPRH"); + html.initialize_headers(); + html.initialize_message("table", "NULL"); + html.initialize_message("tr", "NULL"); + html.document(L"th", L"FILE"); + html.document(L"th", L"STATUS"); + html.finalize_message("tr"); for (iterator itr = itr1; itr != itr2; ++itr) { std::cout << itr->first << "\t\t" << itr->second << "\n"; + html.initialize_message("tr", "NULL"); + //std::string mssg1 = itr->first; + std::string mssg2 = itr->second; + //std::wstring message1(mssg1.begin(), mssg1.end()); + std::wstring message2(mssg2.begin(), mssg2.end()); + html.document(L"td",itr->first); + html.document(L"td", message2); + html.finalize_message("tr"); } + html.finalize_html(); } // Adding to schedule for scanning later @@ -244,4 +265,4 @@ bool Malware::add_to_schedule(malwares location) return false; } -template class Malware; +template class Malware; \ No newline at end of file diff --git a/DOS-ENGINE/cybergod.cpp b/DOS-ENGINE/cybergod.cpp index 0221828..776f17a 100644 --- a/DOS-ENGINE/cybergod.cpp +++ b/DOS-ENGINE/cybergod.cpp @@ -25,26 +25,29 @@ int wmain(int argc,wchar_t* argv[]) std::cout << "| (C) 2017, VISWESWARAN NAGASIVAM |\n"; std::cout << "===================================\n"; int option; - std::cout << "1. Malware scan\n2.Duplicate Files Remover\n3.Recovery\n4.Secure remove\n5. Remove the shortcut virus\n6.Show Identiity\n7. Password strength checker\n8. Autorun Checker\n9. Scan USB\n10. Quick scan\nChoice : "; + std::cout << "1.Malware scan\n2.Duplicate Files Remover\n3.Recovery\n4.Secure remove\n5.Remove the shortcut virus\n6.Show Identiity\n7.Password strength checker\n8.Autorun Checker\n9.Scan USB\n10.Quick scan\nChoice : "; std::cin >> option; std::cin.ignore(); std::wstring global_location; - std::cout << "\nEnter the location :"; - std::getline(std::wcin, global_location); switch (option) { case 1: { + std::cout << "\nEnter the location :"; + std::getline(std::wcin, global_location); system("cls"); Malware obj; obj.set_boost_scan(false); obj.scan(global_location.c_str()); obj.scan_scheduled_files(); obj.display_suspicious_files(); + process(); break; } case 2: { + std::cout << "\nEnter the location :"; + std::getline(std::wcin, global_location); Duplicates obj1; obj1.scan(global_location.c_str()); obj1.find_the_duplicates(); @@ -54,29 +57,45 @@ int wmain(int argc,wchar_t* argv[]) } case 3: { + std::cout << "\nLocation(files will be recovered form this location):\n"; + std::getline(std::wcin, global_location); + std::wstring recovery_folder; + std::cout << "\nLocation(recovered filees will be saved here):\n"; + std::getline(std::wcin, recovery_folder); Recovery constructor; - Recovery recover(L"G:\\", L"F:\\"); + Recovery recover(global_location,recovery_folder); recover.end(); + process(); break; } case 4: { - std::string loc = "G:\\CyberGod Recovery Data"; - Gutmann remove; - remove.secure_pass(L"F:\\dupes\\a.png"); + system("cls"); + std::cout << "WARNING! FILES CANNOT BE RECOVERED BACK ONCE YOU DELETED\n"; + while (true) + { + std::cout << "\nFile to be removed(LOCATION): "; + std::getline(std::wcin, global_location); + Gutmann remove; + // set the pass to 7 thereby making recovering as difficult as possible + remove.secure_pass(global_location, 7); + std::cout << "\nFile removed!\n"; + } break; } case 5: { + std::cout << "\nDrive Letter: "; + std::getline(std::wcin, global_location); + std::string drive(global_location.begin(), global_location.end()); ShortCutVirusRemover rem; - rem.set_drive_letter("I:\\"); + rem.set_drive_letter(drive); if (rem.get_scan_status() == true) { - rem.scan(L"I:\\"); + rem.scan(global_location.c_str()); rem.remove_all_shotcuts(); rem.show_suspected_files(); rem.fix_infection(); - //rem.remove_autorun("I:\\"); process(); } break; @@ -104,7 +123,10 @@ int wmain(int argc,wchar_t* argv[]) case 8: { Autorun autorun; - autorun.add_autorun_executables("I:\\"); + std::cout << "\nDrive Letter: "; + std::getline(std::wcin, global_location); + std::string drive(global_location.begin(), global_location.end()); + autorun.add_autorun_executables(drive); if (autorun.check_autorun_file()) { autorun.get_hashes(); @@ -116,8 +138,11 @@ int wmain(int argc,wchar_t* argv[]) } case 9: { + std::cout << "\nDrive Letter: "; + std::getline(std::wcin, global_location); + std::string drive(global_location.begin(), global_location.end()); USBScan usb; - usb.initialize("I:\\"); + usb.initialize(drive); std::cout << "\nMalicious\n"; usb.show_malicious_files(); std::cout << "\nSemi-Malicious\n"; @@ -140,13 +165,13 @@ int wmain(int argc,wchar_t* argv[]) obj.display_suspicious_files(); break; } - case 11: + /*case 11: { Plugin plugin; plugin.get_available_plugins(); plugin.execute_plugin("plugin.py",argc,argv); break; - } + }*/ default: break; } diff --git a/DOS-ENGINE/duplicates.cpp b/DOS-ENGINE/duplicates.cpp index 2b6dbd3..a23bae9 100644 --- a/DOS-ENGINE/duplicates.cpp +++ b/DOS-ENGINE/duplicates.cpp @@ -145,12 +145,21 @@ void Duplicates::get_duplicates() std::set::iterator itr1 = hash_test_results.begin(); std::set::iterator itr2 = hash_test_results.end(); HTML html; - html.create_file(L"duplicates.html", "Duplicate files finder", "NULL"); + html.create_file(L"duplicates.html", "CyberGod KSGMPRH"); + html.initialize_headers(); + html.initialize_message("table", "NULL"); + html.initialize_message("tr", "NULL"); + html.document(L"th", L"FILE"); + html.document(L"th", L"STATUS"); + html.finalize_message("tr"); for (std::set::iterator itr = itr1; itr != itr2; itr++) { duplicate_file_count++;// std::cout <<" [DUPLICATE]: " <<*itr << "\n"; - html.document(L"p", *itr); + html.initialize_message("tr", "NULL"); + html.document(L"td", *itr); + html.document(L"td", L"IDENTIFIED AS A DUPLICATE"); + html.finalize_message("tr"); } html.finalize_html(); // end the duplicates in the database diff --git a/DOS-ENGINE/gutmann.cpp b/DOS-ENGINE/gutmann.cpp index abb1cbf..7f3cef1 100644 --- a/DOS-ENGINE/gutmann.cpp +++ b/DOS-ENGINE/gutmann.cpp @@ -188,7 +188,12 @@ std::string random_binary() return random_data; } -//This scan will destroy the whole directory which cannot be recovered @ any cause +//This scan will destroy the whole directory which may not be recovered at any cause. +// This feature(removing multiple files) at a time is currently being dis-abled, +// Because it replaces the contents of file with different binary content which works +// quiet similar like encryption since we are removing multiple files and the application +// shows the behaviour of encrypting multiple files, some anti-virus detects this ability as a malware +// But sooner we will get white-listed and this feature will be included. bool Gutmann::scan(const wchar_t * sDir) { WIN32_FIND_DATA find_file; diff --git a/DOS-ENGINE/html.cpp b/DOS-ENGINE/html.cpp index f024e54..2cbb840 100644 --- a/DOS-ENGINE/html.cpp +++ b/DOS-ENGINE/html.cpp @@ -5,7 +5,7 @@ // This method will initialize the HTML5 document // This method should not be present inside the looping statement -bool HTML::create_file(std::wstring location,std::string title,std::string style_sheet) +bool HTML::create_file(std::wstring location,std::string title) { this->location = location; std::ofstream file; @@ -16,14 +16,53 @@ bool HTML::create_file(std::wstring location,std::string title,std::string style file << "" << "\n"; file << "" << "\n"; file << "" << title << "" << "\n"; - file << "" << "\n"; - file << "\n"; file.close(); return true; } return false; } +// This method will initialize the HTML5 document +// This method should not be present inside the looping statement +// You may use this method to add any special tags like style and script in your head tag +void HTML::initialize_headers() +{ + std::ofstream file; + file.open(location, std::ios::app); + if (file.is_open()) + { + file << ""; + file << "\n"; + // close the head tag and open the body tag + file << "\n"; + file.close(); + } +} + +// used for adding tags like this +void HTML::initialize_message(std::string tag, std::string class_) +{ + std::ofstream file; + file.open(location,std::ios::app); + if (file.is_open()) + { + if (class_=="NULL")file << "<" << tag <<">"; + else file << "<" << tag << " class=" << class_ << ">"; + file.close(); + } +} + +void HTML::finalize_message(std::string message) +{ + std::ofstream file; + file.open(location,std::ios::app); + if (file.is_open()) + { + file << ""; + file.close(); + } +} + // This is the method which is actually used to document the html file bool HTML::document(std::wstring tag, std::wstring content) { diff --git a/DOS-ENGINE/html.h b/DOS-ENGINE/html.h index c36d7c6..e4d0586 100644 --- a/DOS-ENGINE/html.h +++ b/DOS-ENGINE/html.h @@ -2,15 +2,20 @@ #pragma once #include -/* -This is the newest feature and will improve later in DOS engine -*/ + +// This class may be useful only to the DOS Engine. +// This calss is used to create generate the HTML file for our dos engine. +// It is unworthy to add create tags and concat it to the string everywhere and it will +// spoil the code so I created a seperate class for this. class HTML { private: std::wstring location; public: - bool create_file(std::wstring location,std::string title,std::string style_sheet); + bool create_file(std::wstring location,std::string title); + void initialize_headers(); + void initialize_message(std::string tag,std::string class_); + void finalize_message(std::string message); bool document(std::wstring tag, std::wstring content); bool finalize_html(); };